Oracle Stack: March 2015

Monday, March 30, 2015

OIM API: Entitlements

Tested On: Oracle Identity Manager 11.1.2.2.0
Description: Given here is code that utilize the OIM Java API to grant, revoke, and update entitlements on a user. Entitlement data is stored in the child process form of a resource. In the test driver, a disconnected resource with multiple columns in the child table (entitlement with attributes) is used as an example.

Child Form with "Type" form field as the Entitlement attribute.

Lookup Definition for Entitlement attribute "Type".

User Entitlements View

User Resource Account View Includes:
Parent data in the Details section
Child data in Laptop_UD_LPTYPE table

Here are some useful OIM tables related to entitlements to look at:
ENT_LIST = List of Entitlement
ENT_ASSIGN = Entitlement Instances assigned to users
UD_* = Resource account data: Look at the child UD table

References: Java API Reference for Oracle Identity Manager 11.1.2.2
http://docs.oracle.com/cd/E27559_01/admin.1112/e27149/appinstance.htm#OMADM4680

OIM Event Handler: Implement Execute for Bulk Orchestration

Version: 11.1.2.2.0
Description: An example of implementing execute() for bulk orchestration in an event handler is given here. The example plug-in can be download here. The example event handler performs recalculation of department number user attribute whenever user type or manager user attribute is changed for target user(s). A test driver is given to perform modifications on multiple users on a single API call.
References:
http://docs.oracle.com/cd/E27559_01/dev.1112/e27150/oper.htm#OMDEV4741
http://docs.oracle.com/cd/E40329_01/apirefs.1112/e28159/toc.htm

OIM API: Create Reconciliation Event

Version: Oracle Identity Manager 11.1.2.2.0
Description: Shows how to use the Oracle Identity Manager API to create reconciliation events. Below are screen shots of the end results of running the sample code given in this post on DBAT 11.1.1.5.0 connector.