oig 11g r2 ps2 field enablement training -...
TRANSCRIPT
OIG 11g R2 PS2 Training
1 Oracle Proprietary - Restricted to Personal Use in an Oracle partner training class
OIG 11G R2 PS2 Field Enablement Training
Lab 22 - Changes in OIM triggered to downstream app
Disclaimer: The Virtual Machine Image and other software are provided for use only during the workshop. Please note that you are responsible for deleting them from your computers before you leave. If you would like to try out any of the Oracle products, you may download them from the Oracle Technology Network (http://www.oracle.com/technology/index.html) or the Oracle E-Delivery WebSite (http://edelivery.oracle.com)
Table of Contents
Lab 22 - Changes in OIM triggered to downsteam app .............................................. 1
Table of Contents ....................................................................................................... 1
I. Introduction ............................................................................................................. 2
II. Contents ................................................................................................................ 2
2.1 Configurations to achieve synchronizing downstream app ............................... 2
2.2 Update attributes in OIM to synchronize application ...................................... 12
OIM 11g R2 Workshop - Lab17
I. Introduction
ACME CAPITAL has decided to extend user's schema and introduce "Home Phone" attribute
in OIM. They want to extend OUD schema as well to store this new attribute. OIM being the
authoritative source of this attribute, whenever there is a change in this attribute an event
should be logged in OIM and data should be propagated into OUD.
The field has been added to OIM and to OUD resource in OIM. Also an entry has been added
in the lookup table Lookup.LDAP.UM.ProvAttrMap like explained in Lab2.
II. Contents
2.1 Configurations to achieve synchronizing downstream app
Purpose
This step includes the configuration for the use case.
Steps
From Design Console (as xelsysadm user), under folder Process Management -> Process
Definition, search for “LDAP User” and click on Add (for adding a new task).
OIG 11g R2 PS2 Training
3 Oracle Proprietary - Restricted to Personal Use in an Oracle partner training class
In General tab, give task Name as "Change Emergency Contact Number”. Choose task
Properties “Conditional”, “Required for Completion”, “Allow Cancellation while Pending”,
“Allow Multiple Instances”.
Click Save
In Integration tab, Click Add to link this task to Event Handler/Adapter.
OIM 11g R2 Workshop - Lab17
Choosing the radio box “Adapter”, populates the list of Adapters. Choose
“adpLDAPRETURNTEXT” and click Save.
Notice the status saying Mapping Incomplete. The adapter variables need to be mapped.
Choose the entry “Adapter return value” Flag and click Map.
Complete the mapping as shown below and click Save.
OIG 11g R2 PS2 Training
5 Oracle Proprietary - Restricted to Personal Use in an Oracle partner training class
Close the form
Notice the Mapped (Y/N) field for this entry “Adapter return value” now turns “Y”.
The mapping needs to be done for all adapter variables. Repeat the steps for the input
variable mapping it to User Definition -> Home Phone.
Variable Name Data Type Map To Qualifier
input String User Definition Home Phone
OIM 11g R2 Workshop - Lab17
When all adapter variables are mapped - Mapped (Y/N) field for all variables will become Y -
Status will become Ready. Click Save.
Close the task, check the “Auto Save Form” and click on Save for recording the changes on
the process definition
Still on the “LDAP User” Process Definition, add a new task clicking on Add again.
Enter “Home Phone Updated” for the Task Name (enter exactly this label as it is the OIM
engine that at runtime will determine this task name based on the name of the user field –
here Home Phone” - adding Updated for the related action). It means that having this task
been created with this specific name, if the OIM User Profile field “Home Phone” has been
updated, the task will be triggered.
OIG 11g R2 PS2 Training
7 Oracle Proprietary - Restricted to Personal Use in an Oracle partner training class
Check the Task Properties flags and click on Save.
Click on Integration tab and add adpLDAPUPDATE adapter.
Map the variables based on the above table:
Variable Name Data Type Map To Qualifier Literal Value
fieldLabel String Literal String Home Phone
processInstanceKey Long Process
Data
Process
Instance
objectType String Literal String User
itResourceFieldName String Literal String UD_LDAP_USR_SERVER
Adapter return value Object Response
Code
Click Save.
OIM 11g R2 Workshop - Lab17
On the Response tab enter the following:
Click Save
Close the task and click on Save for recording the changes on the process definition don’t
close the process definition).
Create a status for the process task to indicate that the task is completed successfully.
From Design Console, under Resource Management Double click on Resource Objects, Enter
“LDAP User” and click on Search (binocular)
Click then on “Status Definition” tab.
Click on Add
OIG 11g R2 PS2 Training
9 Oracle Proprietary - Restricted to Personal Use in an Oracle partner training class
Enter:
Status EMGNCY Updated
Launch Dependent Uncheck
Click on Save
OIM 11g R2 Workshop - Lab17
Back to the “LDAP User” Process Definition, in the Tasks tab, double click "Change
Emergency Contact Number"
Click on tab "Task to Object Status Mapping". Locate Status “C” and update Object Status to
“EMGNCY Updated”. Click Save.
Still on the “Change Emergency Contact Number” task, click on the Responses tab and add a
row with the following content:
Response SUCCESS
Description Update done
Status C
Save and close the task
Save the Process Definition
Add the Process Task to Process Trigger Lookup Definition:
Still in the Design Console, under folder Administration -> Lookup Definition
Search “Lookup.USR_PROCESS_TRIGGERS”
Click on Add
Code Key USR_HOME_PHONE
Decode Change Emergency Contact Number
OIG 11g R2 PS2 Training
11 Oracle Proprietary - Restricted to Personal Use in an Oracle partner training class
Click on Save
Checkpoint
This completes the configuration.
OIM 11g R2 Workshop - Lab17
2.2 Update attributes in OIM to synchronize application
Purpose
This step would verify the functioning of all the configuration changes made above to ensure
that when attribute “Home Phone” is updated for an OIM user, the change gets propagated
to OUD server directly.
Steps
Open the Identity Self Service web console, login as Admin and navigate to the OIM user
record of any user to which OUD account has been already provisioned.
For any such user, update the value of the attribute “Home Phone” (clicking on Modify User)
and click on Submit (you may have to click on another field to get the button activated).
OIG 11g R2 PS2 Training
13 Oracle Proprietary - Restricted to Personal Use in an Oracle partner training class
Notice that the Status has changed (after few seconds and clicking on Refresh):
You can have a look to the provisioning tasks that have been triggered clicking on Resource
History (after selecting the row):
Also you can double-check using Apache LDAP browser that for this user record in OUD the
“Home Phone” attribute has been updated: