Oracle Identity Manager 11g came out in 21st of July. This new version has a lot of improvements among them: BPEL workflow, Reporting, ADF integration and performance.
Some things stayed the same though like the Design console fat client. Also all the triggers we have discussed in the blog (and more are to follow) stil kick start the provisioning, reconciliation or workflow engines of the OIM.
The windows are dressed differently, but the core is the same.
Showing posts with label Provisioning. Show all posts
Showing posts with label Provisioning. Show all posts
Wednesday, 18 August 2010
Friday, 7 May 2010
Trigger Happy Oracle Identity Manager - Part 2 - Provisioning with a twist
In the previous post on OIM we discussed how a process task is triggered when a resource in de OIM is provisioned or de-provisoned. The task "Create User" starts the java task that will create a user in the Resource object to be provisioned. The resource object could be a database, ldap server, file server or application.
Part of a process definition could also be a task that would add the user to a group within a ldap server. The standard way to resolve this using a "child table" with the process. But then the provisioning to this ldap group would not be seen in the OIM as a separate resource object provisioning for that user. This make all the resources this user has been provisioned too less transparent.
If one would want to see the provisioning to a ldap group as a separate resource provisioning, the process definition of this resource object must have the task "Create User", but in stead of creating the user in the ldap server this task would be linked to the java task that would add the user to the ldap group.
De-Provisioning that resource would result in the task "Delete User" being triggered that would remove the user from the ldap group.
Part of a process definition could also be a task that would add the user to a group within a ldap server. The standard way to resolve this using a "child table" with the process. But then the provisioning to this ldap group would not be seen in the OIM as a separate resource object provisioning for that user. This make all the resources this user has been provisioned too less transparent.
If one would want to see the provisioning to a ldap group as a separate resource provisioning, the process definition of this resource object must have the task "Create User", but in stead of creating the user in the ldap server this task would be linked to the java task that would add the user to the ldap group.
De-Provisioning that resource would result in the task "Delete User" being triggered that would remove the user from the ldap group.
Subscribe to:
Posts (Atom)