Go to main content
1/15
Contents
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Documentation Updates
Conventions
What's New in Oracle Identity Manager Connector for UNIX?
Software Updates
Software Updates in Release 11.1.1.7.0
Software Updates in Release 11.1.1.6.0
Software Updates in Release 11.1.1.5.0
ICF Based Connector
Support for Switching Between SSH and Telnet Protocols
Support for Running Custom Scripts
Support for Configuring the Connector for a New Target System
Support for Multiple Instances and Multiple Versions of UNIX
Support for Addition of New Fields
Support for Resource Exclusion Lists
Support for Transformation and Validation of Data
Support for Connection Pooling
Documentation-Specific Updates
Documentation-Specific Updates in Release 11.1.1.7.0
Documentation-Specific Updates in Release 11.1.1.6.0
Documentation-Specific Updates in Release 11.1.1.5.0
1
About the Connector
1.1
Certified Components
1.2
Usage Recommendation for the UNIX Connector
1.3
Certified Languages for the UNIX Connector
1.4
Architecture of the UNIX Connector
1.4.1
Reconciliation Process for the UNIX Connector
1.4.2
Provisioning Process for the UNIX Connector
1.4.3
Provisioning Functions of the UNIX Connector
1.5
Features of the UNIX Connector
1.5.1
Support for Switching Between SSH and Telnet Protocols
1.5.2
Support for Running Custom Scripts
1.5.3
Support for Configuring the Connector for a New Target System
1.5.4
Support for Multiple Instances and Multiple Versions of UNIX
1.5.5
Support for Both Target Resource and Trusted Source Reconciliation
1.5.6
Support for Both Full and Incremental Reconciliation
1.5.7
Support for Limited Reconciliation
1.5.8
Support for Batched Reconciliation
1.5.9
Support for Reconciliation of User Status from the Target System
1.5.10
Support for Adding Custom Attributes for Reconciliation and Provisioning
1.5.11
Transformation of Data
1.5.12
Support for Resource Exclusion Lists
1.6
User Attributes for Target Resource Reconciliation and Provisioning
1.7
User Attributes for Trusted Source Reconciliation
1.8
Roadmap for Deploying and Using the Connector
2
Deploying the Connector
2.1
Preinstallation
2.1.1
Files and Directories on the Installation Media
2.1.2
Configuring the Target System
2.1.2.1
Configuring Solaris and Linux
2.1.2.2
Configuring AIX
2.1.2.3
Configuring HP-UX
2.1.2.4
Installing OpenSSH
2.1.2.5
Creating a Target System SUDO User Account for Connector Operations
2.1.2.6
Creating an RBAC User Account for Connector Operations on Solaris
2.1.2.7
Configuring Public Key Authentication
2.1.2.8
Configuring SSH Public Key Authentication
2.2
Installation
2.2.1
Installing the Connector in Oracle Identity Manager
2.2.2
Deploying the Connector Bundle in a Connector Server
2.3
Postinstallation
2.3.1
Configuring Oracle Identity Manager 11.1.2 or Later
2.3.1.1
Creating and Activating a Sandbox
2.3.1.2
Creating a New UI Form
2.3.1.3
Creating an Application Instance
2.3.1.4
Publishing a Sandbox
2.3.1.5
Harvesting Entitlements and Sync Catalog
2.3.1.6
Updating an Existing Application Instance with a New Form
2.3.2
Configuring the IT Resource for the Target System
2.3.3
Configuring the IT Resource for the Connector Server
2.3.4
Setting up the Lookup Definitions for Connector Configuration
2.3.5
Setting up the Lookup Definition for Connection Pooling
2.3.6
Setting up the Lookup Definitions for User Operations
2.3.6.1
Lookup.UNIX.UM.Configuration
2.3.6.2
Lookup.UNIX.UM.Configuration.Trusted
2.3.7
