1 About the Connector

Oracle Identity Manager automates access rights management, and the security of resources to various target systems. Oracle Identity Manager connectors are used to integrate Oracle Identity Manager with target applications. This guide discusses the connector that enables you to use JD Edwards EnterpriseOne either as a managed (target) resource or as an authoritative (trusted) source of identity data for Oracle Identity Manager.

Note:

In this guide, JD Edwards EnterpriseOne has been referred to as the target system.

In the account management (target resource) mode of the connector, information about users created or modified directly on the target system can be reconciled into Oracle Identity Manager. In addition, you can use Oracle Identity Manager to perform provisioning operations on the target system.

In the identity reconciliation (trusted source) configuration of the connector, users are created or modified only on the target system and information about these users is reconciled into Oracle Identity Manager.

This chapter contains the following sections:

1.1 Certified Components

Table 1-1 lists the certified components for this connector.

Table 1-1 Certified Components

Item Requirement

Oracle Identity Governance or Oracle Identity Manager

You can use one of the following releases of Oracle Identity Governance or Oracle Identity Manager:

  • Oracle Identity Governance 12c (12.2.1.4.0)

  • Oracle Identity Manager 11g Release 2 PS3 (11.1.2.3.0)

  • Oracle Identity Manager 11g Release 2 (11.1.2.0.4) and any later BP in this release track

  • Oracle Identity Manager 11g Release 1 (11.1.1.5.6) BP06 (with patch 15971939) and any later BP in this release track

Target system

The target system can be any one of the following:

  • JD Edwards EnterpriseOne Tools 8.98 and Application 8.12

  • JD Edwards EnterpriseOne Tools 9.1.2 and Application 9.0.2

  • JD Edwards EnterpriseOne Tools 9.1.2 and Application 9.1

  • JD Edwards EnterpriseOne Tools 9.1.4.2 and Application 9.1

  • JD Edwards EnterpriseOne Tools 9.2.1.4 and Application 9.2

Note: If you are using JDE Tools 9.2.x, download and apply JDE Connector 11.1.1.6.0A Patch 27009976 as reconciliation operations may throw NullPointerException error. You can download the patch from the Patches and Updates page at:

https://support.oracle.com/

Connector Server

11.1.1.5.0

Connector Server JDK

JDK 1.6 update 18 or later, or JRockit JDK 1.6 update 17 or later

Note: If you are using JD Edwards EnterpriseOne Tools 9.2 and Application 9.2, see Section 2.1.1.4, "JDK requirement for JD Edwards EnterprisesOne Tools 9.2 and Application 9.2" for information related to JDK requirement.


1.2 Usage Recommendation

Depending on the Oracle Identity Manager version that you are using, you must deploy and use one of the following connectors:

  • If you are using an Oracle Identity Manager release that is earlier than Oracle Identity Manager 11g Release 1 (11.1.1), then you must use the 9.0.4.x version of this connector.

  • If you are using Oracle Identity Manager 11g Release 1 (11.1.1.5.0) or later (such as Oracle Identity Manager 11g Release 1 (11.1.1.5.6) BP06), or Oracle Identity Manager 11g Release 2 (11.1.2) or later, or Oracle Identity Manager 11g Release 2 PS3 (11.1.2.3.0), then use the latest 11.1.1.x version of this connector.

  • If you are using JD Edwards EnterpriseOne Tools 8.96 and Application 8.12 as the target system, then you must use the 9.0.4.x version of this connector, irrespective of the Oracle Identity Manager release you are using.

1.3 Certified Languages

The connector supports the following languages:

  • Arabic

  • Chinese (Simplified)

  • Chinese (Traditional)

  • Czech

  • Danish

  • Dutch

  • English (U.S.)

  • Finnish

  • French

  • German

  • Greek

  • Hebrew

  • Hungarian

  • Italian

  • Japanese

  • Korean

  • Norwegian

  • Polish

  • Portuguese

  • Portuguese (Brazilian)

  • Romanian

  • Russian

  • Slovak

  • Spanish

  • Swedish

  • Thai

  • Turkish

1.4 Connector Architecture

Figure 1–1 shows the connector integrating JD Edwards EnterpriseOne with Oracle Identity Manager.

