Description: Shows how to add an attribute to an Identity Connector Framework (ICF) OIM connector for reconciliation in general. The Database Application Tables (DBAT) 11.1.1.5.0 connector is used as an example. Refer to here for setting up the DBAT connector.
 |
| Reconciliation Event Data Flow: Target Data -> Recon Fields -> Process Form |
https://docs.oracle.com/cd/E22999_01/doc.111/e20277/extnd_func.htm#CDEJFECH
Prerequisites
1. Design Console must be installed. You can start Design Console by executing xlclient.sh which is located in "$MW_HOME/Oracle_IDM1/designconsole" directory.
2. The new attribute that is being created in OIM must also exist in the target system. For the database table as a target system, add a column to the target table by executing the following SQL:
Add Field to Process Form
The process form is used to store the resource account data. During target reconciliation, the data of the target resource account is fetched, and then the data gets written to the process form.
1. Log in to Design Console.
2. Expand Development Tools, double click on Form Designer, and search for the process form for your target system. Side Note: You can query the Table Name (E.g. UD_DBATUSR) directly from the database to inspect all process form instances of a particular resource in your current OIM system.
3. Click Create New Version, enter form version label, save, and then close window. A new form version is needed in order to make changes.
4. On the Additional Columns tab, click Add, and specify Name, Variant Type, Length, Field Label, Field Type, and Order in order to create a field on the process form. Then save by clicking the floppy disc icon.
Example:
Name: UD_DBATUSR_MIDDLENAME
Variant Type: String
Length: 40 (NOTE: This should typically match the length of the target system attribute.)
Field Label: Middle Name
Field Type: TextField
Order: 6
Note: If the attribute on the target system is of the Date, Time, or Timestamp format, then set the value of the Variant Type column to String.
5. Click Make Version Active in order for the new form to be in use. Then click OK on the dialog box.
Add Reconciliation Field to Resource Object
The reconciliation fields represent the attributes on the target system. During reconciliation, the data of the target resource account get staged into these reconciliation fields.
1. In Design Console, expand Resource Management, and double click Resource Objects.
2. Search for the resource object corresponding to your target system.
3. Navigate to the Object Reconciliation tab, and click Add Field
4. Specify Field Name and Field Type, and then click the Save icon For example,
Field Name = Middle Name
Field Type = String
5. Click the Create Reconciliation Profile to update the resource object in MDS. Then click the Save icon.
Lookup.RESOURCE.UM.ReconAttrMap
The lookup definition for reconciliation attribute mapping defines the mapping between the OIM reconciliation fields of a resource object and the attributes on the target resource account.
1. In Design Console, expand Administration, and double click Lookup Definition.
2. Search for Lookup.RESOURCE.UM.ReconAttrMap lookup definition, replacing RESOURCE with the name of your resource. For the DBAT connector, the lookup definition name for the reconciliation attribute map is Lookup.DBAT.UM.ReconAttrMap.
3. On the Lookup Code Information tab, add an entry for the new attribute. For Code Key column, specify the reconciliation field name that you have set in the resource object. For the Decode column, specify the name of the target system attribute. For example,
Code Key = Middle Name
Decode = MIDDLER_NAME
4. Then click the Save icon.
Add Reconciliation Field Mapping
The reconciliation field mapping defines the mapping between the reconciliation fields on the resource object and the fields on the resource's process form.
1. Expand Process Management, and double click Process Definition.
2. Search for the Process Definition for your target system.
3. Navigate to the Reconciliation Field Mappings tab, and click Add Field Map.
4. In the Add Reconciliation Field Mapping dialog box, specify the reconciliation field name for the Field Name. For example,
Field Name = Middle Name
5. Double click on the Process Data Field input box. On the new popup, double click the process form field to map to the reconciliation field.
6. Click the Save icon, and then close the Add Reconciliation Field Mapping dialog box.
7. A new entry should appear on the Reconciliation Field Mapping.
8. Update MDS for your resource object by clicking the Create Reconciliation Profile in the Resource Objects section.
Update UI Form
1. Log in to Identity System Administration.
2. Create and active a sandbox.
3. On the left pane, click Form Designer under Configuration.
4. On the Search Form page, click Create.
5. Specify Resource Type, Form Name, and Form Type. Ensure the new attribute is listed in the Available form fields section, and then click Create.
6. On the left pane, click Application Instances under Configuration, and then search for the name of your application instance.
7. On application instance form, change the Form parameter to the form you created. Then click Apply.
8. Publish the sandbox.
Update Process Form Instances
Ensure the process form instances are using the latest form version. You can query the UD table to check the form version being used for each process form instance. Inconsistent form version can happened when there are existing provisioned resource accounts in OIM, and later on you decide to add a new attribute on the process form.
1. Log in to Identity System Administration.
2. On the left pane, expand System Management and select Scheduler.
3. Search for Form Upgrade Job scheduled job, click Enable, and then click Run.
Note: The scheduled job only updates the process form instances that have been successfully provisioned.
1. Design Console must be installed. You can start Design Console by executing xlclient.sh which is located in "$MW_HOME/Oracle_IDM1/designconsole" directory.
2. The new attribute that is being created in OIM must also exist in the target system. For the database table as a target system, add a column to the target table by executing the following SQL:
/*Add a column to target table DBAT_USER*/ ALTER TABLE DBAT_USER ADD (MIDDLE_NAME VARCHAR(40));
Add Field to Process Form
The process form is used to store the resource account data. During target reconciliation, the data of the target resource account is fetched, and then the data gets written to the process form.
1. Log in to Design Console.
2. Expand Development Tools, double click on Form Designer, and search for the process form for your target system. Side Note: You can query the Table Name (E.g. UD_DBATUSR) directly from the database to inspect all process form instances of a particular resource in your current OIM system.
3. Click Create New Version, enter form version label, save, and then close window. A new form version is needed in order to make changes.
4. On the Additional Columns tab, click Add, and specify Name, Variant Type, Length, Field Label, Field Type, and Order in order to create a field on the process form. Then save by clicking the floppy disc icon.
Example:
Name: UD_DBATUSR_MIDDLENAME
Variant Type: String
Length: 40 (NOTE: This should typically match the length of the target system attribute.)
Field Label: Middle Name
Field Type: TextField
Order: 6
Note: If the attribute on the target system is of the Date, Time, or Timestamp format, then set the value of the Variant Type column to String.
5. Click Make Version Active in order for the new form to be in use. Then click OK on the dialog box.
Add Reconciliation Field to Resource Object
The reconciliation fields represent the attributes on the target system. During reconciliation, the data of the target resource account get staged into these reconciliation fields.
1. In Design Console, expand Resource Management, and double click Resource Objects.
2. Search for the resource object corresponding to your target system.
3. Navigate to the Object Reconciliation tab, and click Add Field
4. Specify Field Name and Field Type, and then click the Save icon For example,
Field Name = Middle Name
Field Type = String
5. Click the Create Reconciliation Profile to update the resource object in MDS. Then click the Save icon.
Lookup.RESOURCE.UM.ReconAttrMap
The lookup definition for reconciliation attribute mapping defines the mapping between the OIM reconciliation fields of a resource object and the attributes on the target resource account.
1. In Design Console, expand Administration, and double click Lookup Definition.
2. Search for Lookup.RESOURCE.UM.ReconAttrMap lookup definition, replacing RESOURCE with the name of your resource. For the DBAT connector, the lookup definition name for the reconciliation attribute map is Lookup.DBAT.UM.ReconAttrMap.
3. On the Lookup Code Information tab, add an entry for the new attribute. For Code Key column, specify the reconciliation field name that you have set in the resource object. For the Decode column, specify the name of the target system attribute. For example,
Code Key = Middle Name
Decode = MIDDLER_NAME
4. Then click the Save icon.
Add Reconciliation Field Mapping
The reconciliation field mapping defines the mapping between the reconciliation fields on the resource object and the fields on the resource's process form.
1. Expand Process Management, and double click Process Definition.
2. Search for the Process Definition for your target system.
3. Navigate to the Reconciliation Field Mappings tab, and click Add Field Map.
4. In the Add Reconciliation Field Mapping dialog box, specify the reconciliation field name for the Field Name. For example,
Field Name = Middle Name
5. Double click on the Process Data Field input box. On the new popup, double click the process form field to map to the reconciliation field.
6. Click the Save icon, and then close the Add Reconciliation Field Mapping dialog box.
7. A new entry should appear on the Reconciliation Field Mapping.
8. Update MDS for your resource object by clicking the Create Reconciliation Profile in the Resource Objects section.
Update UI Form
1. Log in to Identity System Administration.
2. Create and active a sandbox.
 |
| On top right menu, click Sandboxes. |
 |
| Click Create Sandbox. |
3. On the left pane, click Form Designer under Configuration.
4. On the Search Form page, click Create.
5. Specify Resource Type, Form Name, and Form Type. Ensure the new attribute is listed in the Available form fields section, and then click Create.
6. On the left pane, click Application Instances under Configuration, and then search for the name of your application instance.
7. On application instance form, change the Form parameter to the form you created. Then click Apply.
8. Publish the sandbox.
Update Process Form Instances
Ensure the process form instances are using the latest form version. You can query the UD table to check the form version being used for each process form instance. Inconsistent form version can happened when there are existing provisioned resource accounts in OIM, and later on you decide to add a new attribute on the process form.
1. Log in to Identity System Administration.
2. On the left pane, expand System Management and select Scheduler.
3. Search for Form Upgrade Job scheduled job, click Enable, and then click Run.
Note: The scheduled job only updates the process form instances that have been successfully provisioned.
No comments:
Post a Comment