1. Configuring the Salesforce Application
  2. Upgrading the Salesforce Connector

7 Upgrading the Salesforce Connector

If you have already deployed the 11.1.1.5.0 or 12.2.1.3.0 version of the Salesforce connector, then you can upgrade the connector to version 12.2.1.3.0 by uploading the new connector JAR files to the Oracle Identity Manager database.

Note:

Before you perform the upgrade procedure:

  • It is strongly recommended that you create a backup of the Oracle Identity Manager database. Refer to the database documentation for information about creating a backup.

  • As a best practice, perform the upgrade procedure in a test environment initially.

  • Salesforce 12.2.1.3.1 is a REST base connector.

The following sections discuss the procedure to upgrade the connector:

7.1 Preupgrade Steps

Preupgrade steps for the connector involves performing a reconciliation run to fetch records from the target system, defining the source connector in Oracle Identity Manager, creating copies of the connector if you want to configure it for multiple installations of the target system, and disabling all the scheduled jobs.

Perform the following preupgrade steps:

  1. Perform a reconciliation run to fetch all latest updates to Oracle Identity Manager.
  2. Perform the preupgrade procedure documented in Managing Connector Lifecycle in Oracle Fusion Middleware Administering Oracle Identity Manager.
  3. Define the source connector (an earlier release of the connector that must be upgraded) in Oracle Identity Manager. You define the source connector to update the Deployment Manager XML file with all customization changes made to the connector. See Managing Connector Lifecycle in Oracle Fusion Middleware Administering Oracle Identity Manager for more information.
  4. If required, create the connector XML file for a clone of the source connector.
  5. Disable all the scheduled jobs.

7.2 Upgrade Steps for CI Installation

This topic provides detailed steps for upgrading the Salesforce 12.2.1.3.0 to Salesforce 12.2.1.3.1 CI Upgrade for both Target and Trusted. The steps are applicable for upgrading steps from Salesforce 11.1.1.5.0 to Salesforce 12.2.1.3.1 CI Upgrade for Target and Trusted.

This is a summary of the procedure to upgrade the connector for both staging and production environments.

Depending on the environment in which you are upgrading the connector, perform one of the following steps:

Depending on the environment in which you are upgrading the connector, perform one of the following steps:

  • Staging Environment

    Perform the upgrade procedure by using the wizard mode.

    Note:

    Do not upgrade IT resource type definition. In order to retain the default setting, you must map the IT resource definition to "None".

  • Production Environment

    Perform the upgrade procedure by using the silent mode.

See Managing Connector Lifecycle in Oracle Fusion Middleware Administering Oracle Identity Manager for detailed information about the wizard and silent modes.

7.3 Upgrade Steps for AOB

The steps to upgrade for Salesforce 12.2.1.3.0 to Salesforce 12.2.1.3.1 AOB Upgrade for Target and Auth are as follows:

See Managing Connector Lifecycle Managing Application OnBoardingin Oracle Fusion Middleware Administering Oracle Identity Manager

.
  1. Update APP_TEMPLATE table. Under the DATA column, modify the XML as given below:
    • Update Bundle Name: genericscim to genericrest
    • Update Connector Name: GenericSCIMConnector to GenericRESTConnector

    Perform these steps for both Target and Trusted XML.

  2. Upgrade AOB through the wizard mode as follows:
    1. Log in to Identity Console and navigate to Applications under Manage tab.
    2. Click Connector Upgrade.
  3. Target Basic and Advance Configuration: Both target and trusted Salesforce applications are upgraded in a single go. First, all the differences of the target type are shown and then authoritative. On this Target Basic Information schema page, basic and advanced configurations differences are shown. A check box is provided for each property to select or deselect.
    For example, if the user has checked the removed basic property, this property will be removed from all the applications of this type of connector. Similarly, you can choose for advance configurations as well. Click Next.
  4. Target Schema: All the changes related to the parent schema such as the addition of new schema attributes or removal of schema attributes is shown here. Changes in child forms, if any are also shown here. You have the flexibility of choosing the applicable changes. Click Next.
  5. Target Reconciliation and Provisioning Settings: The changes related to addition or removal of jobs is shown here. Changes in the old job configuration such as addition or removal of job parameters is also visible here. In the current example, a new job parameter called Permission Sets Lookup Name is added to the existing Salesforce Target Recon job. Also, a new Salesforce Target New Job is added.
  6. Authoritative Basic and Advance Configuration: In this Authoritative Basic Information schema page, the basic and advanced configurations differences are shown. A check box is provided for each property in which you can select or deselect.
    For example, if you check the removed basic property, then this property will be removed from all the applications of this type of connector. Similarly, you can choose for advance configurations as well. Click Next.
  7. Authoritative Schema: All the changes related to parent schema such as the addition of new schema attributes or removal of schema attributes is shown here. Changes in child forms if any are also shown here. You have the flexibility of choosing the applicable changes. Click Next.
  8. Summary: On this review screen all the checked changes are shown. Also, all the impacted apps of both trusted and target are also shown. After clicking Upgrade, you will be taken to the Upgrade Status screen where you can see the status of each and individual apps.

Note:

For details on the updated Basic Configuration, schema attribute and Reconciliation jobs, see the topic Configuring the Salesforce Connector.

7.4 Postupgrade Steps for CI Installation

The post upgrade steps involve uploading new connector JAR files, configuring the upgraded IT resource of the source connector, deploying and reconfiguring the Connector Server, and deleting duplicate entries for lookup definitions.

Note:

If you have not retained the customizations, you must reapply them after you upgrade the connector .The Postupgrade steps involve uploading new connector JAR to the Oracle Identity Manager database.
  1. Delete the old Connector JARs. Run the Oracle Identity Manager Delete JARs ($ORACLE_HOME/bin /DeleteJars.sh) utility to delete the existing ICF bundle org.identityconnectors.genericscim-1.0.11150.jar from the Oracle Identity Manager database.
    When you run the Delete JARs utility, you are prompted to enter the login credentials of the Oracle Identity Manager administrator, URL of the Oracle Identity Manager host computer, context factory value, type of JAR file being deleted, and the name of the JAR file to be removed. Specify 4 as the value of the JAR type.
  2. Upload the new connector JARs:
    1. Run the Oracle Identity Manager Upload JARs ($ORACLE_HOME/bin/UploadJars.sh) utility to upload the connector JARs.
    2. Upload the org.identityconnectors.genericrest-12.3.0.jar bundle as an ICF Bundle. Run the Oracle Identity Manager Upload JARs utility to post the new ICF bundle org.identityconnectors.genericrest-12.3.0.jar file to the Oracle Identity Manager database.
      When you run the Upload JARs utility, you are prompted to enter the login credentials of the Oracle Identity Manager administrator, URL of the Oracle Identity Manager host computer, context factory value, type of JAR file being uploaded, and the location from which the JAR file is to be uploaded. Specify 4 as the value of the JAR type.
  3. Restart Oracle Identity Manager.
  4. If the connector is deployed on a Connector Server, then:
    1. Stop the connector server.
    2. Replace the existing bundle JAR file org.identityconnectors.genericscim-1.0.1115.jar with the new bundle JAR file org.identityconnectors.genericrest-12.3.0.jar.
    3. Start the connector server.

    Note:

    The detailed steps for Salesforce 12.2.1.3.0 to Salesforce 12.2.1.3.1 CI Upgrade for Target and Trusted, or steps for Salesforce 11.1.1.5.0 to Salesforce 12.2.1.3.1 CI Upgrade for Target and Trusted.

  5. Upgrading the connector will generate the duplicate entries in the Lookups, you must manually delete these duplicate entries and extra entries.

    The below given lookups will update as shown:

    • Lookup.Salesforce.Configuration
    • Lookup.Salesforce.UM.ProvAttrMap
    • Lookup.Salesforce.UM.ReconAttrMap
    • Lookup.Salesforce.Configuration.Trusted
  6. Run the following lookup Recon:
    1. Salesforce Group Lookup Reconciliation
    2. Salesforce Profile Lookup Reconciliation
    3. Salesforce PermissionSet Lookup Reconciliation
    4. Salesforce Role Lookup Reconciliation
    5. Salesforce Territory Lookup Reconciliation
  7. Create a new version of the process form.
  8. Run Form Upgrade Job.
  9. Perform full reconciliation.

7.5 Post upgrade steps for AOB

Note:

You must follow the steps from 1 to 4 provided in the section Postupgrade Steps for CI Installation and then continue to follow the below steps.:

The post upgrade steps for AOB are as follows:

  1. Execute UpgradeScimToRest.sh. For details, see Salesforce Upgrade Script for AOB
  2. Verify your Target Application Basic Configuration , Advanced Settings Parameters should be manual updated as per the details in Table 3-1 Table 3-2.

    For Target Application follow below steps

  3. Verify your Target Application schema Target Attribute (Salesforce User and Child-Groups)should update as per the details inTable 3-4.
  4. Create a new form and add to the upgraded Target application.
  5. Publish a new sandbox.
    Before Running Lookup jobs make sure to update the below mentioned changes:
    • Change the Application Name to the one you are using for Salesforce Territory Lookup Reconciliation.
    • Change the Application Name to the one you are using for Salesforce Permission Set Lookup Reconciliation.
    • Change the Application Name to the one you are using for Salesforce Role Lookup Reconciliation.
    • Change the Salesforce Group Lookup Reconciliation Object Type to __GROUPLKP__
    • Change the Salesforce Profile Lookup Reconciliation Object Type to __PROFILE__
    • Change the Application Name to the one you are using for Salesforce Full User Reconciliation.
  6. Run the Form Upgrade Job.
  7. Perform full reconciliation.
  8. Delete the older Salesforce User Reconciliation job.
    For Authoritative Application follow below steps
  9. Verify if your Authoritative Application schema Target Attributes is updates as per the details in TableTable 3-9 for Perform full reconciliation.

7.6 Salesforce Upgrade Script for AOB

The upgrade of Salesforce SCIM to REST AOB requires that you execute the upgrade script for both Connector Name and Bundle Name. Update for cURL script is available for Salesforce-12.2.1.3.1 Connector Upgarde\UpgradeScimToRest.shPrerequisites are provided below:

Before running this script update the config.properties file as per README.

Note:

Curl must be present in system.
  1. Filling in the config.properties File.

    Using a text editor, edit the file config.properties located in the directory: ORACLE_HOME/idm/server/ConnectorDefaultDirectory/Salesforce-12.2.1.3.1/Upgrade and update the following parameters and save it. 

    #OIG ADMIN username (ex: xelsysadm)
    OIG.admin.username=xelsysadm
    #OIG ADMIN password
    OIG.admin.password=Welcome1
    OIG.host=Localhost
    #OIG Host address (ex: IP address or domain)
    
                              
    #OIG Port number (ex: 14000)
    OIG.port=14000
    
                              
    #OIG SSL option,(ex: true or false)in lowercase
    OIG.ssl.enabled=false
    
                           
    2. 
                           
  2. Run the UpgradeScimToRest.sh file
                              
    Execute UpgradeScimToRest.sh (on UNIX) and you must run the script in a shell environment using the following command:
                              
    sh UpgradeScimToRest.sh
    3.