6 Extending the Functionality of the Microsoft Exchange Connector
You can extend the functionality of the connector to address your specific business requirements.
6.1 Adding New Multivalued Fields
You can add multivalued fields for user reconciliation and provisioning between Oracle Identity Governance and the target system.
By default, the multivalued fields listed on the Schema page for your application in Identity Self Server are mapped for provisioning and reconciliation between Oracle Identity Governance and the target system. If required, you can add new multivalued fields for provisioning and reconciliation.
- Log in to Oracle Identity System Administration and create a lookup that can hold the list of values for the multivalued field that you want to add.
- Create a child form and add attributes as follows:
- Log in to Identity System Administration, create a new form and associate it with your application.
See Also:
-
Creating a Lookup Type in Oracle Fusion Middleware Administering Oracle Identity Governance for details about create lookups for your multivalued fields
-
Adding Child Forms in Oracle Fusion Middleware Performing Self Service Tasks with Oracle Identity Governance for information about creating a child form and adding attributes
-
Configuring Oracle Identity Governance for information about creating a new form and associating it with your application
6.2 Configuring Transformation and Validation of Data
Configure transformation and validation of user account data by writing Groovy script logic while creating your application.
You can configure transformation of reconciled single-valued user data according to your requirements. For example, you can use First Name and Last Name values to create a value for the Full Name field in Oracle Identity Governance.
Similarly, you can configure validation of reconciled and provisioned single-valued data according to your requirements. For example, you can validate data fetched from the First Name attribute to ensure that it does not contain the number sign (#). In addition, you can validate data entered in the First Name field on the process form so that the number sign (#) is not sent to the target system during provisioning operations.
To configure transformation or validation of user account data, you must write Groovy scripts while creating your application. For more information about writing Groovy script-based validation and transformation logic, see Validation and Transformation of Provisioning and Reconciliation Attributes of Oracle Fusion Middleware Performing Self Service Tasks with Oracle Identity Governance.
6.3 Configuring Action Scripts
Actions are scripts that you can configure to run before or after any provisioning operation. For example, you can run custom PowerShell scripts before or after creating, updating, or deleting a mailbox.
The following are topics pertaining to action scripts:
6.3.1 About Configuring Action Scripts
You can configure Action Scripts by writing your own PowerShell scripts while creating your application.
These scripts can be configured to run before or after the create, update, or delete an account provisioning operations. For example, you can configure a script to run before every mailbox creation operation.
For information on adding or editing action scripts, see Updating the Provisioning Configuration in Oracle Fusion Middleware Performing Self Service Tasks with Oracle Identity Governance.
Note:
The scripting language used is PowerShell.-
On the computer hosting the connector server, create the custom PowerShell script in a directory. This script should be self-sufficient, that is, it should be able to create, maintain, and delete sessions with the target Exchange server and complete all actions against it.
The batch file runs custom PowerShell script using the Powershell.exe program. For more information on Powershell.exe, see http://technet.microsoft.com/en-us/library/hh847736.aspx.
-
During various operations, there is a difference in terms of what data is available:
-
During create operations, all attributes part of the process form are available to the script.
-
During update operations, only the attribute that is being updated is available to the script.
If other attributes are also required, then you must create and use a new adapter calling
ICProvisioningManager# updateAttributeValues(String objectType, String[] labels)
. During adapter mapping in process task, add the form field labels of the dependent attributes. -
During delete operations, only the
__UID__ (GUID)
attribute is available to the script.
-