Thursday, 6 May 2010

Trigger Happy Oracle Identity Manager - Part 1

In the previous post I mentioned the number of undocumented or not clearly documented features of the Oracle Identity Manager (OIM).

One of the things not clearly described in the Oracle documentation is the triggering of processes and actions in the OIM. When you know how it works you can find the descriptions in the documentation supporting this functionality. But this is scattered over the documentation and needs trial and error testing to be user on how this works. This is due to the fact the documentation talks about "buttons that can be pressed" and the action that follows.
In this blog I'll try to explain the functionality more from a process view.

To start of simple I'll talk about how the provisioning process is triggered.
Processes in the OIM are defined in the "Process Definition" of the "Process Administration" in the Design Console. In the process definition tasks can be created. The tasks are linked to Java code (adapters) that will perform the actual action. An action could be the provisioning or de-provisioning of a user, group membership or update of an attribute like a password.
The question to be answered in this blog is how this task is triggered.
This is done very untidily based on the name of the task. When a resource is provisioned the task named "Create User" is triggered. The spelling should be exact like this, otherwise the nothing is triggered.
Similarly the task to be triggered in case of a de-provisioning should be called "Delete User", exact with this spelling.

No comments: