Prepare Oracle Applications Cloud to Connect with Microsoft Active Directory
Follow this procedure to configure the Bridge for Microsoft Active Directory. Sign in to Oracle Applications Cloud environment as an administrator with the IT Security Manager (ORA_FND_IT_SECURITY_MANAGER_JOB) role.
-
Click
. -
On the Administration page, click the Bridge for Active Directory tab.
-
Click Configuration.
-
Expand the Base Configuration section and provide the following details:
Field
Description
Source of Truth
Select the source, such as Oracle Fusion Applications or Active Directory.
Synchronization Interval (Hours)
Enter the time interval (in hours) that the bridge uses to begin synchronization automatically. The default value is 1 hour.
Synchronization Paging Size
Enter the number of accounts that are synchronized in a single operation. The default value is 100 records.
Synchronization Error Threshold
Enter the maximum number of errors that can occur during synchronization. When the limit is reached, synchronization fails and stops. By default, synchronization stops after 50 errors have occurred.
Scheduler
Specify whether you want to automatically schedule synchronizations. If enabled, the synchronizations will run automatically as per the specified schedule and interval.
Role Integration
Specify whether you want to use role integration. It is applicable when Active Directory is the source. When enabled, the synchronization will read groups the users are directly or indirectly assigned to in Active Directory. If a user has been assigned to or removed from a group of the group mapping, the corresponding user in Oracle Applications Cloud will be added to or removed from the corresponding mapped role in Oracle Applications Cloud.
Reset APPID Password
Enter a new password. During synchronization, this password is used by the bridge to connect to Oracle Applications Cloud.
-
Expand the Logging Configuration section and provide the following details:
Field
Description
File Name
Enter the name of the log file. This file is created in the Active Directory folder on the computer where the Active Directory bridge is installed. The default value is
ad_fa_synch.log
Log Level
Specify the level at which messages must be logged during synchronization. The default level is set to Information.
Maximum Log Size
Specify the maximum size of the log file. The default value is 4 GB. When the maximum size is reached, a new log file is created.
-
Expand the Active Directory Configuration section and provide the following details. The bridge uses this information to connect to the Active Directory server.
Field
Description
Host
Enter the host address of the Active Directory server.
Port
Enter the port of the Active Directory server. The default non-SSL port is 389.
Enable SSL
Select this option for secure communication with the Active Directory server. When you select this option, the default port changes to 636.
Synchronization Strategy
Select the algorithm that must be used for synchronization. You can select Directory Synchronization or Update Sequence Number. The default value is Directory Synchronization.
Note:If you change the sequence number after the initial configuration, the synchronization process resets.
User Base DN
Enter the distinguished name of the location in your Active Directory where the user accounts are created or retrieved by the bridge.
Search Base
Enter the same value as the User Base DN.
User Search Filter
Enter the LDAP query that's used by the bridge to retrieve the user account objects from the Active Directory. For example,
(&(objectClass=user)(!(objectClass=computer)))
.Group Base DN
Enter the distinguished name of the location in your Active Directory from where the bridge fetches the groups.
Note:This field is applicable only when Active Directory is the source.
Group Search Filter
Enter the LDAP query that's used to fetch roles from your Active Directory server. For example, (objectClass=group).
Note:This field is applicable only when Active Directory is the source.
-
Expand the Network Proxy Configuration section and provide the details.
Note:Provide these details only when Active Directory is the source, and the bridge uses a proxy to connect to the Active Directory server.
Field
Description
Enable Proxy Settings
Select this option to enable communication through a proxy between Oracle Applications Cloud and your Active Directory bridge. Use this option when you need to connect from an isolated network host.
Host
Enter a host name and address for the proxy.
Port
Enter a port for the proxy.
Enable SSL
Select this option for secure communication with the proxy.
-
Expand the Heartbeat section and update the following details.
Field
Description
Heartbeat Interval
Enter the time interval, in seconds, at which heartbeat notifications are sent from the bridge to Oracle Applications Cloud to signal that the bridge is active. It is set to 60 seconds by default.
-
Click Save and click OK.