Version: Oracle Identity Manager 11.1.1.5.0
Description: This article demonstrates how to implement a target delete reconciliation using the OIM APIs. The methods from oracle.iam.reconciliation.api.ReconOperationsService are used . The code given here can be further developed to become a schedule task. The Database Application Table Connector is used here. Follow the guide given here to setup the connector in OIM.
Steps for Implementation:
1. Get all the users from your target system along with their attributes, mainly the ones for OIM account rule matching. Users data must be put into an array of hashmaps with each hashmap containing a single user's data. (Key= attributeNameInTarget, Value=attributeValueInTarget)
2. Get the ReconOperationsService service. Call methods from ReconOperationsService.
3. provideDeletionDetectionData(java.lang.String objectName, java.util.Map[] paoAccountDataList)
4. getMissingAccounts(java.lang.String objectName, java.util.Set accountsFound)
5. deleteDetectedAccounts(Thor.API.tcResultSet poDetectedAccounts)
6. processReconciliationEvent(long rceKey)
Tuesday, July 9, 2013
Saturday, July 6, 2013
SQL Query to get User Accounts Statuses
Version: Oracle Identity Manager 11.1.1.5.0
Description: Given here is a SQL query to get the statuses of each user's accounts (resource object instances).
Description: Given here is a SQL query to get the statuses of each user's accounts (resource object instances).
Friday, July 5, 2013
Updating OIM Process Form of a Resource Object Instance Through SQL
Version: Oracle Identity Manager 11.1.1.5.0
Description: Given here is an SQL query to update every outdated Resource Object Instance's process form. A sample usage scenario is when you have users who have been provisioned to a target system (E.g. Active Directory, OpenLDAP) and the target accounts are already replicated in OIM. These target accounts are represented as Resource Object Instances in OIM , and the process form holds the data. Later you decide to add a new attribute on to the process form of a specific resource object and update it to the latest version through design console. You'll notice that on existing resource object instances process forms the new attribute does not appear. To fix that, execute the query given here. You can also use OIM's Form Version Control Utility to the same.
Description: Given here is an SQL query to update every outdated Resource Object Instance's process form. A sample usage scenario is when you have users who have been provisioned to a target system (E.g. Active Directory, OpenLDAP) and the target accounts are already replicated in OIM. These target accounts are represented as Resource Object Instances in OIM , and the process form holds the data. Later you decide to add a new attribute on to the process form of a specific resource object and update it to the latest version through design console. You'll notice that on existing resource object instances process forms the new attribute does not appear. To fix that, execute the query given here. You can also use OIM's Form Version Control Utility to the same.
Tuesday, July 2, 2013
Adding OIM User Defined Attribute through the OIM API
Version: Oracle Identity Manager 11g R1
Description: This post contains java code to add OIM User Profile attribute using the OIM API. The ConfigManager class contains the method to add User Defined (UDF) attribute. The code below is only for demonstration purposes for adding a string attribute. Dealing with other attribute types may require setting additional properties. Also, the value of an attribute property may be dependent on other property values. WARNING: Use at your own risk. This OIM API does some data validation. Creating an invalid attribute can cause a lot of problems (E.g. An error message dialog will prevent you from viewing any OIM user's profile). If you happen to create a bad attribute, most of the time deleting the attribute will fix the problem.
Description: This post contains java code to add OIM User Profile attribute using the OIM API. The ConfigManager class contains the method to add User Defined (UDF) attribute. The code below is only for demonstration purposes for adding a string attribute. Dealing with other attribute types may require setting additional properties. Also, the value of an attribute property may be dependent on other property values. WARNING: Use at your own risk. This OIM API does some data validation. Creating an invalid attribute can cause a lot of problems (E.g. An error message dialog will prevent you from viewing any OIM user's profile). If you happen to create a bad attribute, most of the time deleting the attribute will fix the problem.
Wednesday, June 26, 2013
OIM Schema Password Expiration
Version: Oracle Database 11g R2 and Oracle Identity Manager 11g
Description: By default your OIM schemas has a 90 day password expiration, and eventually you would have to change your password. The OIM managed server would fail to start if your schema password has already expired. This post demonstrates one way to change your schemas passwords when your schemas passwords have already been expired.
Description: By default your OIM schemas has a 90 day password expiration, and eventually you would have to change your password. The OIM managed server would fail to start if your schema password has already expired. This post demonstrates one way to change your schemas passwords when your schemas passwords have already been expired.
Monday, June 10, 2013
Monitoring OIM logs
Version: Oracle Identity Manager 11g R1
Description: This guide demonstrates how to monitor your logs. You can view your logs from the command-line, Oracle Enterprise Manager Fusion Middleware Control Console, or WebLogic Scripting Tool (WLST). I'll discuss the advantages and disadvantages of these utilities.
Description: This guide demonstrates how to monitor your logs. You can view your logs from the command-line, Oracle Enterprise Manager Fusion Middleware Control Console, or WebLogic Scripting Tool (WLST). I'll discuss the advantages and disadvantages of these utilities.
Saturday, June 8, 2013
BI Publisher 11g: Enable Local Superuser
Version: Oracle BI Publisher 11.1.1.5.0
Description: This post shows you how to enable a local superuser for BI Publisher.
Description: This post shows you how to enable a local superuser for BI Publisher.
Subscribe to:
Posts (Atom)