Description of conn_arch.gif follows
Description of the illustration ''conn_arch.gif''

The JD Edwards EnterpriseOne User Management connector is implemented by using the Identity Connector Framework (ICF). The ICF is a component that provides basic reconciliation and provisioning operations that are common to all Oracle Identity Manager connectors. In addition, ICF provides common features that developers would otherwise need to implement on their own, such as connection pooling, buffering, time outs, and filtering. The ICF is shipped along with Oracle Identity Manager. Therefore, you need not configure or modify the ICF.

The target system, JD Edwards EnterpriseOne, is based on a client-server architecture. The JD Edwards EnterpriseOne User Management connector leverages this architecture to perform connector operations by calling business functions (BSFNs) within the JD Edwards Enterprise server or connecting to the JD Edwards Database, as required.

For provisioning operations such as Create, Update, and Delete, and reconciliation operations such as Search, Oracle Identity Manager makes SPI calls to ICF. In other words, Oracle Identity Manager invokes the connector bundle.

During provisioning, adapters carry provisioning data submitted through the process form to the target system. The adapters establish a connection with the connector bundle which inturn establishes a connection with a BSFN (for performing the required provisioning operation) in the target system by using the Dynamic Java Connector.

After the adapters establish a connection with the target system, the required provisioning operation is performed and the response from the target system is returned to the adapters.

Note:

See Oracle Fusion Middleware Administering Oracle Identity Manager for more information about scheduled jobs.

During reconciliation, a schedule task is run which calls the SearchOp operation of the connector bundle. The connector bundle establishes a connection with the database by using the JDBC driver and retrieves all records that match the reconciliation criteria. This result is then passed to Oracle Identity Manager.

1.5 Features of the Connector

The following are features of the connector:

1.5.1 Support for Both Target Resource and Trusted Source Reconciliation

You can use the connector to configure JD Edwards EnterpriseOne as either a target resource or trusted source of Oracle Identity Manager.

See Section 3.3, "Configuring Reconciliation" for more information.

1.5.2 Full and Incremental Reconciliation

After you deploy the connector, you can perform full reconciliation to bring all existing user data from the target system to Oracle Identity Manager. After the first full reconciliation run, incremental reconciliation is automatically enabled. In incremental reconciliation, user accounts that have been added or modified since the last reconciliation run are fetched into Oracle Identity Manager.

You can perform a full reconciliation run at any time. See Section 3.3.1, "Performing Full Reconciliation" for more information.

1.5.3 Limited (Filtered) Reconciliation

You can set a reconciliation filter as the value of the Filter attribute of the scheduled jobs. This filter specifies the subset of newly added and modified target system records that must be reconciled.

See Section 3.3.2, "Limited Reconciliation" for more information.

1.5.4 Support for Adding New Attributes for Reconciliation and Provisioning

If you want to add new attributes to the standard set of single-valued attributes for reconciliation and provisioning, then perform the procedures described in Chapter 4, "Extending the Functionality of the Connector."

1.5.5 Reconciliation of Deleted User Records

You can reconcile data about user records that have been deleted on the target system that has been configured as a trusted source or target resource.

In target resource mode, if a user record is deleted on the target system, then the corresponding JDE User resource is revoked from the OIM User. In trusted source mode, if a user record is deleted on the target system, then the corresponding OIM User is deleted.

See Section 3.3.3.2, "Scheduled Job for Reconciliation of Deleted Users Records" for more information about scheduled jobs used for reconciling data about deleted user records.

1.5.6 Transformation and Validation of Account Data

You can configure validation of account data that is brought into or sent from Oracle Identity Manager during reconciliation and provisioning. In addition, you can configure transformation of account data that is brought into Oracle Identity Manager during reconciliation. The following sections provide more information:

1.5.7 Support for Connector Server

Connector Server is a component provided by ICF. By using one or more connector servers, the connector architecture permits your application to communicate with externally deployed bundles. In other words, a connector server enables remote execution of an Oracle Identity Manager connector.

