1 About the Connector

Oracle Identity Manager automates access rights management, security, and provisioning of IT resources. Oracle Identity Manager connectors are used to integrate Oracle Identity Manager with third-party applications. This guide discusses the procedure to deploy the connector that is used to integrate Oracle Identity Manager with Novell eDirectory.

This chapter contains the following sections:

Reconciliation Module
Provisioning Module
Supported Functionality
Multilanguage Support
Files and Directories On the Installation Media
Determining the Release Number of the Connector

Note:

In this guide, the term Oracle Identity Manager server refers to the computer on which Oracle Identity Manager is installed.

At some places in this guide, Novell eDirectory has been referred to as the target system.

1.1 Reconciliation Module

Reconciliation involves duplicating in Oracle Identity Manager the creation of and modifications to user accounts on the target system. It is an automated process initiated by a scheduled task that you configure.

See Also:

The "Deployment Configurations of Oracle Identity Manager" section in Oracle Identity Manager Connector Concepts Guide for conceptual information about reconciliation configurations

Based on the type of data reconciled from the target system, reconciliation can be divided into the following types:

Lookup Fields Reconciliation
User Reconciliation

1.1.1 Lookup Fields Reconciliation

Lookup fields reconciliation involves reconciling organization, organizational unit, group, role, domain scope, and profile master data.

1.1.2 User Reconciliation

User reconciliation involves reconciling the fields discussed in this section.

1.1.2.1 Reconciled Resource Object Fields

The following fields are reconciled:

Note:

These fields do not have the ldap prefix.

User ID
First Name
Last Name
Middle Name
Department
Location
Telephone
Email
Communication Language
Timezone
Logon Script
Title
Profile
Organization Unit
Security Group (multiple group names can be entered)
Role
- Role Name
- Scope
- Inheritance
Trustee Rights
- Property
- Supervisor
- Read
- Write
- Compare
- Add Self
Network Address

1.1.2.2 Reconciled Xellerate User (OIM User) Fields

The following fields are reconciled only if reconciliation is implemented in trusted mode:

User ID
Organization
First Name
Last Name
User Type
Employee Type

1.2 Provisioning Module

Provisioning involves creating or modifying a user's account information on the target system through Oracle Identity Manager. You use the Oracle Identity Manager Administrative and User Console to perform provisioning operations.

See Also:

The "Deployment Configurations of Oracle Identity Manager" section in Oracle Identity Manager Connector Concepts Guide for conceptual information about provisioning

For this target system, the following fields are provisioned:

User ID
First Name
Last Name
Middle Name
Department
Location
Telephone
Email
Communication Language
Timezone
Logon Script
Title
Profile
Organization Unit
Server Name
Security Group
Role
- Role Name
- Scope
- Inheritance
Trustee Rights
- Property
- Supervisor
- Read
- Write
- Compare
- Add Self
Network Address

For provisioning of organizational units, groups, and roles, refer to the "Supported Functionality" section.

1.3 Supported Functionality

The following table lists the functions that are available with this connector.

