Oracle® Identity Manager Connector Guide for Microsoft Active Directory Password Synchronization Release 9.1.1 Part Number E11218-06 |
|
|
View PDF |
This chapter provides an overview of the updates made to the software and documentation of the Microsoft Active Directory Password Synchronization connector in release 9.1.1.
The updates discussed in this chapter are divided into the following categories:
This section describes updates made to the connector software. This section also points out the sections of this guide that have been changed in response to each software update.
Documentation-Specific Updates
This section describes major changes made to this guide. For example, the relocation of a section from the second chapter to the third chapter is a documentation-specific update. These changes are not related to software updates.
The following sections discuss software updates:
The following are software updates in release 9.1.0:
The password synchronization connector has separate installers for Microsoft Active Directory running on 32-bit and 64-bit Microsoft Windows.
An Oracle Identity Manager flag field is used to track password changes propagated by the connector. In earlier releases, you had to manually create this field in Oracle Identity Manager. From this release onward, the field is automatically created in Oracle Identity Manager when you install the Microsoft Active Directory User Management connector.
The password synchronization connector supports signature-based authentication. This is an alternative to password-based authentication for connecting to Oracle Identity Manager during password synchronization operations.
Information specific to signature-based authentication has been provided at various places in this guide.
The following is a software update in release 9.1.0.1:
A single installer has been developed for Microsoft Active Directory running on 32-bit and 64-bit Microsoft Windows. Corresponding changes have been made in this release of the guide.
The following are software updates in release 9.1.1:
No Dependency on the Microsoft Active Directory User Management Connector
Support for Storing Configuration Parameters in the Registry
Support for Retrying Password Propagation when Oracle Identity Manager is not Available
No Requirement for Creating an Attribute in Microsoft Active Directory to Track Password Changes
The architecture of the password synchronization connector has been completely modified. Major changes made in the new, fault-tolerant architecture of the connector are discussed in the subsequent sections.
In earlier releases, you had to install the Microsoft Active Directory User Management connector before you could start using the password synchronization connector. From this release onward, the password synchronization connector does not use any component of the user management connector. At the same time, password propagation from Microsoft Active Directory to Oracle Identity Manager can be configured to complement the features offered by the user management connector.
In earlier releases, the connector used the Oracle Identity Manager APIs for password propagation from Active Directory to Oracle Identity Manager. From this release onward, the connector uses SPML Web service for password propagation to Oracle Identity Manager.
The connector stores all configuration parameters of the connector in the Microsoft Windows Registry. This enables you to reconfigure the configuration parameters without reinstalling the connector. This feature also replaces the xlconfig.xml file that was used to store configuration parameters in earlier releases.
See "Reconfiguring the Connector" for more information.
In the earlier releases, if Oracle Identity Manager was not available, then the connector did not retry propagating the password to Oracle Identity Manager. From this release onward, the connector retries password propagation if Oracle Identity manager is not available.
See "Connector Architecture" for more information.
In earlier releases, the connector required an attribute to be created in Microsoft Active Directory to act as a flag for tracking password changes initiated by Oracle Identity Manager. From this release onward, this attribute is not required.
In earlier releases, if you had changed the password of the account that the connector used to log in to Oracle Identity Manager during a password synchronization operation, then you had to reinstall the connector with the changed password. From this release onward, you can reconfigure the connector whenever you change the login credentials of the account that the connector uses for logging in to Oracle Identity Manager during a password synchronization operation. This eliminates the need for reinstalling the connector.
See "Reconfiguring the Connector" for more information.
The following are issues resolved in release 9.1.1:
Bug Number | Issue | Resolution |
---|---|---|
7276037 | IT resource name in the adsynch.log file was not localized. | This issue does not apply for this release of the connector. In this release, the IT resource name is not recorded in the log file. |
7272742 and 7293723 | After you installed the connector, logging was automatically enabled. You could not disable it. In addition, you could not specify or change or the log level. | This issue has now been resolved. You can now enable and disable logging for the password synchronization connector.
See "Enabling and Disabling Logging" for more information. |
In the "Known Issues" chapter, the following item has been added:
Bug 8361237
Information about events that occur during connector installation are recorded in the oimpwdsync.log file, which is located in the %TEMP% directory.
The oimpwdsync.log file is not deleted when you reinstall or reconfigure the password synchronization connector.
Major changes have been made in the structure of the guide. The objective of these changes is to synchronize the guide with the changes made to the connector and to improve the usability of information provided by the guide.See "Roadmap for Deploying and Using the Connector" for detailed information about the organization of content in this guide.
In the Deploying the Connector chapter, the "Determining the Release Number of the Connector" section has been removed.
In the Known Issues chapter:
Bug 7155390 has been removed as the bug had been resolved in release 9.1.0.1 of the connector.
Known issue has been added.
In the "Verifying Deployment Requirements" section, changes have been made in the "Target systems and target system host platforms" row.