The procedure to deploy the connector is divided across three stages namely preinstallation, installation, and postinstallation.
The following topics provide details on these stages:
Note:
Some of the procedures described in this chapter must be performed on the target system. To perform these procedures, you must use a SuccessFactors account with administrator privileges.Preinstallation for the SuccessFactors connector involves registering a client application (that is, the SuccessFactors connector) with the target system so that the connector can access REST APIs. The preinstallation step includes client application registration, certificate generation, and obtaining clientid and client secret attributes.
Preinstallation involves performing the following tasks on the target system:
Note:
The detailed instructions for performing these preinstallation tasks are available in SuccessFactors product documentation at https://support.sap.com/documentation.html/Certificate.pem
file gets generated.You must install the connector in Oracle Identity Manager. If necessary, you can also deploy the connector in a Connector Server.
The following topics provide details on installing the connector:
You can run the connector code either locally in Oracle Identity Manager or remotely in a Connector Server.
Depending on where you want to run the connector code (bundle), the connector provides the following installation options:
Run the connector code locally in Oracle Identity Manager.
In this scenario, you deploy the connector in Oracle Identity Manager. Deploying the connector in Oracle Identity Manager involves performing the procedures described in Running the Connector Installer and IT Resource Parameters.
Run the connector code remotely in a Connector Server.
In this scenario, you deploy the connector in Oracle Identity Manager, and then, deploy the connector bundle in a Connector Server. See Using an Identity Connector Server in Oracle Fusion Middleware Developing and Customizing Applications for Oracle Identity Manager for information about installing, configuring, and running the Connector Server, and then installing the connector in a Connector Server.
When you run the Connector Installer, it automatically copies the connector files to directories in Oracle Identity Manager, imports connector XML files, and compiles adapters used for provisioning.
To run the Connector Installer:
An IT resource for your target system is created after you install the connector. You configure this IT resource to enable the connector to connect Oracle Identity Manager with your target system.
The following topics are discussed in this section:
An IT resource is composed of parameters that store connection and other generic information about a target system. Oracle Identity Manager uses this information to connect to a specific installation or instance of your target system.
The IT resource for the target system contains connection information about the target system. Oracle Identity Manager uses this information during provisioning and reconciliation.
The SuccessFactors IT resource is automatically created when you run the Connector Installer. You must specify values for the parameters as follows:
Postinstallation for the connector involves configuring Oracle Identity Manager, enabling logging to track information about all connector events, and configuring SSL. It also involves performing some optional configurations such as localizing the user interface.
The postinstallation tasks are divided across the following sections:
You must create a UI form and an application instance for the resource against which you want to perform reconciliation and provisioning operations. In addition, you must run entitlement and catalog synchronization jobs.
These procedures are described in the following sections:
You must create and activate a sandbox to begin using the customization and form management features. You can then publish the sandbox to make the customizations available to other users.
You can use Form Designer in Oracle Identity System Administration to create and manage application instance forms.
Create an application instance as follows. For detailed instructions, see Managing Application Instances in Oracle Fusion Middleware Administering Oracle Identity Manager.
You can populate Entitlement schema from child process form table, and harvest roles, application instances, and entitlements into catalog. You can also load catalog metadata.
During a user provisioning operation, the target system requires a few mandatory fields. When these fields, which are required to be mandatory in the target system, are not mandatory fields in the Oracle Identity Manager, in such a scenario the provisioning operation will not be successful.
For the provisioning operation to be successful, you need to edit an existing field in the Oracle Identity Manager and make it mandatory. Using the Form Designer, you can modify fields and update them from an optional type to a mandatory type.
Note:
When you perform any changes in the Form Designer, you must create a new UI form and update the changes in an application instance.During a reconcile operation, the target system requires a few mandatory fields to be present in Oracle Identity Manager. The reconciliation operation will not be successful when these mandatory fields are not present in Oracle Identity Manager.
For the reconciliation operation to be successful, you need to edit an existing field in the Oracle Identity Manager and make it mandatory. Using Design Console and Resource Objects, you can modify fields and update them from an optional type to a mandatory type.
To edit an existing field:
You can localize UI form field labels by using the resource bundle corresponding to the language you want to use. Resource bundles are available in the connector installation media.
When you deploy the connector, the resource bundles are copied from the resources directory on the installation media into the Oracle Identity Manager database. Whenever you add a new resource bundle to the connectorResources directory or make a change in an existing resource bundle, you must clear content related to connector resource bundles from the server cache.
Oracle Identity Manager uses the Oracle Diagnostic Logging (ODL) logging service for recording all types of events pertaining to the connector.
The following topics provide detailed information about logging:
When you enable logging, Oracle Identity Manager automatically stores in a log file information about events that occur during the course of provisioning and reconciliation operations. ODL is the principle logging service used by Oracle Identity Manager and is based on java.util.Logger. To specify the type of event for which you want logging to take place, you can set the log level to one of the following:
SEVERE.intValue()+100
This level enables logging of information about fatal errors.
SEVERE
This level enables logging of information about errors that might allow Oracle Identity Manager to continue running.
WARNING
This level enables logging of information about potentially harmful situations.
INFO
This level enables logging of messages that highlight the progress of the application.
CONFIG
This level enables logging of information about fine-grained events that are useful for debugging.
FINE, FINER, FINEST
These levels enable logging of information about fine-grained events, where FINEST logs information about all events.
Table 2-2 Log Levels and ODL Message Type:Level Combinations
Java Level | ODL Message Type:Level |
---|---|
SEVERE.intValue()+100 |
INCIDENT_ERROR:1 |
SEVERE |
ERROR:1 |
WARNING |
WARNING:1 |
INFO |
NOTIFICATION:1 |
CONFIG |
NOTIFICATION:16 |
FINE |
TRACE:1 |
FINER |
TRACE16 |
FINEST |
TRACE32 |
The configuration file for OJDL is logging.xml, which is located at the following path: DOMAIN_HOME/config/fmwconfig/servers/OIM_SERVER/logging.xml
Here, DOMAIN_HOME
and OIM_SEVER
are the domain name and server name specified during the installation of Oracle Identity Manager.