| Oracle® Identity Manager Connector Framework Guide Release 9.0.3 Part Number B32376-01 |
|
|
View PDF |
| Oracle® Identity Manager Connector Framework Guide Release 9.0.3 Part Number B32376-01 |
|
|
View PDF |
An Oracle Identity Manager connector is used to integrate Oracle Identity Manager with a specific third-party application, such as Microsoft Exchange or Novell eDirectory. Oracle Identity Manager is packaged with a number of predefined connectors.
Note:
Oracle Identity Manager connectors were referred to as resource adapters prior to the acquisition of Thor Technologies by Oracle.In general, an XML file for a connector contains definitions of the connector components listed in the following table.
| Component | Description |
|---|---|
| Resource Object | This is a virtual representation of the target application on which you want to provision accounts. It is the parent record with which the provisioning process and process form are associated. |
| Provisioning Process | This process definition is used to create, maintain, and delete accounts on the target system. It consists of definitions of the individual tasks that are used to perform automated functions on the target system. Each connector is packaged with a single provisioning process. You can manually create additional provisioning processes. |
| Process Form | This form is used to provide information about user accounts to be created, updated, or deleted on the target system. This form is also used to capture data that can be used by provisioning process tasks or to provide a mechanism for users to provide real-time data.
This form is also extensively used when conducting reconciliation. The table structure associated with this form supports the archiving and auditing of user accounts on the target system. Each process form consists of field definitions required by a standard connector. If you require additional fields, then you can create another version of the form and add the required fields. Each connector is shipped with certain default process forms. You can manually create additional process forms. |
| IT Resource Type | This component is a template for all IT resource definitions associated with the connector. An IT resource type specifies the parameters that are common to all IT resource instances, such as host servers and computers, of that particular IT resource type.
The parameters specified in this definition are inherited by all IT resource definitions of that type. For example, the |
| Adapters | This includes all adapters that are required to perform common functions on the target application. Each adapter is predefined with certain mappings and functionality. These adapters are capable of interacting with the tasks in the provisioning process and the fields of the process form. |
| Scheduled Task (where applicable) | If the connector that you want to use is shipped with a predefined reconciliation module, then you are provided with a scheduled task definition. You use this component to control the frequency at which the target system is polled for changes to tracked data. |
Provisioning Process Tasks
The Provisioning Process component contains the predefined tasks (or their equivalents) listed in the following table.
| Provisioning Process Task | Purpose |
|---|---|
| Create User | Creates a new user account in the target application (provisions the user with an account) |
| Disable User | Temporarily disables a user account in the target application |
| Enable User | Reenables a disabled user account in the target application |
| Delete User | Deletes a user account in the target application (revoke the user's account) |
| Update User | Modifies the privileges or profile of a user account in the target application |
Some of these tasks are also preconfigured with the process task adapter that automates their function on the target system. Before you complete the deployment of a connector, you must examine the default functionality and variable mappings of these adapters to ensure that they interact with your target system as required.
Reconciliation-Related Provisioning Process Tasks
In addition to the tasks listed in the earlier section, the Provisioning Process component also contains the reconciliation-related tasks listed in the following table.
Note:
When Oracle Identity Manager receives a reconciliation event, all provisioning-related tasks within the provisioning process are suppressed and the relevant reconciliation-related task is inserted.| Provisioning Process Task (Reconciliation-Related) | Purpose |
|---|---|
| Reconciliation Insert Received | This task is inserted into the Provisioning Process instance associated with the user when Oracle Identity Manager determines that the reconciliation event received from the target system represents the creation of a user account.
In addition, the information in the reconciliation event record is stored in the process form according to the mappings set on the provisioning process. |
| Reconciliation Update Received | This task is inserted into the Provisioning Process instance associated with the user when Oracle Identity Manager determines that the reconciliation event received from the target system represents the update of an existing user account.
In addition, the information in the reconciliation event record is stored in the process form according to the mappings set on the provisioning process. |
| Reconciliation Delete Received | This task is inserted into the Provisioning Process instance associated with the user when Oracle Identity Manager determines that the reconciliation event received from the target system represents the deletion of an existing user account. |
