Provisioning to OUD using the OIM connector for OUD

Guest Author

OIM provides an extensive list of connectors, including a connector to Oracle Unified Directory (OUD). OIM Connector for OUD is described at http://docs.oracle.com/cd/E22999_01/doc.111/e28603/toc.htm

The Lookup.LDAP.UM.ProvAttrMap lookup definition maps process form
fields with OUD target system attributes. This lookup definition is used
for performing user provisioning operations.

For the default user fields that you can specify or modify values during provisioning operations , see Section, "User Fields for Provisioning an OUD Target System."

For example, the Process Form Field "Common Name" is mapped on cn on the OUD side.

Some specific Process Form Fields are mapped differently. For instance the "Login Disabled" Process Form Field is mapped to the __ENABLED__ keyword in the default mapping file. __ENABLED__ does not directly correspond to any OUD attribute. It is a keyword that is associated with an effective OUD attribute in the OUD Connector configuration, as described in http://docs.oracle.com/cd/E22999_01/doc.111/e28603/deploy_oud.htm#CEGDHHHH. The OUD attribute used to store account state is specified  by the enabledAttribute. By default, it is set to ds-pwp-account-disabled.

The same indirection mechanism apply to the NsuniqueID and Password Process Form Fields mapped to __UID__ and __PASSWORD__ that are provisionned to the OUD attributes defined by uidAttribute and passwordAttribute (entryUUID and userPassword by default).

Join the discussion

Comments ( 3 )
  • Eli Kleinman Thursday, May 1, 2014

    Can the OIM OUD Connector intercet OUD password changes?

  • Sylvain Duloutre Monday, May 12, 2014

    Technically, the connector could detect password changes from the OUD change log however it would have access to the encoded password form, not the plain text password, so it is not possible to update the OIM DB with it.

  • Eli Kleinman Monday, May 12, 2014

    Thanks for the reply,

    We are looking for a replacement of the ISW functionality using a plugin in ODSEE to get password changes, we would hope to get the same functionality in OIM + OUD.



Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.