| Oracle® Identity Manager Connector Guide for Microsoft Active Directory User Management Release 9.1.1 Part Number E11197-07 |
|
|
View PDF |
| Oracle® Identity Manager Connector Guide for Microsoft Active Directory User Management Release 9.1.1 Part Number E11197-07 |
|
|
View PDF |
The following are known issues associated with this release of the connector:
Bug 5526185
On the target system, you can use one of the following methods to change the group membership details of a user account:
Edit the user account and directly change the group membership details.
Edit the group and add or modify the user's membership details.
During both operations, only the group object is time stamped. Incremental reconciliation from the target system is based on the time stamp of the user object. Therefore, group membership changes made to a user account are not reconciled into Oracle Identity Manager.
Note:
This known issue affects only reconciliation of updates to group membership details. Reconciliation of new group membership details is not affected.Bug 7225753 and 7232276
Through provisioning, you cannot move a target system user from one domain controller to another. This is because the IT resource enables you to specify only a single domain controller as the target system.
Bug 7003816
Microsoft ADAM does not support the "User must change password at next logon" attribute. In order for provisioning to be successful, this attribute (check box) must not be checked when the target system in ADAM.
Bug 7136085
The Country lookup field displays country names in English, regardless of the locale you select.
Bug 7212391
The ADITResource IT resource is created by default when you install the connector. If you want to use the Invert Display Name parameter of the IT resource, then you must use the ADITResource IT resource. If you create and use a new IT resource with a different name, then the Invert Display Name parameter is not used.
Bug 7296381
If Oracle Identity Manager is using Microsoft SQL Server, then a limit is imposed on the total character length of all the fields on the process form. During the connector installation process, this check is implemented when the Deployment Manager imports the connector XML files. If the combined length of the process form fields is determined to be more than 8060 characters, then the XML file is not imported.
To work around this requirement, the character lengths of some process form fields are kept less than their target system counterparts. For example, although the length of the Department field on the target system is 64 characters, the length of this field on the process form is 40 characters.
After you deploy the connector, you can modify the lengths of the process form fields. See Appendix A, "Character Lengths of Target System Fields and Process Form Fields" for a listing of the fields whose lengths are different on the target system and the process form. This appendix also describes the procedure to use the Design Console for modifying the lengths of the process form fields.
Bug 7207232
Some Asian languages use multibyte character sets. If the character limit for fields on the target system is specified in bytes, then the number of Asian-language characters that you can enter in a particular field may be less than the number of English-language characters that you can enter in the same field. The following example illustrates this point:
Suppose you can enter 50 characters of English in the User Last Name field of the target system. If you have configured the target system for the Japanese language, then you would not be able to enter more than 25 characters in the same field.
Bug 7126712
After you revoke the Microsoft Active Directory resource of an OIM User, if you run the AD User Target Delete Recon scheduled task, then the button to provision new Active Directory resources for the user is disabled.
Bug 8346302
During first-time reconciliation of a resource, the status of the resource is set to Enabled or Disabled instead of Provisioned.
Bug 6736667
Critical extensions in an SSL certificate are not supported.
Bug 8262055
The following issue is observed when the Remote Manager is not running (that is, not in use):
If you perform an Update User provisioning operation on a resource created through target resource reconciliation, then the Terminal Allow Login Updated process task is triggered. The status of the task is shown as Rejected on the Administrative and User Console. However, the Update User operation gives the expected results, and it is not affected by rejection of the Terminal Allow Login Updated process task.
|
 Copyright © 2009, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|
