Shared Services Native Directory Migration Options
Migration Import Options
The following list describes Oracle Hyperion Shared Services import options:
-
Import Operation—Select an option:
-
Create—Creates users, groups, and roles if they do not exist in the target. If they exist in the target, the create operation fails. Augments group, role, and provisioning relationships.
-
Update—Updates users, groups, and roles. Replaces group, role, and provisioning relationships.
-
Create/Update—Attempts a create operation on each entity in the file. If the operation fails, an update operation is attempted.
-
Delete—Deletes the users, groups, and roles that are being imported. Deletes group, role, and provisioning relationships.
Note:
To delete a deactivated user, the user must be activated first before it can be deleted.
-
-
Max errors before stopping import—Specify the number of errors allowed before the import process is stopped.
CSV Files
The import source files are CSV files.
The CSV file format is a tabular data format that contains fields separated by commas and enclosed in double quotation marks. Oracle Hyperion Enterprise Performance Management System Lifecycle Management supports only Excel-compliant CSV files. The CSV files that Excel outputs differ from the standard CSV files:
-
Leading and trailing white space is significant.
-
Backslashes are not special characters and do not escape anything.
-
Quotation marks inside quoted strings are escaped with double quotation marks rather than backslashes.
Excel converts data before putting it in CSV format.
Conversions that Excel performs on CSV files:
-
Tabs are converted to single spaces.
-
New lines are always represented as "\n".
-
Numbers of greater than 12 digits are represented in truncated scientific notation form.
A separate CSV file is available for the following entities:
-
Users
-
Groups
-
Roles
-
Provisioning information
-
Delegated lists
Each section within a CSV file is identified by two mandatory lines: entity and header. The entity line is identified by a predefined entity name preceded by the # character. The header line follows the entity line. The header line is a comma-separated list of predefined attributes for the entity.
The order of attributes in the header line is insignificant. However, the data lines, which follow the header line, must present data in the order in which the header line presents attributes. If data is not to be specified, use a comma to indicate that a value is not to be set. The entity line, header line, and data lines provide the information required for processing.
Boundaries applied to create, update, and delete operations on CSV files:
-
Users, groups, and roles are processed one data line at a time.
-
Group members are processed with multiple data lines under one header and one parent group.
-
Role members are processed with multiple data lines under one header and one parent role.
-
User provisioning is processed with multiple data lines under one header and one group or user.
Error handling is based on the process boundaries. One error is counted for each failure in a process boundary.
See the sections below for sample CSV files and attribute information:
CSV File for Users
Sample CSV File for User#user
id,provider,login_name,first_name,last_name,description,email,internal_id,password,active
admin,Native Directory,admin,administrator,user,hss admin user,admin@hyperion.com,"native://DN=cn=911,ou=People,dc=css,dc=hyperion,dc=com?USER",{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=,trueIn this sample, the user CSV file is used to create the user admin in Native Directory with the login name admin, first name administrator, last name user, description hss admin user, e-mail id admin@hyperion.com, internal id "native://DN=cn=911,ou=People,dc=css,dc=hyperion,dc=com?USER", encrypted password {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=, and active true:
Note:
Plain-text passwords specified in the CSV file are encrypted.
Table J-3 User Entity Attributes
| Attribute | Description and Example |
|---|---|
|
User's ID
Example:
|
|
Optional: Name of the source user directory
Example:
|
|
User's login name
Example:
|
|
Optional: User's first name
Example:
|
|
Optional: User's last name
Example:
|
|
Optional: User description
Example:
|
|
Optional: User's email address
Example:
|
|
The autogenerated internal identity of the user
Example:
|
|
User's password
Example:
|
|
Indicates whether user is active (true) or not active (false)
Example:
|
CSV File for Groups
Sample CSV File for Group
#group
id,provider,name,description, internal_id
WORLD,Native Directory,WORLD,Contains all users,611In this sample, the group CSV file is used to create the WORLD group in Native Directory with the group ID WORLD, description Contains all users, and internal ID 611.
Table J-4 Group Entity Attributes
| Attribute | Description and Example |
|---|---|
|
Group identifier
Example:
|
|
Optional: Source user directory for the group
Example:
|
|
Group name
Example:
|
|
Optional: Group description
Example:
|
|
The autogenerated internal identity of the group
Example:
Note: Do not modify the internal ID column data in the exported content. |
CSV File for Roles
Sample CSV File for Role
#role
id,product_type,name,description
Viewer,hp–11.1.1,Viewer,ViewerIn this sample, the role CSV file is used to create an aggregated role in with role id Viewer for product HP–11.1.1 (Oracle Hyperion Planning, version 11.1.1), role name Viewer, and description Viewer. Product type indicates the product to which the aggregated role belongs.
Table J-5 Role Entity Attributes
| Attribute | Description and Example |
|---|---|
|
Role identifier
Example:
|
|
Product type (specified as
product code-product version
) to which the role belongs
Example:
|
|
Role name
Example:
|
|
Optional: Role description
Example:
|
CSV File for Provisioning
Sample CSV File for Provisioning
#provisioning
app_id,product_type,role_id,user_id,group_id
Planning,hp–11.1.1,Provisioning Manager,pturner,testgroupIn this sample, the provisioning CSV file is used to create a role assignment for application name Planning. The role ID is Provisioning Manager, which belongs to product type HP–11.1.1. User pturner and group testgroup are provisioned with this role.
Table J-6 Provisioning Entity Attributes
| Attribute | Description and Example |
|---|---|
|
The application to which the role belongs
Example:
|
|
Product type (specified as product code-product version) to which the role belongs
Example:
|
|
Unique role identifier
Example:
|
|
Unique identifier of a user who is provisioned to the role
Example:
|
|
Unique identifier of a group that is provisioned to the role
Example:
|
CSV File for Delegated Lists
Sample CSV File for Delegated List
#delegated list
id,name,description,manager_id,manager_provider,user_id,user_provider,group_id,group_provider
testlist,testlist,my_list,admin,Native Directory,,testGroup,NativeDirectorytestlist, and description my_list. User admin defined in Native Directory is the delegated administrator of this list, which allows admin to manage testGroup defined in Native Directory.
Table J-7 Delegated List Entity Attributes
| Attribute | Description and Example |
|---|---|
|
The list identifier, typically the same as the list name
Example:
|
|
Delegated list name
Example:
|
|
Delegated list description
Example:
|
|
Unique identifier of a user or group who manages the list. Each manager must be identified in a separate definition.
Example:
|
|
The user directory that stores the manager's account
Example:
|
|
Unique identifier of a user member of the list. Each member must be identified in a separate definition.
Example:
|
|
The user directory that stores the user member's account
Example:
|
|
Unique identifier of a group that is a member of the list. Each member must be identified in a separate definition.
Example:
|
|
The user directory that stores the group's account
Example:
|