Identity Management

Knowledge Sharing – Identity Management

OIM – How to create and use entity adapter to generate passwords

leave a comment »

The following procedure has been tested in Oracle Identity Manager 9.1.0.2 Bundle Patch 06

One of the main reasons why this entity adapter was used is because the OIM connectors can out of the box populate values to most fields like first name, last name, phone number etc., When it comes to password it cannot initialize any value. It defaults the password to be same as user ID. Another case is when you have a value in source that need to be transformed or massaged into a different value before setting it in the target. In that case also this entity adapter is very useful.

Use an entity adapter to generate passwords and attach it to the "Reconciliation Insert Received" process task of the ‘Xellerate User‘ process definition. This approach could be used to update the password of the user as soon as it is created. This could be done to avoid the use of a default password. This could also have Password Policy related issues such as if automatic provisioning was started to provision a resource upon user creation. If the target had a policy which set a minimum age for a password before it was changed then the password update on the target could fail.

Entity Adapter
===========

Entity adapter is used to populate any predefined/user-defined entity field. For eg. User First Name/Organization or any field that can be mapped to the adapter variable from the Data Object Manager in the Java client.

Example to use an Entity Adapter:

1. Login into Java client with an admin user
2. Move to Development Tools -> Adapter Factory
3. Enter valid adapter name, description and select “Entity” as adapter type
4. Save the adapter
5. In the Adapter Tasks tab, click on Assign to add a task to the adapter

6. Select logic task -> SET VARIABLE and click on continue
7. In Add Set Variable Task Parameter dialog, select Adapter return value in
variable name drop down, Operand Type as Literal, Operand Qualifier -> Text

Literal and input any string
8. Save the settings
9. Compile the adapter
10. Move to Development Tools -> Business Rule Definition -> Data Object Manager
11. Double click on the form designer field and select users from the lookup

12. Perform query on the form using the main toolbar
13. The data object manager should be refreshed to reflect the adapters/event
handlers associated with the users form.
14. Associate the entity adapter in a relevant pre/post section. For eg assign

the adapter in the pre-insert section
15. Move to Map Adapter tab select the adapter from the name drop down list.
16. Adapter return value should appear in the list of adapter variables to map.
17. Map the return value to Entity Field -> USR_FIRST_NAME and save

18. Now Launch the users form
19. Input all required fields except “First Name” and save

<Expected Result>

The Field(s) associated with the entity adapter should get populated
appropriately.

About these ads

Written by Identity and Access Management

January 31, 2011 at 6:14 pm

Posted in Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: