2 Creating an Application By Using the Oracle Internet Directory Connector
Learn about onboarding applications using the connector and the prerequisites for doing so.
2.1 Process Flow for Creating an Application By Using the Connector
From Oracle Identity Governance release 12.2.1.3.0 onward, connector deployment is handled using the application onboarding capability of Identity Self Service.
Figure 2-1 is a flowchart depicting high-level steps for creating an application in Oracle Identity Governance by using the connector installation package.
Figure 2-1 Overall Flow of the Process for Creating an Application By Using the Connector
![Description of Figure 2-1 follows Description of Figure 2-1 follows](img/aob_highlevel_flow.png)
Description of "Figure 2-1 Overall Flow of the Process for Creating an Application By Using the Connector"
2.2 Prerequisites for Creating an Application By Using the Connector
Learn about the tasks that you must complete before you create the application.
2.2.1 Downloading the Connector Installation Package
You can obtain the installation package for your connector on the Oracle Technology Network (OTN) website.
2.2.2 Creating a Target System User Account for Connector Operations
The connector uses a target system account to connect to the target system during reconciliation and provisioning operations.
You must create a target system user account for performing the following functions.
-
Create, modify, and delete entries related to the managed objects, including accounts, groups, roles (if supported), and organizational units (ou).
-
Update passwords for users.
-
Use paging controls that have been configured in the IT resource.
Depending on the target system, create the specific target system account for connector operations as follows:
-
Create an admin user account on the ODSEE target system.
-
Create an admin user account on the OUD target system.
-
Create an admin user, admin group, and ACIs on the OID target system.
To perform this task, you must be an administrator on the OID target system who is familiar with command-line utilities such as
ldapsearch
andldapmodify
. If you prefer, you can also use Oracle Directory Services Manager to perform these functions.
The detailed instructions for performing these preinstallation tasks are available in the product documentation of the target system.
2.2.3 Configuring the Connector for LDAP Operation Timeouts
When an LDAP request is made by a client to a server and the server does not respond, the client waits forever for the server to respond until the TCP connection times out. On the client-side, you encounter read timed out exceptions while performing lookup field synchronization such as OID Connector Group Lookup Reconciliation. To avoid encountering such an issue, you must configure read and connect timeouts for your JNDI/LDAP service provider.
Note:
This is an optional procedure and is applicable only if you are using an OID target system.
Perform this procedure if you want to configure timeouts for the LDAP operations.
2.3 Creating an Application By Using the Connector
You can onboard an application into Oracle Identity Governance from the connector package by creating a Target application or an Authoritative application. To do so, you must log in to Identity Self Service and then choose the Applications box on the Manage tab.
Note:
For detailed information on each of the steps in this procedure, see Creating Applications of Oracle Fusion Middleware Performing Self Service Tasks with Oracle Identity Governance.
- Create an application in Identity Self Service. The high-level steps are as follows:
- Verify reconciliation and provisioning operations on the newly created application.
See Also:
-
Configuring the Oracle Internet Directory Connector for OID or Configuring the Oracle Internet Directory Connector for OUD, ODSEE, and LDAPv3-Compliant Directory Server for details on basic configuration and advanced settings parameters, default user account attribute mappings, default correlation rules, and reconciliation jobs that are predefined for this connector
-
Configuring Oracle Identity Governance for details on creating a new form and associating it with your application, if you chose not to create the default form