Skip Headers
Oracle® Identity Manager Connector Guide for Oracle Internet Directory
Release 9.0.4

Part Number E10436-07
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
View PDF

What's New in Oracle Identity Manager Connector for Oracle Internet Directory?

This chapter provides an overview of the updates made to the software and documentation for the Oracle Internet Directory connector in release 9.0.4.6.

See Also:

The earlier release of this guide for information about updates that were new for that release

The updates discussed in this chapter are divided into the following categories:

Software Updates

The following sections discuss updates made from release 9.0.4 to the current release of the connector:

Software Updates in Release 9.0.4.1

The following is a software update in release 9.0.4.1:

Changes in the Directory Structure of the Connector Files on the Installation Media

The xliOID.jar file has been split into two files, OIDProv.jar and OIDRecon.jar. Corresponding changes have been made in the following sections:

Software Updates in Release 9.0.4.1_6673431

The following are resolved issues in release 9.0.4.1_6673431:

Bug Number Issue Resolution
6673431 Delete reconciliation was run after trusted source reconciliation. This sequence resulted in deletion of some OIM Users who were not actually deleted on the target system. This issue has been resolved. During a trusted source reconciliation run, the API that implements Delete reconciliation is called before reconciliation of existing target system records.

Software Updates in Release 9.0.4.2

The following are resolved issues in release 9.0.4.2:

Bug Number Issue Resolution
7003824 If you added an object class and its attributes, then subsequent Create User provisioning operations failed. An error message similar to the following one was displayed as the outcome of the provisioning operations:

"Unable to add attributes of the object[LDAP: error code 65 - associatedDomain attribute not found. Mandatory Attribute missing.]"

This issue has been resolved. You can now add an object class and then perform Create User provisioning operations. See "Adding New Object Classes for Provisioning and Reconciliation" for more information.

Note: A trusted source reconciliation run fails if it involves user-defined fields (UDFs). This issue is tracked through Bug 7047363.


Software Updates in Release 9.0.4.3

The following is a software update in release 9.0.4.3:

Using the Connector Installer

From Oracle Identity Manager release 9.1.0 onward, the Administrative and User Console provides the Connector Installer feature. This feature can be used to automate the connector installation procedure.

See "Installing the Connector on Oracle Identity Manager Release 9.1.0 or Later" for details.

Software Updates in Release 9.0.4.4

The following are resolved issues in release 9.0.4.4:

Bug Number Issue Resolution
7257647 The connector did not support batched or paged reconciliation. There were performance issues related to this limitation. The connector now supports paged reconciliation. You can implement this feature if the target system is Oracle Internet Directory 10.1.4.0.1 or later. See "Paged Reconciliation" for more information.
7306055 There was scope for improvement in the performance of the following provisioning operations:
  • Adding or removing a user from a group

  • Granting or removing a role from a user

The performance of provisioning operations that involve group or role membership changes has been enhanced.

Software Updates in Release 9.0.4.5

The following are resolved issues in release 9.0.4.5:

Bug Number Issue Resolution
7564492, 6334595, 6317860 Incremental reconciliation was not supported.

If you deleted one user from one organization on the target system and then performed trusted source delete reconciliation, then all users were deleted from all organizations in Oracle Identity Manager.

During reconciliation, user data was fetched from the target system, regardless of whether or not it had been modified.

Incremental reconciliation is now supported.
6312504 IT resource parameters for the names of the lookup definitions for reconciliation and provisioning were set to NULL when you restarted Oracle Identity Manager. The names of the lookup definitions are set as the default values of the IT resource parameters. These parameters are not set to NULL when you restart Oracle Identity Manager.
6168631 In earlier releases, you had to use the orcladmin account on the target system for reconciliation and provisioning operations. This issue has been resolved. You can now create a user on the target system, assign the minimum required permissions to the user, and then use it for connector operations.
6312344 The default value of the Organization DN field on the Administrative and User Console was cn=user. The Organization DN field has been changed to a lookup field, and the default value has been removed. You can now select a value in this lookup field.
6804852 The Manager ID field was not available for reconciliation and provisioning. The Manager ID field has been added to the list of fields that are available for reconciliation and provisioning.
7233799 At the end of a successful provisioning operation, the "Mapping Not Found" message was recorded in the log file. This message has now been removed. This issue has been resolved. The "Mapping Not Found" message is no longer recorded in the log file at the end of a successful provisioning operation.

The following are some of the entries in the AttrName.Prov.Map.OID lookup definition. You must ensure that these entries are not changed.

ldapUserID: cn

ldapFirstName: givenName

ldapLastName: sn

ldapPassword: userPassword

6987536 The Start Date and End Date fields of the target system were not used by the connector. This issue has been resolved. The Start Date and End Date fields have been added for reconciliation and provisioning operations.
7022721 The process form had two fields for two object classes. This imposed a limitation on the number of objectclasses to which a user could be assigned during a Create User provisioning operation. This issue has been resolved. The Objectclassess field replaces the two fields on the process form. You can enter a list of objectclasses in this field during a provisioning operation. Use the vertical bar (|) as the delimiter character in the list of objectclasses.
7047363 You could not add to the default attribute mappings for reconciliation. This issue has been resolved. You can now use the AttrName.Recon.Map.OID lookup definition to add attributes for reconciliation. See "Adding the Object Class and its Attributes to the Lookup Definition for Reconciliation" in the connector guide for more information.
6490731 The length of the Password field was 14 bytes. The length of the Password field has been increased to 30 bytes.
7434067 A reconciliation error was encountered if you applied a custom reconciliation query that filtered user records by both role assignment and group membership. For example, application of the following reconciliation query would result in an error:

role=role1&group=group1

This issue has been resolved. Any combination of the following attributes can be used in the query:
  • givenname

  • sn

  • givenname&sn

  • group

  • role

  • givenname&group

  • givenname&role

  • group&role

Limitation: The custom reconciliation query must not include field values that contain any of the following characters:

  • & (ampersand)

  • | (vertical bar)

  • = (equal sign)

In addition, the field values must not contain the word "group" or "role."

The following are examples of query conditions that are invalid:

givenname="mary&brown"

This value is invalid because it contains the ampersand (&).

givenname="johngroup"

This value is invalid because it contains the word group.

7360833 The name of the IT resource type for all LDAP-based connectors was LDAP Server. This issue has been resolved. The IT resource type for the Oracle Internet Directory connector has been renamed to "OID IT Resource."
7308328 A space after a comma in the DN value would cause a reconciliation error. This issue has been resolved. DN values that have a space after the comma are now correctly reconciled.

You implement this solution by copying the JAR files as part of the deployment procedure.

7218933 The "INSUFFICIENT_INFORMATION_PROVIDED" message was displayed if any process form field was left empty during a provisioning operation. The field itself was not pointed out by the message. This issue has been resolved. The name of the field in which a value has not been provided is included in the message displayed on the console.
7120339 The INSUFFICIENT_INFORMATION_PROVIDED error message was not mapped in the resource bundle. This issue has been resolved. The error message is now mapped in the resource bundle.
7165810 When you changed the name of an organizational unit through a provisioning operation, the existing OU was deleted and then re-created with the new name that you specified. This issue has been resolved. The name of the OU is actually changed when you perform the Change OU Name provisioning operation. The OU is not deleted and re-created with the new name.

You implement this solution by copying the JAR files as part of the deployment procedure.

6275476 On the target system, DNs of groups are not case-sensitive. In Oracle Identity Manager, group DNs are case-sensitive. This caused problems during reconciliation of group membership details.
  • This issue has been resolved. Group DNs are converted to lowercase before they are reconciled into the group lookup definition in Oracle Identity Manager. In other words, Oracle Identity Manager does not perform a case-sensitive check on group names.
  • You implement this solution by copying the JAR files as part of the deployment procedure.

7423099 Special characters were not supported in the First Name and Last Name fields on the process form. This issue has been resolved. See "Provisioning Module" in the connector guide for information about the special characters that are supported in process form fields.

You implement this solution by copying the JAR files as part of the deployment procedure.

6489877 The connector supported neither Mode 1 nor Mode 2 secure connections to Oracle Internet Directory. The connector supports Mode 1 secure connections to Oracle Internet Directory.

See "Configuring SSL" in the connector guide for detailed information.

7564599 During a Create Group provisioning operation, it was mandatory to specify a parent OU for the group. This issue has been resolved. If a parent OU is not specified, then the group is created under the DN context.
7601582 The User Deletion Successful message was displayed when the Delete User provisioning operation was performed on a user who had already been deleted on the target system. The message has been corrected.
7301659 The orclguid field of the target system stores identifier for each LDAP entry in Oracle Internet Directory. The connector did not fetch and store the orclguid of target system users. This issue has been resolved. The connector now retrieves and stores the orclguid field of target system users.

Software Updates in Release 9.0.4.6

The following are the software updates in release 9.0.4.6:

Support for Reconciliation and Provisioning of Multivalued Attributes

From this release onward, the connector supports the reconciliation and provisioning of multivalued attributes. See "Adding New Multivalued Attributes for Reconciliation and Provisioning" for the procedure to add new multivalued attributes for reconciliation and provisioning.

Support for New Target System

From this release onward, the connector adds support for Oracle Internet Directory 11gR1 as the target system.

This target system is mentioned in the "Verifying Deployment Requirements" section of the connector guide.

Documentation-Specific Updates

The following sections discuss documentation-specific updates in the guide:

Documentation-Specific Updates in Releases 9.0.4.1 Through 9.0.4.5

The following documentation-specific update has been made in releases 9.0.4.1 through 9.0.4.5:

Documentation-Specific Updates in Release 9.0.4.6

The following documentation-specific updates have been made in release 9.0.4.6: