Wednesday, June 10, 2015

OIM 11GR2 Disconnected resource creation and provision

This post covers detailed steps about creation and provision of disconnected resource. I hope this will help for new learners who are pretty much interested learning about connectors. And also, it will handy for quick reference.

High Level Steps:
  1. Creation of  IT Resource Type Definition
  2. Creation of Resource Object
  3. Creation of  IT Resource
  4. Creation of User Form
  5. Creation of Process Definition
  6. Creation of Application Instance
  7. Provisioning Resource

Creation of IT Resource Type Definition for Virtual Resource

IT Resource Type Definition represents the resource connection details. Since this is virtual resource that is not going to interact with external system, we can have with dummy values.

Steps to create IT Resource Type Definition:
  1. Log in to the OIM Design Console.
  2. Click IT Resource Type Definition under Resource Management.
  3. Create a new IT Resource Type Definition with the Server Type defined as IT_SSU.
  4. Add parameter Field Name as “Name” and Default Field Value is “SSU” as per below screen shot:


Creation of Resource Object for Virtual Resource

The resource object is OIM representation of resource.

Steps to create Resource Object:
  1. Log in to the OIM Design Console.
  2. Click Resource Objects under Resource Management.
  3. Create a new resource object with the name RO_SSU and save it.

This Resource Object should have below values:
·        Type as Application
·        In Status Definition tab, you should be checked “Enabled” and “Provisioned”



Creation of IT Resource for Virtual Resource

Login in to OIM system admin console and create new IT Resource with name “ITR_SSU”. Since this is dummy resource so, we can give any dummy value to IT Resource parameters. I have given parameter “Name” as Value “SSU”.



Creation of User Form for Virtual Resource

Process form contains provisioning details that needs to be pass to target system. Since this is virtual resource, I have set default value for all field values.

Steps to create process form:
  1. Log in to the Oracle Identity Manager Design Console.
  2. Click Form Designer under Development Tools.
  3. Create a new form with the Table Name UD_SSU as per below screen shot. Save it.
  
  1. Click on Properties tab, add the properties Type as “IT_SSU”, Required as “true”, and IT Resource as “ITR_SSU” for ITResource column as per below screen shots.

  1. Save it.

Creation of Process Definition for Virtual Resource

Process definition defines the behavior of connector. Every operation corresponding task associated with it. In this post, we are covering only provisioning and deprovisioning.

Steps to create Process Definition
  1. Log in to the Oracle Identity Manager Design Console.
  2. Click Process Definition under the Process Management tab.
  3. Create a new process definition and name it PD_SSU
  4. Select Provisioning as the Type of process.
  5. Provide the resource Object Name for the identity connector and select RO_SSU.
  6. Provide the process form Table Name and select UD_SSU.
  7. Save it

  1. Add process task and name it Delete User. This will trigger when a resource is deprovisioning for user.
Create task with name “Delete user”. Save it.

Make sure you should checked the box Conditional and unchecked the Allow Multiple Instances. This is optional, you can set the retry count and retry period in minutes in order to retry failed task by OIM.


In the integration tab, choose  adapter  “tcCompleteTask” because, this is not going to interact with real world target system. 

Add response for complete with status “R”


In Task to Object Status Mapping, the status of the complete to be displayed in Resource history.


  1. Add process task and name it Create User. This will trigger when a resource is provisioning for user.

Create task with name “Create User” and description as your wish. Save it.

Make sure you should unchecked the Conditional as well, Allow Multiple Instances. This is optional, you can set the retry count and retry period in minutes in order to retry failed task by OIM.


In the integration tab, choose  adapter  “tcCompleteTask” because, this is not going to interact with real world target system.


Add response for complete with status “C”


In undo/recovery tab, add the deprovisioning task that is “Delete User”

In Task to Object Status Mapping, the status of the complete to be displayed in Resource history.


Save all process definition changes.

Creation of Application Instance

  1. Log in to OIM system admin console with admin privileges.
  2. Create sandbox “SSU” and activate for Application Instance.
  3. Create New Form “FORMSSU” for resource object “RO_SSU”.
  1.  Create new application instance AppSSU1

  1. Export the sandbox “SSU” in case if you propagating from one environment to another. Otherwise, you can publish it.

Note: Once you created Application Instance, you should run “Catalog Synchronization” job in order to make available newly created app instance to users.


Provision Resource to User

Testing provisioning a resource to user:

  1. Log in to OIM identity console
  2. Select any user and go to accounts tab then, click on “Request Accounts” and it will take you to Catalog page.
  3. Select the application instance “AppSSU1” and then click on “Add to Cart”.
  4. Click on “Checkout” and then, “Ready To Submit”.
  5. Finally click on Submit and the resource will be provisioned to user.
Posted by at
Labels: , , , , , ,