OIG 11g R2 PS2 Training

1 Oracle Proprietary - Restricted to Personal Use in an Oracle partner training class

OIG 11G R2 PS2 Field Enablement Training

Lab 22 - Changes in OIM triggered to downstream app

Disclaimer: The Virtual Machine Image and other software are provided for use only during the workshop. Please note that you are responsible for deleting them from your computers before you leave. If you would like to try out any of the Oracle products, you may download them from the Oracle Technology Network (http://www.oracle.com/technology/index.html) or the Oracle E-Delivery WebSite (http://edelivery.oracle.com)

Table of Contents

Lab 22 - Changes in OIM triggered to downsteam app .............................................. 1

Table of Contents ....................................................................................................... 1

I. Introduction ............................................................................................................. 2

II. Contents ................................................................................................................ 2

2.1 Configurations to achieve synchronizing downstream app ............................... 2

2.2 Update attributes in OIM to synchronize application ...................................... 12

OIM 11g R2 Workshop - Lab17

I. Introduction

ACME CAPITAL has decided to extend user's schema and introduce "Home Phone" attribute

in OIM. They want to extend OUD schema as well to store this new attribute. OIM being the

authoritative source of this attribute, whenever there is a change in this attribute an event

should be logged in OIM and data should be propagated into OUD.

The field has been added to OIM and to OUD resource in OIM. Also an entry has been added

in the lookup table Lookup.LDAP.UM.ProvAttrMap like explained in Lab2.

II. Contents

2.1 Configurations to achieve synchronizing downstream app

Purpose

This step includes the configuration for the use case.

Steps

From Design Console (as xelsysadm user), under folder Process Management -> Process

Definition, search for “LDAP User” and click on Add (for adding a new task).

OIG 11g R2 PS2 Training

3 Oracle Proprietary - Restricted to Personal Use in an Oracle partner training class

In General tab, give task Name as "Change Emergency Contact Number”. Choose task

Properties “Conditional”, “Required for Completion”, “Allow Cancellation while Pending”,

“Allow Multiple Instances”.

Click Save

In Integration tab, Click Add to link this task to Event Handler/Adapter.

OIM 11g R2 Workshop - Lab17

Choosing the radio box “Adapter”, populates the list of Adapters. Choose

“adpLDAPRETURNTEXT” and click Save.

Notice the status saying Mapping Incomplete. The adapter variables need to be mapped.

Choose the entry “Adapter return value” Flag and click Map.

Complete the mapping as shown below and click Save.

OIG 11g R2 PS2 Training

5 Oracle Proprietary - Restricted to Personal Use in an Oracle partner training class

Close the form

Notice the Mapped (Y/N) field for this entry “Adapter return value” now turns “Y”.

The mapping needs to be done for all adapter variables. Repeat the steps for the input

variable mapping it to User Definition -> Home Phone.

Variable Name Data Type Map To Qualifier

input String User Definition Home Phone

OIM 11g R2 Workshop - Lab17

When all adapter variables are mapped - Mapped (Y/N) field for all variables will become Y -

Status will become Ready. Click Save.

Close the task, check the “Auto Save Form” and click on Save for recording the changes on

the process definition

Still on the “LDAP User” Process Definition, add a new task clicking on Add again.

Enter “Home Phone Updated” for the Task Name (enter exactly this label as it is the OIM

engine that at runtime will determine this task name based on the name of the user field –

here Home Phone” - adding Updated for the related action). It means that having this task

been created with this specific name, if the OIM User Profile field “Home Phone” has been

updated, the task will be triggered.

OIG 11g R2 PS2 Training

7 Oracle Proprietary - Restricted to Personal Use in an Oracle partner training class

Check the Task Properties flags and click on Save.

Click on Integration tab and add adpLDAPUPDATE adapter.

Map the variables based on the above table:

Variable Name Data Type Map To Qualifier Literal Value

fieldLabel String Literal String Home Phone

processInstanceKey Long Process

Data

Process

Instance

objectType String Literal String User

itResourceFieldName String Literal String UD_LDAP_USR_SERVER

Adapter return value Object Response

Code

Click Save.

OIM 11g R2 Workshop - Lab17

On the Response tab enter the following:

Click Save

Close the task and click on Save for recording the changes on the process definition don’t

close the process definition).

Create a status for the process task to indicate that the task is completed successfully.

From Design Console, under Resource Management Double click on Resource Objects, Enter

“LDAP User” and click on Search (binocular)

Click then on “Status Definition” tab.

Click on Add

OIG 11g R2 PS2 Training

9 Oracle Proprietary - Restricted to Personal Use in an Oracle partner training class

Enter:

Status EMGNCY Updated

Launch Dependent Uncheck

Click on Save

OIM 11g R2 Workshop - Lab17

Back to the “LDAP User” Process Definition, in the Tasks tab, double click "Change

Emergency Contact Number"

Click on tab "Task to Object Status Mapping". Locate Status “C” and update Object Status to

“EMGNCY Updated”. Click Save.

Still on the “Change Emergency Contact Number” task, click on the Responses tab and add a

row with the following content:

Response SUCCESS

Description Update done

Status C

Save and close the task

Save the Process Definition

Add the Process Task to Process Trigger Lookup Definition:

Still in the Design Console, under folder Administration -> Lookup Definition

Search “Lookup.USR_PROCESS_TRIGGERS”

Click on Add

Code Key USR_HOME_PHONE

Decode Change Emergency Contact Number

OIG 11g R2 PS2 Training

11 Oracle Proprietary - Restricted to Personal Use in an Oracle partner training class

Click on Save

Checkpoint

This completes the configuration.

OIM 11g R2 Workshop - Lab17

2.2 Update attributes in OIM to synchronize application

Purpose

This step would verify the functioning of all the configuration changes made above to ensure

that when attribute “Home Phone” is updated for an OIM user, the change gets propagated

to OUD server directly.

Steps

Open the Identity Self Service web console, login as Admin and navigate to the OIM user

record of any user to which OUD account has been already provisioned.

For any such user, update the value of the attribute “Home Phone” (clicking on Modify User)

and click on Submit (you may have to click on another field to get the button activated).

OIG 11g R2 PS2 Training

13 Oracle Proprietary - Restricted to Personal Use in an Oracle partner training class

Notice that the Status has changed (after few seconds and clicking on Refresh):

You can have a look to the provisioning tasks that have been triggered clicking on Resource

History (after selecting the row):

Also you can double-check using Apache LDAP browser that for this user record in OUD the

“Home Phone” attribute has been updated: