Provisioning to OUD using the OIM connector for OUD
By Sylvain Duloutre-Oracle on Apr 17, 2014
OIM provides an extensive list of connectors, including a connector to Oracle Unified Directory (OUD). OIM Connector for OUD is described at http://docs.oracle.com/cd/E22999_01/doc.111/e28603/toc.htm
The Lookup.LDAP.UM.ProvAttrMap lookup definition maps process form fields with OUD target system attributes. This lookup definition is used for performing user provisioning operations.
For the default user fields that you can specify or modify values during provisioning operations , see Section 188.8.131.52, "User Fields for Provisioning an OUD Target System."
For example, the Process Form Field "Common Name" is mapped on cn on the OUD side.
Some specific Process Form Fields are mapped differently. For instance the "Login Disabled" Process Form Field is mapped to the __ENABLED__ keyword in the default mapping file. __ENABLED__ does not directly correspond to any OUD attribute. It is a keyword that is associated with an effective OUD attribute in the OUD Connector configuration, as described in http://docs.oracle.com/cd/E22999_01/doc.111/e28603/deploy_oud.htm#CEGDHHHH. The OUD attribute used to store account state is specified by the enabledAttribute. By default, it is set to ds-pwp-account-disabled.
The same indirection mechanism apply to the NsuniqueID and Password Process Form Fields mapped to __UID__ and __PASSWORD__ that are provisionned to the OUD attributes defined by uidAttribute and passwordAttribute (entryUUID and userPassword by default).