6 Using the Flat File Connector

You can use the connector for performing reconciliation and provisioning operations after configuring it to meet your requirements.

• Configuring Reconciliation

• Configuring Reconciliation Jobs

• Uninstalling the Connector

Note:

These sections provide both conceptual and procedural information about configuring the connector. It is recommended that you read the conceptual information before you perform the procedures.

6.1 Configuring Reconciliation

You can configure the connector to specify the type of reconciliation and its schedule.

This section provides information about the following topics related to configuring reconciliation:

• Performing Full and Incremental Reconciliation

• Performing Limited Reconciliation

6.1.1 Performing Full and Incremental Reconciliation

The connector supports full as well as incremental reconciliation of users, accounts, and entitlements.

• For users and accounts, any newly added file will be considered as a source for incremental data.

• For deleted users and accounts, if the enterprise target system does not support exporting only the deleted users, then you can use a diff-based approach to reconcile the deleted records into Oracle Identity Governance.

• For entitlements reconciliation, the reconciliation job for loading entitlements can be run in an incremental or full mode. See Providing Settings Information for a Disconnected Resource or Providing Settings Information for a Disconnected Resource for more information about the Flat File Entitlement job for entitlements loading and its parameters.

Full reconciliation involves reconciling all existing user records or accounts from the flat file into Oracle Identity Governance. Incremental reconciliation involves reconciling only user records or accounts that are added or modified after the time-stamp stored in the Latest Token parameter of the reconciliation job.

After you create the application, you must first perform full reconciliation. In addition, you can switch from incremental reconciliation to full reconciliation whenever you want to ensure that all enterprise target system records are reconciled in Oracle Identity Governance.

To perform a full reconciliation run, remove (delete) any value currently assigned to the Latest Token, Incremental Recon Attribute, and Filter parameters of the reconciliation jobs for Accounts Loader for reconciling accounts.

At the end of the reconciliation run, the Latest Token parameter of the reconciliation job for user record or account reconciliation is automatically set to the most recent value obtained from the parameter (for incremental recon) of the flat file. From the next reconciliation run onward, only records created or modified after this most recent value are considered for reconciliation.

6.1.2 Performing Limited Reconciliation

By default, all enterprise target system records that are added or modified after the last reconciliation run are reconciled during the current reconciliation run. You can customize this process by specifying the subset of added or modified enterprise target system records that must be reconciled.

The connector supports filters in the reconciliation jobs to fetch those records which match the filter criteria. The filter expression is also passed to custom parsers so that the records can be filtered at the parser level.

You can perform limited reconciliation by creating filters (for example, startsWith('userName','john')) for the reconciliation module. This connector provides a Filter parameter (a reconciliation job parameter) that allows you to use any of the Flat File resource attributes to filter the target system records.

See Checking for Filters for information about implementing filters in the custom parser.

For detailed information about ICF Filters, see ICF Filter Syntax of Developing and Customizing Applications for Oracle Identity Governance

Note:

You can use the __UID__ attribute name only with the equalTo filter.

6.2 Configuring Reconciliation Jobs

Configure reconciliation jobs to perform reconciliation runs that check for new information on your target system periodically and replicates the data in Oracle Identity Governance.

You can apply this procedure to configure the reconciliation jobs for users and entitlements.

To configure a reconciliation job:

1. Log in to Identity System Administration.
2. In the left pane, under System Management, click Scheduler.
3. Search for and open the scheduled job as follows:
   1. In the Search field, enter the name of the scheduled job as the search criterion. Alternatively, you can click Advanced Search and specify the search criterion.
   2. In the search results table on the left pane, click the scheduled job in the Job Name column.
4. On the Job Details tab, you can modify the parameters of the scheduled task:
   • Retries: Enter an integer value in this field. This number represents the number of times the scheduler tries to start the job before assigning the Stopped status to the job.
   • Schedule Type: Depending on the frequency at which you want the job to run, select the appropriate schedule type. See Creating Jobs in Oracle Fusion Middleware Administering Oracle Identity Governance.

   In addition to modifying the job details, you can enable or disable a job.

5. On the Job Details tab, in the Parameters region, specify values for the attributes of the scheduled task.

   Note:

   Values (either default or user-defined) must be assigned to all the attributes. If even a single attribute value is left empty, then reconciliation is not performed.

6. Click Apply to save the changes.

   Note:

   You can use the Scheduler Status page in Identity System Administration to either start, stop, or reinitialize the scheduler.

6.3 Uninstalling the Connector

Uninstalling the connector deletes all the account-related data associated with its resource objects.

If you want to uninstall the connector for any reason, then run the Uninstall Connector utility. Before you run this utility, ensure that you set values for ObjectType and ObjectValues properties in the ConnectorUninstall.properties file. For example, if you want to delete resource objects, scheduled tasks, and scheduled jobs associated with the connector, then enter "ResourceObject", "ScheduleTask", "ScheduleJob" as the value of the ObjectType property and a semicolon-separated list of object values corresponding to your connector (for example, ActiveDirectory User; ActiveDirectory Group) as the value of the ObjectValues property.

Note:

If you set values for the ConnectorName and Release properties along with the ObjectTypeand ObjectValue properties, then the deletion of objects listed in the ObjectValues property is performed by the utility and the Connector information is skipped.

For more information, see Uninstalling Connectors in Oracle Fusion Middleware Administering Oracle Identity Governance.