A Java connector server is useful when you do not wish to execute a Java connector bundle in the same VM as your application. It can be beneficial to run a Java connector on a different host for performance improvements.

1.5.8 Connection Pooling

A connection pool is a cache of objects that represent physical connections to the target. Oracle Identity Manager connectors can use these connections to communicate with target systems. At run time, the application requests a connection from the pool. If a connection is available, then the connector uses it and then returns it to the pool. A connection returned to the pool can again be requested for and used by the connector for another operation. By enabling the reuse of connections, the connection pool helps reduce connection creation overheads like network latency, memory allocation, and authentication.

One connection pool is created for each IT resource. For example, if you have three IT resources for three installations of the target system, then three connection pools will be created, one for each target system installation.

Section 2.3.1.5, "Setting up the Lookup.JDE.Configuration Lookup Definition for Connection Pooling" provides information about connection pooling.

1.6 Lookup Definitions Used During Connector Operations

Lookup definitions used during connector operations can be divided into the following categories:

1.6.1 Lookup Definitions Synchronized with the Target System

During a provisioning operation, you use a lookup field on the process form to specify a single value from a set of values. For example, you use the Date Format lookup field to select a date format from the list of supported date formats. When you deploy the connector, lookup definitions corresponding to the lookup fields on the target system are automatically created in Oracle Identity Manager. Lookup field synchronization involves copying additions or changes made to the target system lookup fields into the lookup definitions in Oracle Identity Manager.

The following lookup definitions are populated with values fetched from the target system by the scheduled jobs for lookup field synchronization:

See Also:

Section 3.2, "Scheduled Job for Lookup Field Synchronization" for information about these scheduled tasks
  • JDE Date Separation Character Lookup Reconciliation

  • JDE Date Format Lookup Reconciliation

  • JDE Decimal Format Characters Lookup Reconciliation

  • JDE Languages Lookup Reconciliation

  • JDE Localization Country Code Lookup Reconciliation

  • JDE Roles Lookup Reconciliation

  • JDE Time Format Lookup Reconciliation

  • JDE Universal Time Lookup Reconciliation

1.6.2 Preconfigured Lookup Definitions

This section discusses the other lookup definitions that are created in Oracle Identity Manager when you deploy the connector. These lookup definitions are either prepopulated with values or values must be manually entered in them after the connector is deployed. The other lookup definitions are as follows:

1.6.2.1 Lookup.JDE.Configuration

The Lookup.JDE.Configuration lookup definition holds connector configuration entries that are used during target resource reconciliation and provisioning operations.

Table 1-2 lists the default entries in this lookup definition.

Table 1-2 Entries in the Lookup.JDE.Configuration Lookup Definition

Code Key Decode Description

Bundle Name

org.identityconnectors.jde

This entry holds the name of the connector bundle package. Do not modify this entry.

Bundle Version

1.0.1115

This entry holds the version of the connector bundle class. Do not modify this entry.

Connector Name

org.identityconnectors.jde.JDEConnector

This entry holds the name of the connector class. Do not modify this entry.

preferredLanguage

E

This entry holds the preferred language in which the target system is installed and used internally by the connector to fetch appropriate lookup values based on the value of the field. Depending on the language that you want to set, the decode value of this entry can be one of the following:

  • For English: E

  • For French: F

  • For German: G

  • For Italian: I

  • For Japanese: J

  • For Korean: KO

  • For Simplified Chinese: CS

  • For Spanish: S

  • For Traditional Chinese: CT

User Configuration Lookup

Lookup.JDE.UM.Configuration

This entry holds the name of the lookup definition that contains user-specific configuration properties. Do not modify this entry.


1.6.2.2 Lookup.JDE.Configuration.Trusted

The Lookup.JDE.Configuration.Trusted lookup definition holds connector configuration entries that are used during trusted source reconciliation.

Table 1-3 lists the default entries in this lookup definition.

Table 1-3 Entries in the Lookup.JDE.Configuration.Trusted Lookup Definition

Code Key Decode Description

Bundle Name

org.identityconnectors.jde

This entry holds the name of the connector bundle package. Do not modify this entry.

Bundle Version

1.0.1115

This entry holds the version of the connector bundle class. Do not modify this entry.

Connector Name

org.identityconnectors.jde.JDEConnector

This entry holds the name of the connector class. Do not modify this entry.

User Configuration Lookup

Lookup.JDE.UM.Configuration.Trusted

This entry holds the name of the lookup definition that contains user-specific configuration properties. Do not modify this entry.


1.6.2.3 Lookup.JDE.UM.Configuration

The Lookup.JDE.UM.Configuration lookup definition holds configuration entries that are specific to the user object type. This lookup definition is used during user management operations when your target system is configured as a target resource.

Table 1-4 lists the default entries in this lookup definition.

Table 1-4 Entries in the Lookup.JDE.UM.Configuration Lookup Definition

Code Key Decode Description

Provisioning Attribute Map

Lookup.JDE.UM.ProvAttrMap

This entry holds the name of the lookup definition that maps process form fields and target system attributes. See Section 1.6.2.5, "Lookup.JDE.UM.ProvAttrMap" for more information about this lookup definition.

Recon Attribute Map

Lookup.JDE.UM.ReconAttrMap

This entry holds the name of the lookup definition that maps resource object fields and target system attributes. See Section 1.6.2.6, "Lookup.JDE.UM.ReconAttrMap" for more information about this lookup definition.


1.6.2.4 Lookup.JDE.UM.Configuration.Trusted

The Lookup.JDE.UM.Configuration.Trusted lookup definition holds configuration entries that are specific to the user object type. This lookup definition is used during user management operations when your target system is configured as a trusted source.

Table 1-5 lists the default entries in this lookup definition.

Table 1-5 Entries in the Lookup.JDE.UM.Configuration.Trusted Lookup Definition

Code Key Decode Description

Recon Attribute Defaults

Lookup.JDE.UM.ReconDefaults.Trusted

This entry holds the name of the lookup definition that maps reconciliation fields and their default values. See Section 1.6.2.8, "Lookup.JDE.UM.ReconDefaults.Trusted" for more information about this lookup definition.

Recon Attribute Map

Lookup.JDE.UM.ReconAttrMap.Trusted

This entry holds the name of the lookup definition that maps resource object fields and target system attributes. See Section 1.6.2.7, "Lookup.JDE.UM.ReconAttrMap.Trusted" for more information about this lookup definition.


1.6.2.5 Lookup.JDE.UM.ProvAttrMap

The Lookup.JDE.UM.ProvAttrMap lookup definition holds mappings between process form fields and target system attributes. This lookup definitions is used during provisioning. This lookup definition is preconfigured. Table 1-11 lists the default entries.

You can add entries in this lookup definitions if you want to map new target system attributes for provisioning. See Chapter 4, "Extending the Functionality of the Connector" for more information.

1.6.2.6 Lookup.JDE.UM.ReconAttrMap

The Lookup.JDE.UM.ReconAttrMap lookup definition holds mappings between resource object fields and target system attributes. This lookup definition is used during reconciliation. This lookup definition is preconfigured. Table 1-8 lists the default entries.

You can add entries in this lookup definitions if you want to map new target system attributes for reconciliation. See Chapter 4, "Extending the Functionality of the Connector" for more information.

1.6.2.7 Lookup.JDE.UM.ReconAttrMap.Trusted

The Lookup.JDE.UM.ReconAttrMap.Trusted lookup definition holds mappings between resource object fields and target system attributes. This lookup definitions is used during trusted source user reconciliation runs. This lookup definition is preconfigured. Table 1-12 lists the default entries.

You can add entries in this lookup definitions if you want to map new target system attributes for reconciliation. See Chapter 4, "Extending the Functionality of the Connector" for more information.

1.6.2.8 Lookup.JDE.UM.ReconDefaults.Trusted

The Lookup.JDE.UM.ReconDefaults.Trusted lookup definition holds mappings between reconciliation fields and their default values. This lookup definition is used when there is a mandatory field on the OIM User form, but no corresponding field in the target system from which values can be fetched during trusted source reconciliation.

Table 1-6 lists the default entries in this lookup definition.

Table 1-6 Entries in the Lookup.JDE.UM.ReconDefaults.Trusted Lookup Definition

Code Key Decode

Employee Type

Full-Time

Organization

Xellerate Users

User Type

End-User


You add entries to this lookup definition in the following format, if required:

  • Code Key: Name of the reconciliation field of the JDE User resource object

  • Decode: Corresponding default value to be displayed

For example, assume a field named Preferred Language is a mandatory field on the OIM User form. Suppose the target system contains no field that stores information about the preferred language of communication for a user account. During reconciliation, no value for the Preferred Language field is fetched from the target system. However, as the Preferred Language field cannot be left empty, you must specify a value for this field. Therefore, create an entry in this lookup definition with the Code Key value set to Preferred Language and Decode value set to English. This implies that the value of the Preferred Language field on the OIM User form displays English for all user accounts reconciled from the target system.

1.6.2.9 Lookup.JDE.FastPathCreate

The Lookup.JDE.FastPathCreate lookup definition maps possible values for the Fast Path Create attribute of the target system with the corresponding values to be displayed in the Fast Path Create field of the OIM User form.

Table 1-7 lists the default entries in this lookup definition.

Table 1-7 Entries in the Lookup.JDE.FastPathCreate Lookup Definition

Code Key Decode

N

No

Y

Yes


1.7 Connector Objects Used During Target Resource Reconciliation

Target resource reconciliation involves fetching data about newly created or modified accounts on the target system and using this data to add or modify resources assigned to OIM Users.

The JDE User Target Reconciliation scheduled job is used to initiate a target resource reconciliation run. This scheduled job is discussed in Chapter 3, "Scheduled Jobs for Reconciliation of User Records."

See Also:

Managing Reconciliation in Oracle Fusion Middleware Administering Oracle Identity Manager for conceptual information about reconciliation

The following sections provide information about connector objects used during target resource reconciliation:

1.7.1 User Fields for Target Resource Reconciliation

The Lookup.JDE.UM.ReconAttrMap lookup definition maps resource object fields and target system attributes. This lookup definition is used for performing target resource user reconciliation runs.

In this lookup definition, entries are in the following format:

  • Code Key: Reconciliation field of the resource object

  • Decode: Name of the target system attribute, prefixed with the table name. The following is the format in which you must enter the Decode value:

    TABLE_NAME.ATTR_NAME

    In this format, TABLE_NAME is the name of the table in the target system database in which the attribute is present. ATTR_NAME is the name of the attribute in the target system.

Table 1-8 provides information about user attribute mappings for target resource reconciliation.

Table 1-8 User Attributes for Target Resource Reconciliation

Resource Object Field Target System Field

Date Format[LOOKUP]

F00921.FRMT

Date Separation Character[LOOKUP]

F00921.DSEP

Decimal Format Character[LOOKUP]

F00921.DECF

Fast Path Create

F0092.FSTP

Language[LOOKUP]

F00921.LNGP

Localization Country Code[LOOKUP]

F00921.CTR

ReturnValue

__UID__

Roles~Effective Date[DATE]

roles~JDERole~F95921.EFFDATE

Roles~Expiration Date[DATE]

roles~JDERole~F95921.EXPIRDATE

Roles~Include in ALL

roles~JDERole~F95921.FUROLE1

Roles~Role[LOOKUP]

roles~JDERole~F95921.FRROLE

Status

__ENABLE__

Time Format[LOOKUP]

F00921.TIMEFORM

Universal Time[LOOKUP]

F00921.UTCTIME

User ID

__NAME__


1.7.2 Reconciliation Rule for Target Resource Reconciliation

See Also:

Creating Reconciliation Metadata in Oracle Fusion Middleware Developing and Customizing Applications for Oracle Identity Manager for generic information about reconciliation matching and action rules

The following is the process-matching rule:

Rule name: JDE Target Recon Rule

Rule element: User Login Equals UserID

In this rule:

  • User Login is the User ID attribute on the OIM User form.

  • User ID is the User ID field of JD Edwards.

After you deploy the connector, you can view the reconciliation rule for target resource reconciliation by performing the following steps:

Note:

Perform the following procedure only after the connector is deployed.
  1. Log in to the Oracle Identity Manager Design Console.

  2. Expand Development Tools.

  3. Double-click Reconciliation Rules.

  4. Search for JDE Recon Rule. Figure 1-1 shows the reconciliation rule for target resource reconciliation.

    Figure 1-1 Reconciliation Rule for Target Resource Reconciliation

    Description of Figure 1-1 follows
    Description of ''Figure 1-1 Reconciliation Rule for Target Resource Reconciliation''

1.7.3 Reconciliation Action Rules for Target Resource Reconciliation

Table 1-9 lists the action rules for target resource reconciliation.

Table 1-9 Action Rules for Target Resource Reconciliation

Rule Condition Action

One Entity Match Found

Establish Link

One Process Match Found

Establish Link


Note:

No action is performed for rule conditions that are not predefined for this connector. You can define your own action rule for such rule conditions. For information about modifying or creating reconciliation action rules, see Setting a Reconciliation Action Rule in Oracle Fusion Middleware Developing and Customizing Applications for Oracle Identity Manager.

After you deploy the connector, you can view the reconciliation action rules for target resource reconciliation by performing the following steps:

  1. Log in to the Oracle Identity Manager Design Console.

  2. Expand Resource Management.

  3. Double-click Resource Objects.

  4. Search for and open the JDE Resource Object resource object.

  5. Click the Object Reconciliation tab, and then click the Reconciliation Action Rules tab. The Reconciliation Action Rules tab displays the action rules defined for this connector. Figure 1-2 shows the reconciliation action rule for target resource reconciliation.

    Figure 1-2 Reconciliation Action Rules for Target Resource Reconciliation

    Description of Figure 1-2 follows
    Description of ''Figure 1-2 Reconciliation Action Rules for Target Resource Reconciliation''

1.8 Connector Objects Used During Provisioning

Provisioning involves creating or modifying user data on the target system through Oracle Identity Manager.

See Also:

Managing Provisioning Tasks in Oracle Fusion Middleware Performing Self Service Tasks with Oracle Identity Manager for conceptual information about provisioning

This section discusses the following topics:

1.8.1 Provisioning Functions

Table 1-10 lists the provisioning functions that are supported by the connector. The Adapter column gives the name of the adapter that is used when the function is performed.

Table 1-10 Provisioning Functions

Function Adapter

Create User

adpJDEUSERCREATE

Update User

adpJDEUPDATEUSER

Enable User

adpJDEENABLEUSER

Disable User

adpJDEDISABLEUSER

Delete User

adpJDEUSERDELETE

Add User Role

adpJDEADDROLETOUSER

Update User Role

adpJDEUPDATEROLE

Remove User Role

adpJDEREMOVEUSERROLE

Update a multiple attributes (for example, Date Format, Time Format, and Localization) together

adpJDEMULTIUPDATE


1.8.2 User Fields for Provisioning

The Lookup.JDE.UM.ProvAttrMap lookup definition maps process form fields with target system attributes. This lookup definition is used for performing user provisioning operations.

Table 1-11 lists the user identity fields of the target system for which you can specify or modify values during provisioning operations.

Table 1-11 Entries in the Lookup.JDE.UM.ProvAttrMap lookup definition

Process Form Field Target System Field

Date Format[LOOKUP]

szDateformat

Date Separation Character[LOOKUP]

cDateSeparator

Decimal Format Character[LOOKUP]

cDecimalFormat

Fast Path Create

cFastPathCreate

Language[LOOKUP]

szLanguagePreference

Localization Country Code[LOOKUP]

szCountry

Password

__PASSWORD__

ReturnValue

__UID__

Time Format[LOOKUP]

szTimeFormat

UD_JDEROL~Effective Date[DATE]

roles~JDERole~jdEffectiveDate

UD_JDEROL~Expiration Date[DATE]

roles~JDERole~jdExpirationDate

UD_JDEROL~Include in *ALL

roles~JDERole~cIncludedInALL

UD_JDEROL~Role[LOOKUP]

roles~JDERole~szRole

Universal Time[LOOKUP]

szUniversalTime

User ID

__NAME__


1.9 Connector Objects Used During Trusted Source Reconciliation

Trusted source reconciliation involves fetching data about newly created or modified accounts on the target system and using that data to create or update OIM Users.

See Also:

Trusted Source Reconciliation in Oracle Fusion Middleware Administering Oracle Identity Manager for conceptual information about trusted source reconciliation

The following sections provide information about connector objects used during trusted source reconciliation:

1.9.1 User Fields for Trusted Source Reconciliation

The Lookup.JDE.UM.ReconAttrMap.Trusted lookup definition maps user fields of the OIM User form with corresponding field names in the target system. This lookup definition is used for performing trusted source reconciliation runs.

Table 1-12 lists user attributes for trusted source reconciliation.

Table 1-12 Entries in the Lookup.JDE.UM.ReconAttrMap.Trusted Lookup Definition

OIM User Form Field Target System Field

Last Name

__NAME__

Status[TRUSTED]

__ENABLE__

User ID

__NAME__


1.9.2 Reconciliation Rule for Trusted Source Reconciliation

See Also:

Managing Reconciliation in Oracle Fusion Middleware Administering Oracle Identity Manager for generic information about reconciliation matching and action rules

The following is the process matching rule:

Rule name: JDE Trusted Recon Rule

Rule element: User Login Equals User ID

In this rule element:

  • User Login is the User ID field on the OIM User form.

  • User ID is the User field of JD Edwards.

After you deploy the connector, you can view the reconciliation rule for target resource reconciliation by performing the following steps:

Note:

Perform the following procedure only after the connector is deployed.
  1. Log in to the Oracle Identity Manager Design Console.

  2. Expand Development Tools.

  3. Double-click Reconciliation Rules.

  4. Search for Trusted Source Recon Rule. Figure 1-3 shows the reconciliation rule for trusted source reconciliation.

    Figure 1-3 Reconciliation Rule for Trusted Source Reconciliation

    Description of Figure 1-3 follows
    Description of ''Figure 1-3 Reconciliation Rule for Trusted Source Reconciliation''

1.9.3 Reconciliation Action Rules for Trusted Source Reconciliation

Table 1-13 lists the action rules for target resource reconciliation.

Table 1-13 Action Rules for Trusted Source Reconciliation

Rule Condition Action

No Matches Found

Create User

One Entity Match Found

Establish Link

One Process Match Found

Establish Link


Note:

No action is performed for rule conditions that are not predefined for this connector. You can define your own action rule for such rule conditions. See Setting a Reconciliation Action Rule in Oracle Fusion Middleware Developing and Customizing Applications for Oracle Identity Manager for information about modifying or creating reconciliation action rules.

After you deploy the connector, you can view the reconciliation action rules for target resource reconciliation by performing the following steps:

  1. Log in to the Oracle Identity Manager Design Console.

  2. Expand Resource Management.

  3. Double-click Resource Objects.

  4. Search for and open the JDE Trusted Resource Object resource object.

  5. Click the Object Reconciliation tab, and then click the Reconciliation Action Rules tab. The Reconciliation Action Rules tab displays the action rules defined for this connector. Figure 1-4 shows the reconciliation action rules for trusted source reconciliation.

    Figure 1-4 Reconciliation Action Rules for Trusted Source Reconciliation

    Description of Figure 1-4 follows
    Description of ''Figure 1-4 Reconciliation Action Rules for Trusted Source Reconciliation''

1.10 Roadmap for Deploying and Using the Connector

The following is the organization of information in the rest of this guide: