2 Creating an Application By Using the Microsoft Exchange Connector
Learn about onboarding applications using the connector and the prerequisites for doing so.
2.1 Process Flow for Creating an Application By Using the Connector
From Oracle Identity Governance release 12.2.1.3.0 onward, connector deployment is handled using the application onboarding capability of Identity Self Service.
Figure 2-1 is a flowchart depicting high-level steps for creating an application in Oracle Identity Governance by using the connector installation package.
Figure 2-1 Overall Flow of the Process for Creating an Application By Using the Connector
Description of "Figure 2-1 Overall Flow of the Process for Creating an Application By Using the Connector"
2.2 Prerequisites for Creating an Application By Using the Connector
Learn about the tasks that you must complete before you create the application.
2.2.1 Downloading the Connector Installation Package
You can obtain the installation package for your connector on the Oracle Technology Network (OTN) website.
2.2.2 Installing and Configuring the Connector Server
The connector server can either be installed on the same computer as that of the Exchange Server or on a different computer in the same domain as that of the Exchange Server.
This section contains the following topics:
2.2.2.1 Prerequisites for the Connector Server
The following prerequisites and requirements must be met for the connector server:
-
The computer hosting the connector server must have Intel Dual-Core Processor, 2 GHz with 4 GB RAM or a computer with similar configuration.
If you have a computer dedicated to the connector server, then 2 GB RAM is sufficient.
-
Before you install the connector server, ensure that you have installed .NET Framework 4.0 or later on the same computer where you are installing the connector server.
The .NET connector server need not be installed on the Exchange server target system. It can be installed either on the Exchange server or on a system that belongs to the same domain as that of the Exchange server.
2.2.2.2 Installing the Connector Server
You must install the .NET Connector Server by downloading the Connector Server package from the Oracle Technology Network site and running the ServiceInstall-version.msi
file.
To install, configure, and run the Connector Server, see Using the Microsoft .NET Framework Connector Server in Oracle Fusion Middleware Developing and Customizing Applications for Oracle Identity Governance.
2.2.2.3 Enabling Logging
The Exchange connector uses the built-in logging mechanism of the .NET framework. Logging for the Exchange connector is not integrated with Oracle Identity Governance. The log level is set in the .NET connector server configuration file (ConnectorServer.exe.config).
By default, logging is not enabled for the connector. To enable logging:
2.2.2.4 Configuring Log File Rotation
Information about events that occur during the course of reconciliation and provisioning operations are stored in a log file. As you use the connector over a period time, the amount of information written to a log file increases. If no rotation is performed, then log files become huge.
To avoid such a scenario, perform the procedure described in this section to configure rotation of the log file.
To configure rotation of a log file on a daily basis:
See Also:
The following URL for more information about configuring log file rotation:
http://msdn.microsoft.com/en-us/library/microsoft.visualbasic.logging.filelogtracelistener.aspx
2.2.3 Deploying the Connector Bundle on the Connector Server
To deploy the connector bundle on the connector server, you must copy and extract the connector bundle to the connector server and then configure the IT resource for the connector server.
2.2.3.1 Copying and Extracting the Connector Bundle to the Connector Server
To copy and extract the connector bundle to the Connector Server:
Note:
If a single connector server is used for both Active Directory and Exchange connectors, and if the Connector Server already has the Active Directory connector DLL, do not update Connector Server with Active Directory connector DLL provided as part of the Exchange connector bundle ZIP file.
- Stop the Connector Server.
- From the installation media, copy and extract the contents of the
bundle/Exchange.Connector-12.3.0.0.zip
file to the CONNECTOR_SERVER_HOME directory. - Start the Connector Server.
2.2.3.2 Creating the IT Resource for the Connector Server
Create the IT resource for the connector server from Identity System Administration.
To create the IT resource:
- Log in to Identity System Administration, and then in the left pane, under Provisioning Configuration, click IT Resource.
- On the Manage IT Resources page, click the Create icon.
- On the Create IT Resource page:
2.2.4 Creating a Target System User Account for Connector Operations
Oracle Identity Governance requires a target system user account to connect to and access the target system during reconciliation and provisioning operations. You must create this target system user account with appropriate permissions for connector operations.
The following is the minimum privilege required for an Exchange 2016 service account to manage recipients (UserMailbox and MailUser):
The service account must be a member of Recipient Management group.
For more information, see https://docs.microsoft.com/en-us/Exchange/permissions/permissions?view=exchserver-2016.
2.2.5 Creating the Parent Application
Before you create the application for your Exchange target system, you must create its parent application, which is the application for the Microsoft Active Directory target system, in Oracle Identity Governance.
2.3 Creating an Application By Using the Connector
You can onboard an application into Oracle Identity Governance from the connector package by creating a Target application. To do so, you must log in to Identity Self Service and then choose the Applications box on the Manage tab.
Note:
For detailed information on each of the steps in this procedure, see Creating Applications of Oracle Fusion Middleware Performing Self Service Tasks with Oracle Identity Governance.
- Create an application in Identity Self Service. The high-level steps are as follows:
- Log out of and log in to Identity Self Service, and then verify reconciliation and provisioning operations on the newly created application.
See Also:
-
Setting Up Remote Mailbox Provisioning for an AOB Application for details on adding the Remote Routing Address and Recipient Type Details attributes to support Remote Mailbox provisioning from Oracle Identity Governance
-
Configuring the Microsoft Exchange Connector for details on basic configuration and advanced settings parameters, default user account attribute mappings, default correlation rules, and reconciliation jobs that are predefined for this connector
-
Configuring Oracle Identity Governance for details on creating a new form and associating it with your application, if you chose not to create the default form