Process Task	Type	Description
Create User	Provisioning	Creates a user in Novell eDirectory
Delete User	Provisioning	Deletes a user in Novell eDirectory
Enable User	Provisioning	Enables a user in Novell eDirectory
Disable User	Provisioning	Disables a user in Novell eDirectory
Move User	Provisioning	Moves a user from one container to another in Novell eDirectory Note: The Move User provisioning operation is not supported when the Novell eDirectory and Novell GroupWise resources are provisioned to an OIM User. This is because the association between the Novell GroupWise mailbox and Novell eDirectory object is lost after the Move User provisioning operation.
Update User Password	Provisioning	Updates the password of a user in Novell eDirectory
Add User to Group	Provisioning	Adds a user to a group in Novell eDirectory
Remove User from Group	Provisioning	Removes a user from a group in Novell eDirectory
Assign Role to User	Provisioning	Assigns a role to a user in Novell eDirectory
Remove Assigned Role from User	Provisioning	Removes a role from a user in Novell eDirectory
Assign Trustee Right to User	Provisioning	Adds a trustee right to a user in Novell eDirectory
Remove Trustee Right from User	Provisioning	Removes a trustee right from a user in Novell eDirectory
Add Network Address Restriction to User	Provisioning	Adds a network address restriction to a user in Novell eDirectory
Remove Network Address Restriction from User	Provisioning	Removes a network address restriction from a user in Novell eDirectory
Create OU	Provisioning	Creates an organizational unit
Change OU Name	Provisioning	Changes an organization name
Delete OU	Provisioning	Deletes an organizational unit
Move OU	Provisioning	Moves the organization sub unit to another parent organizational unit
Create eDirectory Group	Provisioning	Creates a Novell eDirectory group
Delete eDirectory Group	Provisioning	Deletes a Novell eDirectory group
New Group Name Updated	Provisioning	Updates the group name
Create eDirectory Role	Provisioning	Creates a Novell eDirectory role
Delete eDirectory Role	Provisioning	Deletes a Novell eDirectory role
New Role Name Updated	Provisioning	Updates a role name
Create User	Reconciliation	Creates a user in Oracle Identity Manager
Delete User	Reconciliation	Deletes a user from Oracle Identity Manager
Enable User	Reconciliation	Enables a user in Oracle Identity Manager
Disable User	Reconciliation	Disables a user in Oracle Identity Manager
Move User	Reconciliation	Moves a user from one container to another in Oracle Identity Manager
Add User to Group	Reconciliation	Adds a user to a group in Oracle Identity Manager
Remove User from Group	Reconciliation	Removes a user from a group in Oracle Identity Manager
Assign Role to User	Reconciliation	Assigns a role to a user in Oracle Identity Manager
Remove Assigned Role from User	Reconciliation	Removes a role from a user in Oracle Identity Manager
Assign Trustee Right to User	Reconciliation	Adds a trustee right to a user in Oracle Identity Manager
Remove Trustee Right from User	Reconciliation	Removes a trustee right from a user in Oracle Identity Manager
Add Network Address Restriction to User	Reconciliation	Adds a network address restriction to a user in Oracle Identity Manager
Remove Network Address Restriction from User	Reconciliation	Removes a network address restriction from a user in Oracle Identity Manager
Reconciliation Insert Received	Reconciliation	Inserts a user in Oracle Identity Manager
Reconciliation Update Received	Reconciliation	Updates a user in Oracle Identity Manager

See Also:

Appendix A for information about attribute mappings between Oracle Identity Manager and Novell eDirectory

1.4 Multilanguage Support

This release of the connector supports the following languages:

Arabic
Chinese Simplified
Chinese Traditional
Danish
English
French
German
Italian
Japanese
Korean
Portuguese (Brazilian)
Spanish

See Also:

Oracle Identity Manager Globalization Guide for information about supported special characters

1.5 Files and Directories On the Installation Media

The files and directories on the installation media are listed in Table 1-1.

Table 1-1 Files and Directories On the Installation Media

File in the Installation Media Directory	Description
configuration/EDirectory-CI.xml	This XML file contains configuration information that is used during connector installation.
lib/eDirProv.jar	This JAR file contains the class files required for provisioning. During connector deployment, this file is copied into the following directory: OIM_HOME/xellerate/JavaTasks
lib/eDirRecon.jar	This JAR file contains the class files required for reconciliation. During connector deployment, this file is copied into the following directory: OIM_HOME/xellerate/ScheduleTask
Files in the `resources` directory	Each of these resource bundles contains language-specific information that is used by the connector. During connector deployment, these resource bundles are copied into the following directory: OIM_HOME/xellerate/connectorResources Note: A resource bundle is a file containing localized versions of the text strings that are displayed on the user interface of Oracle Identity Manager. These text strings include GUI element labels and messages displayed on the Administrative and User Console.
Files in the `test/troubleshoot` directory	These files are used to implement test cases that are run by using the testing utility.
xml/eDirResourceObject.xml	This XML file contains definitions for the following components of the connector: IT resource type Process form Process tasks and adapters (along with their mappings) Resource object Provisioning process Pre-populate rules Reconciliation process Lookup definitions
xml/eDirXLResourceObject.xml	This XML file contains the configuration for the Xellerate User (OIM User). You must import this file only if you plan to use the connector in trusted source reconciliation mode.

Note:

The files in the test/troubleshoot directory are used only to run tests on the connector.

1.6 Determining the Release Number of the Connector

You might have a deployment of an earlier release of the connector. While deploying the latest release, you might want to know the release number of the earlier release. To determine the release number of the connector that has already been deployed:

In a temporary directory, extract the contents of the following JAR file:
```
OIM_HOME/xellerate/JavaTasks/eDirProv.jar
```
Open the manifest.mf file in a text editor. The manifest.mf file is one of the files bundled inside the eDirProv.jar file.

In the manifest.mf file, the release number of the connector is displayed as the value of the Version property.