Version: Oracle Identity Manager 11.1.1.5.0
Description: This article demonstrates how to implement a target delete reconciliation using the OIM APIs. The methods from oracle.iam.reconciliation.api.ReconOperationsService are used . The code given here can be further developed to become a schedule task. The Database Application Table Connector is used here. Follow the guide given here to setup the connector in OIM.
Steps for Implementation:
1. Get all the users from your target system along with their attributes, mainly the ones for OIM account rule matching. Users data must be put into an array of hashmaps with each hashmap containing a single user's data. (Key= attributeNameInTarget, Value=attributeValueInTarget)
2. Get the ReconOperationsService service. Call methods from ReconOperationsService.
3. provideDeletionDetectionData(java.lang.String objectName, java.util.Map[] paoAccountDataList)
4. getMissingAccounts(java.lang.String objectName, java.util.Set accountsFound)
5. deleteDetectedAccounts(Thor.API.tcResultSet poDetectedAccounts)
6. processReconciliationEvent(long rceKey)
Tuesday, July 9, 2013
Saturday, July 6, 2013
SQL Query to get User Accounts Statuses
Version: Oracle Identity Manager 11.1.1.5.0
Description: Given here is a SQL query to get the statuses of each user's accounts (resource object instances).
Description: Given here is a SQL query to get the statuses of each user's accounts (resource object instances).
Friday, July 5, 2013
Updating OIM Process Form of a Resource Object Instance Through SQL
Version: Oracle Identity Manager 11.1.1.5.0
Description: Given here is an SQL query to update every outdated Resource Object Instance's process form. A sample usage scenario is when you have users who have been provisioned to a target system (E.g. Active Directory, OpenLDAP) and the target accounts are already replicated in OIM. These target accounts are represented as Resource Object Instances in OIM , and the process form holds the data. Later you decide to add a new attribute on to the process form of a specific resource object and update it to the latest version through design console. You'll notice that on existing resource object instances process forms the new attribute does not appear. To fix that, execute the query given here. You can also use OIM's Form Version Control Utility to the same.
Description: Given here is an SQL query to update every outdated Resource Object Instance's process form. A sample usage scenario is when you have users who have been provisioned to a target system (E.g. Active Directory, OpenLDAP) and the target accounts are already replicated in OIM. These target accounts are represented as Resource Object Instances in OIM , and the process form holds the data. Later you decide to add a new attribute on to the process form of a specific resource object and update it to the latest version through design console. You'll notice that on existing resource object instances process forms the new attribute does not appear. To fix that, execute the query given here. You can also use OIM's Form Version Control Utility to the same.
Tuesday, July 2, 2013
Adding OIM User Defined Attribute through the OIM API
Version: Oracle Identity Manager 11g R1
Description: This post contains java code to add OIM User Profile attribute using the OIM API. The ConfigManager class contains the method to add User Defined (UDF) attribute. The code below is only for demonstration purposes for adding a string attribute. Dealing with other attribute types may require setting additional properties. Also, the value of an attribute property may be dependent on other property values. WARNING: Use at your own risk. This OIM API does some data validation. Creating an invalid attribute can cause a lot of problems (E.g. An error message dialog will prevent you from viewing any OIM user's profile). If you happen to create a bad attribute, most of the time deleting the attribute will fix the problem.
Description: This post contains java code to add OIM User Profile attribute using the OIM API. The ConfigManager class contains the method to add User Defined (UDF) attribute. The code below is only for demonstration purposes for adding a string attribute. Dealing with other attribute types may require setting additional properties. Also, the value of an attribute property may be dependent on other property values. WARNING: Use at your own risk. This OIM API does some data validation. Creating an invalid attribute can cause a lot of problems (E.g. An error message dialog will prevent you from viewing any OIM user's profile). If you happen to create a bad attribute, most of the time deleting the attribute will fix the problem.
Subscribe to:
Posts (Atom)