Setting up the Lookup Definitions for Attribute Mappings
2.3.7.1
Lookup.UNIX.UM.ProvAttrMap
2.3.7.2
Lookup.UNIX.UM.ReconAttrMap
2.3.7.3
Lookup.UNIX.UM.ReconAttrMap.Trusted
2.3.7.4
Lookup.UNIX.UM.ReconAttrMap.TrustedDefaults
2.3.7.5
Lookup.UNIX.YesNo.Options
2.3.8
Enabling Logging
2.3.9
Changing to the Required Input Locale
2.3.10
Clearing Content Related to Connector Resource Bundles from the Server Cache
2.3.11
Localizing Field Labels in UI Forms
2.4
Upgrading the Connector
2.4.1
Preupgrade Steps
2.4.2
Upgrade the UNIX Connector from Release 11.1.1.6.0 to 11.1.1.7.0
2.4.2.1
Setting Entitlement Tagging
2.4.2.2
Setting IT Resource, Account ID, and Account Name Tagging
2.4.2.3
Setting the Status of Task to Object Status Mapping of the Secondary Group Update Process Task to None
2.4.2.4
Updating the Connector Bundle
2.4.3
Upgrade Steps
2.4.4
Postupgrade Steps
2.5
Postcloning Steps
3
Using the Connector
3.1
Configuring Reconciliation
3.1.1
Full Reconciliation
3.1.2
Limited Reconciliation
3.1.3
Batched Reconciliation
3.1.4
Reconciliation Rule for Target Resource Reconciliation
3.1.5
Reconciliation Action Rules for Target Resource Reconciliation
3.1.6
Configuring the Target System As a Trusted Source
3.1.7
Reconciliation Rule for Trusted Source Reconciliation
3.1.8
Reconciliation Action Rule for Trusted Source Reconciliation
3.2
Scheduled Tasks
3.2.1
Scheduled Tasks for Lookup Field Synchronization
3.2.2
Scheduled Tasks for Reconciliation
3.2.3
Configuring Scheduled Tasks
3.3
Configuring Provisioning in Oracle Identity Manager Release 11.1.1
3.3.1
Guidelines on Performing Provisioning Operations
3.3.2
Configuring Direct Provisioning
3.3.3
Configuring Request-Based Provisioning
3.3.3.1
About Request-Based Provisioning
3.3.3.2
Enabling Request-Based Provisioning
3.3.3.2.1
End User's Role in Request-Based Provisioning
3.3.3.2.2
Approver's Role in Request-Based Provisioning
3.3.3.2.3
Importing Request Datasets Using Deployment Manager
3.3.3.2.4
Enabling the Auto Save Form Feature
3.3.3.2.5
Running the PurgeCache Utility
3.3.4
Switching Between Request-Based Provisioning and Direct Provisioning
3.4
Configuring Provisioning in Oracle Identity Manager Release 11.1.2
3.5
Configuring Action Scripts
4
Extending the Functionality of the Connector
4.1
Configuring the Connector for a New Target System
4.2
Configuring the Connector for Multiple Instances and Multiple Versions of the Target System
4.3
Adding Custom Attributes for Target Resource Reconciliation
4.4
Adding Custom Attributes for Provisioning
4.5
Configuring Validation of Data During Reconciliation and Provisioning
4.6
Configuring Transformation of Data During User Reconciliation
4.7
Configuring Resource Exclusion Lists
5
Testing and Troubleshooting
5.1
Testing the UNIX Connector
5.2
Troubleshooting
5.2.1
Connection Errors
5.2.2
Create User Errors
5.2.3
Delete User Errors
5.2.4
Edit User Errors
5.2.5
TimeOut Errors
6
Known Issues
A
Privileges Required for Performing Provisioning and Reconciliation
A.1
Privileges Required for Running Commands on Solaris and Linux
A.2
Privileges Required for Running Commands on HP-UX
A.3
Privileges Required for Running Commands on AIX
B
Sample Scripts for Updating Default Attributes for Reconciliation
B.1
Original Sample Script
B.2
Updated Sample Script
C
Sample Scripts for Updating Default Attributes for Provisioning
C.1
Original Sample Script
C.2
Updated Sample Script
Scripting on this page enhances content navigation, but does not change the content in any way.