What's New in the Oracle Identity Manager Connector for RSA Authentication Manager?

This chapter provides an overview of the updates made to the software and documentation for the RSA Authentication Manager connector in release 9.1.0.7.

Note: Release 9.1.0.7 of the connector comes after release 9.1.0. Release numbers 9.1.0.1 through 9.1.0.6 have not been used.

The updates discussed in this chapter are divided into the following categories:

• Software Updates

  These include updates made to the connector software.

• Documentation-Specific Updates

  These include major changes made to the connector documentation. These changes are not related to software updates.

Software Updates

The following sections discuss software updates:

• Software Updates in Release 9.1.0

• Software Updates in Release 9.1.0.7

Software Updates in Release 9.1.0

The following are software updates in release 9.1.0:

• Changes in the List of Certified Target System Versions

• Change in the Minimum Oracle Identity Manager Release Requirement

• SOAP-Based Communication with the Target System

• No Requirement for a Remote Manager

• Dedicated Support for Target Resource Reconciliation

• Transformation and Validation of Account Data

• Support for Creating Copies of Connector Objects

• Support for Mapping New Custom Attributes for Reconciliation and Provisioning

• Inclusion of Javadocs in the Connector Deployment Package

• Resolved Issues in Release 9.1.0

Changes in the List of Certified Target System Versions

From this release onward, the connector is certified to work with RSA Authentication Manager 7.1 (with SP3 or later).

See Section 1.1, "Certified Components" for information about the certified components.

Change in the Minimum Oracle Identity Manager Release Requirement

From this release onward, Oracle Identity Manager release 9.1.0.2 BP05 is the minimum required Oracle Identity Manager release. JDK 1.5 is the minimum JDK requirement.

See Section 1.1, "Certified Components" for more information.

SOAP-Based Communication with the Target System

The connector supports SSL-secured SOAP-based communication between Oracle Identity Manager and the target system.

See Section 2.3.13, "Configuring Connection Parameters" for more information.

No Requirement for a Remote Manager

Earlier releases of the connector required you to install a Remote Manager on the target system host computer. From this release onward, you do not need to use a Remote Manager.

Dedicated Support for Target Resource Reconciliation

The connector provides all the features required for setting up RSA Authentication Manager as a managed (target) resource of Oracle Identity Manager. You cannot use the connector to set up RSA Authentication Manager as a trusted source of Oracle Identity Manager.

See Section 1.3, "Connector Architecture" for more information.

Transformation and Validation of Account Data

You can configure validation of account data that is brought into or sent from Oracle Identity Manager during reconciliation and provisioning. In addition, you can configure transformation of account data that is brought into Oracle Identity Manager during reconciliation. The following sections provide more information:

• Section 4.4, "Configuring Validation of Data During Reconciliation and Provisioning"

• Section 4.5, "Configuring Transformation of Data During Reconciliation"

Support for Creating Copies of Connector Objects

The Lookup.RSA.AuthManager.Configuration lookup definition has been introduced in this release. Some of the entries in this lookup definition facilitate the use of connector objects that you create. For example, if you create a copy of the process form for users, then you can specify the details of that new process form in the Lookup.RSA.AuthManager.Configuration lookup definition.

See Section 2.3.10, "Setting Up the Configuration Lookup Definition in Oracle Identity Manager" for more information.

Support for Mapping New Custom Attributes for Reconciliation and Provisioning

All the standard RSA Authentication Manager attributes are mapped for reconciliation and provisioning. You can also add custom attributes on the target system and then map them with Oracle Identity Manager.

See the following sections for more information:

• Section 4.2, "Adding New User or Token Attributes for Reconciliation"

• Section 4.3, "Adding New User or Token Attributes for Provisioning"

Inclusion of Javadocs in the Connector Deployment Package

To facilitate reuse and customization of some parts of the connector code, Javadocs are included in the connector deployment package.

Resolved Issues in Release 9.1.0

The following are issues resolved in release 9.1.0:

Bug Number	Issue	Resolution
9300135	The connector supported setting of Start Time and End Time only in hours. It did not support setting of both hours and minutes. This was because the RSA Authentication Manager 6.x API did not support specifying the time in minutes.	This issue has been resolved. The RSA Authentication Manager 7.1 API supports setting Start Time and End Time in hours and minutes. The connector uses this feature of the API.
9300198	Multiple scheduled tasks could not be configured because the RSA Authentication Manager 6.x API was not thread-safe.	This issue has been resolved. The connector includes scheduled tasks that can be run concurrently because the RSA Authentication Manager 7.1 API supports this feature.

Software Updates in Release 9.1.0.7

The following are software updates in release 9.1.0.7:

• Support for New Oracle Identity Manager Release

• Support for Request-Based Provisioning

• Support for Batched Reconciliation

• Support for Setting a PIN and the Token Lost Attribute

Support for New Oracle Identity Manager Release

From this release onward, the connector can be installed and used on Oracle Identity Manager 11g release 1 (11.1.1). Where applicable, instructions specific to this Oracle Identity Manager release have been added in the guide.

See Section 1.1, "Certified Components" for the full list of certified Oracle Identity Manager releases.

Support for Request-Based Provisioning

From this release onward, the connector provides support for request-based provisioning on Oracle Identity Manager 11g release 1 (11.1.1).

See Section 3.8.2, "Request-Based Provisioning" for more information.

Support for Batched Reconciliation

From this release onward, you can configure the connector for batched reconciliation of records from the target system.

See Section 3.4.3, "Batched Reconciliation" for more information.

Support for Setting a PIN and the Token Lost Attribute

From this release onward, you can use the connector to set values for the following during provisioning operations:

• A PIN for a token that is assigned to a user.

• The Token Lost attribute when the token device is lost.

Section 1.4.11, "Support for Setting a PIN and the Token Lost Attribute" mentions this feature.

Documentation-Specific Updates

The following sections discuss documentation-specific updates:

• Documentation-Specific Updates in Release 9.1.0

• Documentation-Specific Updates in Release 9.1.0.7

Documentation-Specific Updates in Release 9.1.0

Major changes have been made in the structure of the guide. The objective of these changes is to synchronize the guide with the changes made to the connector and to improve the usability of information provided by the guide.

See Section 1.8, "Roadmap for Deploying and Using the Connector" for information about the organization of content in this guide.

In the "Known Issues and Limitations" chapter, items that have been addressed or are not applicable to this release have been removed.

Documentation-Specific Updates in Release 9.1.0.7

The following are the documentation specific updates in release 9.1.0.7:

• Information in Section 2.3.6, "Copying Target System Files on Oracle Identity Manager" has been modified.

• The following sections have been added: 

  • Section 2.3.12, "Modifying the Process Form"

  • Section 2.3.14, "Creating Authorization Policies for User Management"