| Oracle® Identity Manager Connector Guide for Database User Management Release 9.1.0 E11193-04 |
|
 Previous |
 Next |
| Oracle® Identity Manager Connector Guide for Database User Management Release 9.1.0 E11193-04 |
|
Previous |
Next |
After you deploy the connector, you must test it to ensure that it functions as expected.
You can use the testing utility to identify the cause of problems associated with connecting to the target system and performing basic operations on the target system.
While running the testing utility, the testing utility reads the connectivity information from the IT Resource, lookup definitions from Oracle Identity Manager, and process form data is read from the config.properties file.
While running the testing utility, you must ensure that the connector should be deployed and Oracle Identity Manager should be running. Perform the following steps to test the connector for provisioning:
|
Note: The testing utility might not work for IBM WebSphere Application Server and Oracle WebLogic Server. |
If you are using Oracle Identity Manager release 9.1.0.x, then copy the following files to the OIM_HOME/xellerate/ThirdParty directory:
For IBM WebSphere Application Server:
com.ibm.ws.admin.client_6.1.0.jar from WAS_HOME/AppServer/runtimes
ibmorb.jar from WAS_HOME/AppServer/java/jre/lib
xlDataObjectBeans.jar from OIM_CLIENT/xlclient/lib
For JBoss Application Server:
jbossall-client.jar from JBOSS_HOME/client
log4j.jar from JBOSS_HOME/server/default/lib
xlGenericUtils.jar from OIM_HOME/xellerate/lib
For Oracle WebLogic Server:
weblogic.jar from BEA_HOME/weblogic81/server/lib
If you are using Oracle Identity Manager release 11.1.1, then:
Create the wlfullclient.jar file by using the WebLogic JarBuilder Tool. See Oracle WebLogic Server documentation for more information.
Copy the wlfullclient.jar file to the OIM_HOME/server/ThirdParty directory.
If you are using JDBC drivers other than the ones described in Section 2.1.2.2, "Using External Code Files," then:
If you are using Oracle Identity Manager release 9.1.0.x, then navigate to the OIM_HOME/xellerate/JavaTasks directory.
If you are using Oracle Identity Manager release 11.1.1, then run the Download JARs utility to retrieve the DBUM.jar file from the Oracle Identity Manager database. This utility is copied into the following location when you install Oracle Identity Manager:
|
Note: Verify that the WL_HOME environment variable is set to the directory in which Oracle WebLogic Server is installed. |
For Microsoft Windows:
OIM_HOME/server/bin/DownloadJars.bat
For UNIX:
OIM_HOME/server/bin/DownloadJars.sh
When you run the utility, you are prompted to enter the login credentials of the Oracle Identity Manager administrator, URL of the Oracle Identity Manager host computer, context factory value, type of JAR file being downloaded, and the location from which the JAR file is to be downloaded. Specify 1 as the value of the JAR type.
|
See Also: The "Upload JAR and Resource Bundle Utilities" chapter of Oracle Fusion Middleware Developer's Guide for Oracle Identity Manager for detailed information about the Upload JARs utility |
Extract the contents of the DBUM.jar file into an empty directory by running the following commands:
mkdir xtract cd xtract jar xvf ../DBUM.jar
In a text editor, open the MANIFEST.MF file located in the META-INF directory.
Update the Class-Path attribute by entering the following line to the third party jar used for testing utility as follows:
..\ThirdParty\JAR_FILE_NAME
In this line, replace JAR_FILE_NAME with the name of the driver JAR file.
Sample Value: ..\ThirdParty\mysql-connector-java-5.1.8-bin.jar
Save and close the file.
Rebuild the DBUM.jar file by running the following command at the directory in which you extracted the contents in Step 3.c:
jar -uMvf ../DBUM.jar ./META-INF/MANIFEST.MF
Delete the directory that was used to extract the contents of the DBUM.jar file in Step 3.e.
If you are using Oracle Identity Manager release 9.1.0.x, then replace the DBUM.jar file located in the OIM_HOME/xellerate/JavaTasks directory with the DBUM.jar file built in Step 3.g.
If you are using Oracle Identity Manager release 11.1.1, then:
Modify the attributes of the config.properties file using the values specified in the following table. This file is located in the OIM_HOME/xellerate/XLIntegrations/DBUM/config directory.
| Name | Description | Sample or Default Value |
|---|---|---|
| Attributes Common to all databases | ||
| ACTION | Enter the type of operation that you want to test.
You can specify one of the following values:
|
CREATEUSER |
| IT_RESOURCE_NAME | Enter the name of the IT resource from which connectivity information must be read.
You can specify one of the following values: DB2UDB, MS SQL Server, MySQL, Oracle, Sybase |
Oracle |
| Process Form Fields and Query Code Keys for IBM DB2 UDB | Note: Enter values for these process form fields and query code keys if your target system is IBM DB2 UDB. For all other databases, do not enter values for these process form fields and query code keys of the other databases. | |
| DB2_CREATEUSER_CODE_KEY
DB2_ENABLEUSER_CODE_KEY DB2_DISABLEUSER_CODE_KEY DB2_DELETEUSER_CODE_KEY |
Do not change the default values of these query code keys. | DB2_CREATE_USER
DB2_GRANT_PRIVELEGE DB2_REVOKE_PRIVELEGE DB2_DELETE_USER |
| UD_DB_DB2_U_USERNAME | Enter the user name for the provisioning operation.
Note: This is a mandatory field. If you are planning to test a user delete operation, then you must first ensure that the user exists on the target system. |
johndoe |
| UD_DB_DB2_U_ITRES | This attribute holds the name of the IT resource to be used for the provisioning operation. | DB2UDB |
| UD_DB_DB2_U_USERTYPE | Enter the user type.
You can select one of the following user types: USER and GROUP Note: This is a mandatory field. |
USER |
| Process Form Fields and Query Code Keys for Microsoft SQL Server | Note: Enter values for these process form fields and query code keys if your target system is Microsoft SQL Server. For all other databases, do not enter values for these process form fields and query code keys of the other databases. | |
| UD_DB_SQL_L_LOGIN | Enter the login name for the provisioning operation.
Note: This is a mandatory field. If you are planning to test login enable, disable, or delete operation, then you must first ensure that the user exists on the target system. |
janedoe |
| UD_DB_SQL_L_ITRES | This attribute holds the name of the IT resource to be used for the provisioning operation. | MS SQLServer |
| UD_DB_SQL_L_PASSWORD | Enter the password for the user whose user name you enter as the value of UD_DB_SQL_L_LOGIN in this file.
Note: You must enter a password. |
mypassw0r1 |
| UD_DB_SQL_L_AUTHTYPE | Enter the authentication type.
You can select one of the following authentication types: SQL_SERVER_AUTHENTICATION or WINDOWS_AUTHENTICATION. Note: This is a mandatory field. |
SQL_SERVER_AUTHENTICATION |
| UD_DB_SQL_L_DEFLANG
UD_DB_SQL_L_DEFDB |
Enter values for the columns that you want to use in the provisioning operation.
Note: You can enter values for one or both these columns. If you do not want to enter a value for a particular attribute, then leave it empty. |
NA |
| UD_DB_SQL_U_USERNAME | Enter the user name for the provisioning operation.
Note: This is a mandatory field. If you are planning to test a user delete operation, then you must first ensure that the user exists on the target system. |
rroe |
| UD_DB_SQL_U_LOGINNAME | Enter the login name for the user provisioning operation.
Note: This is a mandatory field. The login name that you enter must exist of the target system. |
|
| UD_DB_SQL_U_ITRES | This attribute holds the name of the IT resource to be used for the provisioning operation. | Sybase |
| UD_DB_SQL_U_AUTHTYPE | Enter the authentication type.
You can select one of the following authentication types: SQL_SERVER_AUTHENTICATION or WINDOWS_AUTHENTICATION. Note: This is a mandatory field. |
SQL_SERVER_AUTHENTICATION |
| Process Form Fields and Query Code Keys for MySQL | Note: Enter values for these process form fields and query code keys if your target system is MySQL Server. For all other databases, do not enter values for these process form fields and query code keys of the other databases. | |
| UD_DB_MYS_U_USER_NAME | Enter the user name for the provisioning operation.
Note: This is a mandatory field. If you are planning to test a user delete operation, then you must first ensure that the user exists on the target system. |
rdoe |
| UD_DB_MYS_U_PASSWORD | Enter the password for the user whose user name you enter as the value of UD_DB_MYS_U_USER_NAME in this file.
Note: You must enter a password. |
mypa55word |
| UD_DB_MYS_U_IT_RESOURCE | This attribute holds the name of the IT resource to be used for the provisioning operation. | MySQL |
| UD_DB_MYS_P_PRIVILEGE | This attribute holds the type od privililege you wanted to grant on the schema provided in UD_DB_MYS_P_SCHEMA_NAME | 1~EXECUTE |
| UD_DB_MYS_P_SCHEMA_NAME | This attribute holds the database schema name on which you wanted to grant privilege | 1~mysql |
| Process Form Fields and Query Code Keys for Oracle Database | Note: Enter values for these process form fields and query code keys if your target system is Oracle Database. For all other databases, do not enter values for these process form fields and query code keys of the other databases. | |
| ORA_CREATEUSER_CODE_KEY
ORA_ENABLEUSER_CODE_KEY ORA_DISABLEUSER_CODE_KEY ORA_DELETEUSER_CODE_KEY ORA_ADDROLE_CODE_KEY ORA_ADDPRIVILEGE_CODE_KEY ORA_UPDATEPASSWORD_CODE_KEY |
Do not change the default values of these query code keys. | ORA_CREATE_USER
ORA_ENABLE_USER ORA_DISABLE_USER ORA_DELETE_USER ORA_ADD_ROLE ORA_ADD_PRIVILEGE ORA_UPDATE_PASSWORD |
| UD_DB_ORA_U_USERNAME | Enter the user name for the provisioning operation.
Note: This is a mandatory field. If you are planning to test a user enable, disable, or delete operation, then you must first ensure that the user exists on the target system. |
johndoe |
| UD_DB_ORA_U_ITRES | This attribute holds the name of the IT resource to be used for the provisioning operation. | Oracle |
| UD_DB_ORA_U_PASSWORD | Enter the password for the user whose user name you enter as the value of UD_DB_ORA_U_USERNAME in this file.
Note: You must enter a password if you select the PASSWORD authentication type as the value of UD_DB_ORA_U_AUTHTYPE in this file. |
mypassw0r1 |
| UD_DB_ORA_U_AUTHTYPE | Enter the authentication type.
You can select one of the following authentication types: PASSWORD, EXTERNAL, or GLOBAL. Note: This is a mandatory field. |
PASSWORD |
| UD_DB_ORA_U_TEMP_QUOTASIZE
UD_DB_ORA_U_GLOBAL_DN UD_DB_ORA_U_TEMPTABLESPACE UD_DB_ORA_U_TABLESPACE UD_DB_ORA_U_PROFILE UD_DB_ORA_U_QUOTASIZE |
Enter values for the columns that you want to use in the provisioning operation.
Note: You can enter values for all or a combination of these columns. If you do not want to enter a value for a particular property, then leave it empty. |
NA |
| UD_DB_ORA_R_ROLE
UD_DB_ORA_R_ADMIN_OPTION |
Enter values for these attributes if you want to provision a role. | For UD_DB_ORA_R_ROLE, enter a value in the format shown in the following sample value:
1~CONNECT For UD_DB_ORA_R_ADMIN_OPTION, enter WITH ADMIN OPTION. |
| UD_DB_ORA_P_PRIVILEGE
UD_DB_ORA_P_ADMIN_OPTION |
Enter values for these attributes if you want to provision a privilege. | For UD_DB_ORA_P_PRIVILEGE, enter a value in the format shown in the following sample value:
1~CREATE SESSION For UD_DB_ORA_P_ADMIN_OPTION, enter WITH ADMIN OPTION. |
| Process Form Fields and Query Code Keys for Sybase | Note: Enter values for these process form fields and query code keys if your target system is Sybase. For all other databases, do not enter values for these process form fields and query code keys of the other databases. | |
| SYB_CREATELOGIN_CODE_KEY
SYB_DELETELOGIN_CODE_KE Y SYB_ENABLELOGIN_CODE_KEY SYB_DISABLELOGIN_CODE_KE SYB_CREATEUSER_CODE_KEY SYB_DELETEUSER_CODE_KEY |
Do not change the default values of these query code keys. | SYB_CREATE_LOGIN
SYB_DELETE_LOGIN SYB_ENABLE_LOGIN SYB_DISABLE_LOGIN SYB_CREATE_USER SYB_DELETE_USER |
| UD_DB_SYB_L_LOGIN | Enter the login name for the provisioning operation.
Note: This is a mandatory field. If you are planning to test a login enable, disable, or delete operation, then you must first ensure that the login exists on the target system. |
johndoe |
| UD_DB_SYB_L_ITRES | This attribute holds the name of the IT resource to be used for the provisioning operation. | Sybase |
| UD_DB_SYB_L_PASSWORD | Enter the password for the user whose user name you enter as the value of UD_DB_SYB_L_LOGIN in this file.
Note: You must enter a password. |
mypassw0r1 |
| UD_DB_SYB_L_FULLNAME
UD_DB_SYB_L_DEFAULTLANG UD_DB_SYB_L_DEFDB |
Enter values for the columns that you want to use in the provisioning operation.
Note: You can enter values for all or a combination of these columns. If you do not want to enter a value for a particular property, then leave it empty. |
NA |
| UD_DB_SYB_U_USERNAME | Enter the user name for the provisioning operation.
Note: This is a mandatory field. If you are planning to test a user enable, disable, or delete operation, then you must first ensure that the user exists on the target system. |
johndoe |
| UD_DB_SYB_U_LOGINNAME | Enter the login name for the user provisioning operation.
Note: This is a mandatory field. The login name that you enter must exist of the target system. |
johndoe |
| UD_DB_SYB_U_ITRES | This attribute holds the name of the IT resource to be used for the provisioning operation. | Sybase |
| UD_DB_SYB_U_DBGROUP | Enter a value for this column.
Note: If you do not want to enter a value for this attribute, then leave it empty. |
NA |
| Attributes Used for Oracle Identity Manager Signature Login (Common to all Databases) | ||
|
XL_HOME_DIR JAVA_SECURITY_AUTH_LOGIN_CONFIG JAVA_NAMING_PROVIDER_URL JAVA_NAMING_FACTORY_INITIAL OIM_LOGIN_USER_ID |
Set values for the following system properties to connect to Oracle Identity Manager:
XL_HOME_DIR: Specify the path of the Oracle Identity Manager home directory. JAVA_SECURITY_AUTH_LOGIN_CONFIG: If you are using Oracle Identity Manager release 9.1.0.x, then:
Note: These files are present in the config directory. If you are using Oracle Identity Manager release 11.1.1, then specify the path of the authwl.conf file. JAVA_NAMING_PROVIDER_URL: Specify the value of the java.naming.provider.url attribute in the Discovery settings in the following file:
JAVA_NAMING_FACTORY_INITIAL: Specify the value of the java.naming.factory.initial attribute in the Discovery settings in the following file:
OIM_LOGIN_USER_ID: Specify the user ID of a user who is a member of the SYSTEM ADMINISTRATORS group. |
NA
For Oracle Identity Manager release 9.1.0.x: OIM_HOME/ xellerate For Oracle Identity Manager release 11.1.1: OIM_HOME/server For Oracle Identity Manager release 9.1.0.x: OIM_HOME/xellerate/config/auth.conf For Oracle Identity Manager release 11.1.1: OIM_HOME/server/config/authwl.conf For IBM WebSphere Application Server: corbaloc:iiop:host:2809 For JBoss Application Server: jnp://host:1099 For Oracle WebLogic Server: t3://host:7001 For IBM WebSphere Application Server: com.ibm.websphere.naming.WsnInitialContextFactory For JBoss Application Server: org.jnp.interfaces.NamingContextFactory For Oracle WebLogic Server: weblogic.jndi.WLInitialContextFactory xelsysadm |
After you specify values in the config.properties file, perform one of the following steps:
If you are using Oracle Identity Manager release 9.1.0.x, then run the following file:
For UNIX:
OIM_HOME/xellerate/XLIntegrations/DBUM/scripts/DBUMTestingUtility.sh
For Microsoft Windows:
OIM_HOME/xellerate/XLIntegrations/DBUM/scripts/DBUMTestingUtility.bat
If you are using Oracle Identity Manager release 11.1.1, then run the following file:
For UNIX:
OIM_HOME/server/XLIntegrations/DBUM/scripts/DBUMTestingUtility.sh
For Microsoft Windows:
OIM_HOME/server/XLIntegrations/DBUM/scripts/DBUMTestingUtility.bat
The following table lists details of column names for Create User and Update User operations given in the config.properties:
| Attributes | Labels |
|---|---|
| DB2 database | |
| UD_DB_DB2_U_USERNAME | Username |
| UD_DB_DB2_U_ITRES | IT Resource |
| UD_DB_DB2_U_USERTYPE | User Type |
| MSSQL database | |
| UD_DB_SQL_L_LOGIN | Login Name |
| UD_DB_SQL_L_PASSWORD | Password |
| UD_DB_SQL_L_AUTHTYPE | Authentication Type |
| UD_DB_SQL_L_ITRES | IT Resource |
| UD_DB_SQL_L_DEFLANG | Default Language |
| UD_DB_SQL_L_DEFDB | Default DataBase |
| UD_DB_SQL_U_USERNAME | Username |
| UD_DB_SQL_U_LOGINNAME | Login Name |
| UD_DB_SQL_U_AUTHTYPE | Authentication Type |
| UD_DB_SQL_U_ITRES | IT Resource |
| MySQL database | |
| UD_DB_MYS_U_USER_NAME | Username |
| UD_DB_MYS_U_IT_RESOURCE | IT Resource |
| UD_DB_MYS_U_PASSWORD | Password |
| Oracle Database | |
| UD_DB_ORA_U_USERNAME | Username |
| UD_DB_ORA_U_ITRES | IT Resource |
| UD_DB_ORA_U_PASSWORD | Password |
| UD_DB_ORA_U_AUTHTYPE | Authentication Type |
| UD_DB_ORA_U_TEMP_QUOTASIZE | Temporary Tablespace Quota (in MB) |
| UD_DB_ORA_U_GLOBAL_DN | Global DN |
| UD_DB_ORA_U_TEMPTABLESPACE | Temporary Tablespace |
| UD_DB_ORA_U_TABLESPAC | Default Tablespace |
| UD_DB_ORA_U_PROFILE | Profile Name |
| UD_DB_ORA_U_QUOTASIZE | Default Tablespace Quota (in MB) |
| UD_DB_ORA_R_ROLE | Role |
| UD_DB_ORA_R_ADMIN_OPTION | Role Admin Option |
| UD_DB_ORA_P_PRIVILEGE | Privilege |
| UD_DB_ORA_P_ADMIN_OPTION | Privilege Admin Option |
| Sybase database | |
| UD_DB_SYB_L_LOGIN | Login Name |
| UD_DB_SYB_L_PASSWORD | Password |
| UD_DB_SYB_L_ITRES | IT Resource |
| UD_DB_SYB_L_FULLNAME | Full Name |
| UD_DB_SYB_L_DEFAULTLANG | Default Language |
| UD_DB_SYB_L_DEFDB | Default Database |
| UD_DB_SYB_U_USERNAME | Username |
| UD_DB_SYB_U_LOGINNAME | Login Name |
| UD_DB_SYB_U_ITRES | IT Resource |
| UD_DB_SYB_U_DBGROUP | Database Group |
