You can use the connector for performing reconciliation and provisioning operations after configuring it to meet your requirements.
This section discusses the following topics:
Scheduled jobs for lookup field synchronization fetch the most recent values from specific fields in the target system to lookup definitions in Oracle Identity Manager. These lookup definitions are used as an input source for lookup fields in Oracle Identity Manager.
ServiceNow Group Lookup Recon
ServiceNow Role Lookup Recon
ServiceNow Department Lookup Recon
Values fetched by these scheduled jobs from the target system are populated in the Lookup.ServiceNow.Groups, Lookup.ServiceNow.Roles and Lookup.ServiceNow.Departments respectively. The attributes for all the scheduled jobs for lookup field synchronization are the same.Table 3-1 describes the attributes of the scheduled jobs. The procedure to configure scheduled jobs is described later in this guide.
Table 3-1 Attributes of the Scheduled Job for Lookup Field Synchronization
Attribute | Description |
---|---|
Code Key Attribute |
Enter the name of the attribute that is used to populate the Code Key column of the lookup definition (specified as the value of the Lookup Name attribute). Default value: __UID__ |
Decode Attribute |
Enter the name of the attribute that is used to populate the Decode column of the lookup definition (specified as the value of the Lookup Name attribute). Default value: __NAME__ |
IT Resource Name |
Name of the IT resource for the target system installation from which you reconcile user records. Default value: |
Lookup Name |
Name of the lookup definition in Oracle Identity Manager that must be populated with values fetched from the target system. Depending on the scheduled job you are using, the default values are as follows:
|
Object Type |
Name of the type of object you want to reconcile. Depending on the scheduled job you are using, the default values are as follows:
|
You can configure the connector to specify the type of reconciliation and its schedule.
This section discusses the following topics related to configuring reconciliation:
Full reconciliation involves reconciling all existing user or group records from the target system into Oracle Identity Manager.
After you deploy the connector, you must first perform full reconciliation. To perform a full reconciliation run, ensure that no value is specified for the Filter Suffix attribute of the scheduled job for reconciling users and groups. If the target system contains more number of records than what it can return in a single response, then use the Flat File connector to perform full reconciliation. See Reconciling Large Number of Records.
Limited or filtered reconciliation is the process of limiting the number of records being reconciled based on a set filter criteria.
By default, all target system records that are added or modified after the last reconciliation run are reconciled during the current reconciliation run. You can customize this process by specifying the subset of added or modified target system records that must be reconciled. You do this by creating filters for the reconciliation module.
sys_id
. The sys_id
attribute is present in the target system and OIM. Filtered reconciliation is performed using the sys_id
as a filter suffix attribute.
Note:
In the current connector release, thesys_id
attribute is the only filter suffix supported for filtering records.You can perform limited reconciliation by creating filters for the reconciliation module. This connector provides a Filter Suffix attribute (a scheduled task attribute) that allows you to use the sys_id
attribute of the target system to filter target system records. The sys_id
is appended to the endpoint URL. When this endpoint URL is reconciled, all record reconciliation is limited to this filter suffix attribute. A sample filter suffix value is /0e220301db039a00b88df7a0cf9619
. The value provided in the filter suffix parameter varies in accordance with the target system. See Reconciliation Scheduled Jobs.
During a reconciliation run, if the target system contains more number of records than what it can return in a single response, then you must use the Flat File connector to fetch all the records into Oracle Identity Manager.
When you run the Connector Installer, reconciliation scheduled jobs are automatically created in Oracle Identity Manager. You must configure these scheduled jobs to suit your requirements by specifying values for its attributes.
In ServiceNow connector, the Scheduled Job for Reconciliation of User Records is automatically created in the Oracle Identity Manager. The Scheduled Job for Reconciliation of User Records is used to reconcile user data in the target resource (account management) mode of the connector.
Table 3-2 describes the attributes of the scheduled job.
Table 3-2 Attributes of the User Reconciliation Scheduled Job
Attribute | Description |
---|---|
Filter Suffix |
Enter the search filter for fetching records from the target system during a reconciliation run. Sample value: |
Latest Token |
The Latest Token attribute is used for internal purposes. By default, this value is empty. Do not enter a value for this attribute. The reconciliation engine automatically enters a value in this attribute. Sample value: 1354753427000 |
IT Resource Name |
Name of the IT resource for the target system installation from which you want to reconcile user records. Default value: |
Object Type |
Type of object you want to reconcile. Default value: Note: User is the only object that is supported. Therefore, do not change the value of this attribute. |
Resource Object Name |
Name of the resource object that is used for reconciliation. Default value: Note: Do not change the value of this attribute |
Scheduled Task Name |
Name of the scheduled task that is used for reconciliation. Default value: |
You must configure and run scheduled jobs to perform a reconciliation run.
You must apply the below guideline while performing a provisioning operation:
For a Create User provisioning operation, you must specify a value for the User Name field. For example, John Doe. It is a mandatory field, other mandatory fields are Display Name, Password, MailNickname, and Usage Location.
You create a new user in Oracle Identity Self Service by using the Create User page. You provision or request for accounts on the Accounts tab of the User Details page.
Uninstalling the connector involves deleting data related to the connector from Oracle Identity Manager Database. You use the Uninstall Connectors utility to uninstall a connector.
If you want to uninstall the connector for any reason, see Uninstalling Connectors in Oracle Fusion Middleware Administering Oracle Identity Manager.