2 Integrating GoToMeeting with OIG AD Connector

In this integration, the user management operations are implemented in the Admin Center by using Microsoft Active Directory as a middleware. The OIG AD connector and GoToMeeting AD connector help in synchronizing GoToMeeting user attributes between Oracle Identity Governance, Microsoft Active Directory, and GoToMeeting directory services.

This chapter contains the following sections:

• Certified Components for the OIG AD Connector Integration

• Usage Recommendation for the OIG AD Connector Integration

• Operations Supported by the OIG AD Connector Integration

• Architecture of the OIG AD Connector Integration

• Deploying and Using the OIG AD Connector and GoToMeeting AD Connector

Note:

For detailed information on the OIG AD connector (such as certified languages, supported connector features, and so on), see About the Microsoft Active Directory User Management Connector in Oracle Identity Governance Configuring the Microsoft Active Directory User Management Application.

2.1 Certified Components for the OIG AD Connector Integration

These are the software components and their versions required for integrating Oracle Identity Governance with GoToMeeting using the OIG AD connector.

Note:

If you are using Oracle Identity Manager release 11.1.x, then you can install and use the connector only in the CI-based mode. If you want to use the AOB application, then you must upgrade to Oracle Identity Governance release 12.2.1.3.0.

Table 2-1 Certified Components for the OIG AD Connector Integration

Component	Requirement for AOB Application	Requirement for CI-Based Connector
Oracle Identity Governance or Oracle Identity Manager	You can use any one of the following releases: Oracle Identity Governance release 12c PS4 (12.2.1.4.0) Oracle Identity Governance 12c (12.2.1.3.0)	You can use one of the following releases of Oracle Identity Governance or Oracle Identity Manager: Oracle Identity Governance release 12c PS4 (12.2.1.4.0) Oracle Identity Governance 12c (12.2.1.3.0) Oracle Identity Manager 11g Release 2 PS3 BP06 (11.1.2.3.6)
Target system	GoToMeeting Admin Center	GoToMeeting Admin Center
Oracle Identity Governance Connector for Microsoft Active Directory User Management	12.2.1.3.0	12.2.1.3.0
GoToMeeting Active Directory Connector	1.5.1.68	1.5.1.68

2.2 Usage Recommendation for the OIG AD Connector Integration

These are the recommendations for the OIG AD connector versions that you can deploy and use depending on the Oracle Identity Governance or Oracle Identity Manager version that you are using.

• If you are using Oracle Identity Governance release 12c (12.2.1.3.0) or later, then use the latest 12.2.1.x version of the OIG AD connector. Deploy the connector using the Applications option on the Manage tab of Identity Self Service.

• If you are using the Oracle Identity Manager release listed in the “Requirement for CI-Based Connector” column in Certified Components for the OIG AD Connector Integration, then use the 11.1.x version of the connector. If you want to use the 12.2.1.x version of this connector, then you can install and use it only in the CI-based mode. If you want to use the AOB application, then you must upgrade to Oracle Identity Governance release 12c (12.2.1.3.0) or later.

  Note:

  If you are using the latest 12.2.1.x version of this connector in the CI-based mode, then see Oracle Identity Manager Connector Guide for Microsoft Active Directory User Management, Release 11.1.1 for complete details on connector deployment, usage, and customization.

2.3 Operations Supported by the OIG AD Connector Integration

These are the user management operations supported by integrating GoToMeeting with Oracle Identity Governance using the OIG AD connector.

Table 2-2 Supported Connector Operations for the OIG AD Connector Integration

Operation	Supported?
User Management
Create user	Yes
Update user	Yes
Delete user	Yes
Enable user	Yes
Disable user	Yes

2.4 Architecture of the OIG AD Connector Integration

In this implementation, Microsoft Active Directory is used as a target (managed) resource of the identity data for Oracle Identity Governance.

The following connectors are used to synchronize data between Oracle Identity Governance and the Admin Center:

• Oracle Identity Governance Connector for Microsoft Active Directory User Management

  The OIG AD connector allows synchronization of user information between Oracle Identity Governance and AD, and is configured to run in the account management mode. This mode enables the following operations:

  • Provisioning

    Provisioning involves creating, updating, or deleting users on AD through Oracle Identity Governance. When you allocate (or provision) a Microsoft Active Directory resource to an Oracle Identity Governance User, the operation results in the creation of an account on Microsoft Active Directory for that user. In the Oracle Identity Governance context, the term provisioning is also used to mean updates made to the AD account through Oracle Identity Governance.

  • Target resource reconciliation

    In target resource reconciliation, data related to newly created and modified accounts on AD can be reconciled and linked with existing Oracle Identity Governance Users and provisioned resources. To perform target resource reconciliation, the Active Directory User Target Reconciliation scheduled job is used.

  See Connector Architecture in Oracle Identity Governance Configuring the Microsoft Active Directory User Management Application.

• GoToMeeting Active Directory Connector

  GoToMeeting uses a lightweight AD connector behind the firewall to synchronize user information between AD and GoToMeeting directory services. These user accounts are included as members of a Microsoft Active Directory group (specified as values of the AD Sync Group attribute of AD), which is used for synchronizing the accounts from AD to the Admin Center through the GoToMeeting AD connector scheduled task.

  For details on the GoToMeeting AD connector, visit the GoToMeeting website at https://www.gotomeeting.com/, navigate to Support, and search for Active Directory Connector.

Figure 2-1 depicts the components used for integrating Oracle Identity Governance with GoToMeeting using the OIG AD connector.

Figure 2-1 Architecture of the OIG AD Connector Integration

Description of "Figure 2-1 Architecture of the OIG AD Connector Integration"

As shown in Figure 2-1, AD is configured as a target resource of Oracle Identity Governance. The OIG AD connector is a .NET framework-based connector that is implemented using the Identity Connector Framework (ICF) component. The ICF component provides basic reconciliation and provisioning operations that are common to all Oracle Identity Governance connectors. In addition, ICF provides common features that developers would otherwise need to implement on their own, such as connection pooling, buffering, time outs, and filtering. ICF is distributed together with Oracle Identity Governance. Therefore, you do not need to configure or modify ICF.

This implementation enables provisioning of User accounts on the target system through the following two-step process:

1. The OIG AD connector creates or updates user accounts in AD through the provisioning operations that are performed on Oracle Identity Governance.

2. The GoToMeeting AD connector automates provisioning of the user accounts by fetching the attributes from AD and then synchronizing the data with the Admin Center through the GoToMeeting AD connector scheduled task. Based on the data fetched from AD, the user accounts are automatically created or updated in the Admin Center.

Through reconciliation, account data that is created and updated directly on AD is fetched into Oracle Identity Governance and stored against the corresponding Oracle Identity Governance Users.

2.5 Deploying and Using the OIG AD Connector and GoToMeeting AD Connector

As a prerequisite for Oracle Identity Governance to communicate with Microsoft Active Directory and GoToMeeting, the OIG AD connector and GoToMeeting AD connector must be deployed and configured at the back end.

You deploy the OIG AD connector using the application onboarding capability of Identity Self Service. The detailed instructions for deploying and using the OIG AD connector is available in Oracle Identity Governance Configuring the Microsoft Active Directory User Management Application. For more information, see the following sections of the guide:

• Creating an Application By Using the Microsoft Active Directory User Management Connector for onboarding applications using the connector and the prerequisites for doing so

• Configuring the Microsoft Active Directory User Management Connector for configuring basic configuration and advanced settings parameters, attribute mappings, predefined correlation rules, situations and responses, and reconciliation jobs

• Performing the Postconfiguration Tasks for the Microsoft Active Directory User Management Connector for performing necessary tasks after creating an application

• Using the Microsoft Active Directory User Management Connector for understanding the guidelines on using the connector, performing connector operations, and uninstalling the connector

• Extending the Functionality of the Microsoft Active Directory User Management Connector for extending the functionality of the connector to address your specific requirements

The procedure for deploying and using the GoToMeeting AD connector is available in the GoToMeeting product documentation. For the detailed instructions on deploying and using the GoToMeeting AD connector, visit the GoToMeeting website at https://www.gotomeeting.com/, navigate to Support, and search for Active Directory Connector.