AD, used as a trusted source and target system

Hello

I have a requirement to use AD as a trusted source and the target system the zero days and 1 for a transitional period.  We have 18 applications to integrate with OAM for SSO.  Currently, the authentication and authorization of these applications are made via AD.  However, the client wants to move to the use of LDAP in goal SSO.  The first phase includes 3 apps on the 18 apps.

Day zero, I use AD as a source of confidence to push users to IOM.  Then, I run AD as a target system to link the user to their existing AD accounts.  Their ad groups will also be reconciled by IOM.

Because there will be a transition period and the customer would not have to change the process of assistance to creating accounts AD (for internal and external users), they asked that we continue to allow accounts AD to reconcile with IOM in the trusted source and target system.

I have not used AD connector as a reliable source.  I intend to source AD done trust reconciliation to run first, then the task of reconciliation system AD target to run then.  It's the same AD connector.

This can work as long as the customer wishes until they want to spend to IOM for the creation of the user and accounts AD commissioning through the access policy.

Is this sound ok you?  There is a "witch hunt" I didn't think?

Thank you

Khanh

Yes, you can run the recon trust first and get all the identity created by IOM.

Later, you can run the Scheduler for recon target for linking AD accounts with user profile of IOM.

Note: There is a field in AD IT resource in need of update if you want to switch between the target and recon trust.

Research of configuration:

This parameter contains the name of the lookup definition that stores configuration information used during the reconciliation and commissioning.

If you have set your target system as a resource target, then enter Lookup.Configuration.ActiveDirectory.

If you have set your target system as a reliable source, then enter Lookup.Configuration.ActiveDirectory.Trusted.

Default value: Lookup.Configuration.ActiveDirectory

~ J

Tags: Fusion Middleware

Similar Questions

  • Fields "Synonym of entity source" and "Target entity synonym" for?

    Hello

    He is a newbie question.

    Is someone can you please tell me what that fields "Entity synonym Source" and "Synonym of target entity" in the dialog box properties of relationship are for? They are drop down boxes and look as if you should be able to select from the list of synonyms put in place for the entity in the properties of the entity dialog box.

    Thanks in advance.

    John

    Using SQL Developer Data Model Version 4.1.1.888 on Windows 7 Home premium 64-bit.

    Hi John,.

    If you right-click on an entity on the diagram object, then select Create Synonym in the drop down below, another entity object will be added to the diagram of the same entity.

    The fields "Synonym of entity Source" and 'Target entity synonym' in the relationship properties dialog box allow you to specify which of these multiple representations is connected to the relationship on the diagram.

    David

  • Procedure of ODI with slow performance (SOURCE and TARGET are different Oracle databases)

    Hi experts,

    I have an ODI procedure but its market with slow performance (SOURCE and TARGET are different Oracle databases), you can see below.

    My question is:

    It is possible write Oracle BULK COLLECT at the 'command on the target' (below)? or

    There is a KM of ODI that perform this task below in a quick way? If so, what KM can you guys suggest me?

    I found 'Oracle Append (DBLINK) control' but I try to avoid creating the dblink database.

    ===============================================================================

    * COMMAND ON the SOURCE (* technology: ORACLE * logic diagram: ORACLE_DB_SOURCE):

    SELECT NUM_AGENCIA, NUM_CPF_CNPJ, NOM_PESSOA

    < % = OdiRef.getSchemaName ("D") % >. < % = odiRef.getOption ("P_TABELA") % >

    ===============================================================================

    *ON the COMMAND TARGET (* technology: ORACLE * logic diagram: ORACLE_DB_TARGET):

    BEGIN

    INSERT INTO DISTSOB_OWNER. DISTSOB_PESSOA (NOM_PESSOA, NUM_CPF_CNPJ, FLG_ATIVO)

    VALUES ('#NOM_PESSOA', '#NUM_CPF_CNPJ', THE FROM ');

    EXCEPTION WHEN DUP_VAL_ON_INDEX THEN

    NULL;

    END;

    ===============================================================================


    Thank you guys!

    Please use SQL for SQL command Append KM... You can delete the unnecessary steps in the KM.E.g. fi you won't create I$ table, control flow etc, then you can remove related steps.

    Please try with that.

  • FDM to connect to a relational source and target

    I'm new to this tool. I have a few basic questions. I based my research, but could not find a clear answer.

    Can I connect to a relational table as source and target for an application of FDM. Relational source isn't eBS or other applications, just a relational table. I would like to load the same data from a relational table to another table using FDM. I'm looking at the wrong tool? Should which adapter I use? ERPI source adapter is? Which adapter target?

    Can someone please you suggest? Thanks in advance.

    Hello

    If you're new to this tool, you should know that FDM won't 11.1.2.4.

    It is replaced by FDMEE which is already available in 11.1.2.3.

    In all cases, you can extract data from relational db by using a script of integration. FDM doesn't load data to a target database not Hyperion EPM but you he could get it works using the custom script.

    Concerning

  • TABLE import in the source and target OLAP and OLTP Informatica records

    In the designer to map every time I import from my source OLTP and OLAP source table is displayed in its own folder named instance imported from. It is a problem that when I migrate my lower the workflow repository is always looking ofr these sources and targets. How to import or migrate there relative OLTP and OLAP source and target material in the table designer.

    Appreciate the help.

    Hi, before you migrate you can choose options as explained below

    1. create the same global name of connection for ODBC OLAP and OLTP and then import the tables to informatica

    2. other is, after you import the source tables with any ODBC connection name, you can change the name of the file as below
    a. check the table and in the Source Analyzer workspace to modify the table. In the table , tab click on rename
    (b) change the name of the data base by "OLAP" or 'OLTP' depending on your source.
    c. the source table is automatically moved to the folder OLAP and OLTP

    3. If the table is already existing in OLTP or OLAP, you can use the reuse or replacement of options when importing new mappings during the migration.

    Just to test this scenario once and applies for all tables in the source. I do the same during the migration

    Hope this helps

  • Is it possible to have the source and target schema in the same instance of DB?

    Hi all

    I'm using Oracle 11 g 1 material.
    I spent another source than with OWB server locations.
    In the course of deploy I get VLD-3064 and I can't deploy mapping due to the many warnings "table or view does not exist.

    Is it possible to have the source and target schemas in the same case?
    How to do?

    Kind regards
    Martin

    Hi Martin!

    1. the target schema have select rights for source-tables/views.
    (Run as a user with dba rights: grant select on to ;).

    2 «.. . none generated code will use the link dataabase...'.
    This is only a warning and means there is no need to use a database link. If your mapping will be executed faster as using a database link.

    error of VLD 3064

    Greetings
    Guenther Herzog

  • Database of waiting on a Source and target different endian formats

    Hello

    I have one familiar with the case where the source and target servers are different endian formats. I want to implement a 11g Data Guard in this environment. How can I do to implement the problem of different endian formats.

    Thank you

    As indicated in the documentation you quote, Data Guard is not possible when the main and backup databases are on platforms with a different endian format. If the endian format is the same, heterogeneous platforms may, or may not, be supported. The final documentation seems to be MOS Note 413484.1 (for physical standby) and 1085687.1 (for logical standby).

  • Source and target tabs in the procedure

    I'm trying to create a procedure to insert data into a table.

    My order on the tab target:

    INSERT INTO insert_table

    My order on the Source tab:

    SELECT BATCHNUMBER,' it, COUNT (*) IN table_source WITH BATCHNUMBER, 'C '.

    I selected the logic diagrams correctly in the source and target tabs. I get the following error...


    java.sql.BatchUpdateException: ORA-00926: lack of keyword VALUES

    What would my orders in the target and Source tabs?

    -app

    For the string type data please include in single quotes, for example, if C is varchar2

    INSERT INTO TRGT_TABLE VALUES (#BATCHNUMBER,'#C',#COUNT)

    Please try this

  • Schema (source and target)

    Hello

    I have a basic question. now I'm in the schema of the Designer tab, and I don't have an idea where I need to drag the source and target

    Thanks for the support

    Sam

    Hi Sam,

    I guess that you had created the following before you start your 'diagram' of Interface

    1. a project
    2 models (according to your requirement)

    Now, after you had provided information to the "definition" of the interface. In your diagram, you can goto "models" and then drag and drop the required for the models that you created in step 2 above. At the time where you drag and source and target, you can also auto card

    Hope this helps

    Sandeep Reddy, Enti
    HCC
    http://hyperionconsultancy.com/

  • Source and target data store mapping query

    I have to get the source and mapping target in ODI interface.

    Which table will I hit to get mapping information.

    E.g.

    Interface: INT_SAMPLE

    Data store: Source_DataStore with columns (cola, colb, teachers) Target_DataStore with columns (cola, colb, cold)

    Well mapping cover the QuickEdit tab and expand the field of mapping mapping is so

    Source_DataStore.Cola = Target_DataStore.Cola

    Source_DataStore.colB = Target_DataStore.colB



    Now, I want to get mapping information above as well as the name of the interface and the rest of the column that are not mapped using SQL (is it possible to trick ODI for mapping).

    Hi Prashant da Silva,

    Are you looking for an application to run on the repository?

    If so, it can help:

    select I.POP_NAME INTERFACE_NAME, ds.ds_name DATA_SET
      , s.lschema_name SOURCE_SCHEMA, NVL(S.TABLE_NAME, S.SRC_TAB_ALIAS) SOURCE_TABLE
      , mt.lschema_name TARGET_SCHEMA, I.TABLE_NAME TARGET_TABLE, c.col_name  TARGET_COLUMN, t.FULL_TEXT MAPPING_CRITERIA
  from SNP_POP i, SNP_DATA_SET ds, SNP_SOURCE_TAB s, SNP_TXT_HEADER t, SNP_POP_MAPPING m, SNP_POP_COL c, SNP_TABLE trg, snp_model mt
  where I.I_POP = DS.I_POP  (+)
    and DS.I_DATA_SET = S.I_DATA_SET (+)
    and T.I_TXT (+) = M.I_TXT_MAP
    and M.I_POP_COL (+) = C.I_POP_COL
    and M.I_DATA_SET = DS.I_DATA_SET (+)
    and C.I_POP (+) = I.I_POP
    and I.i_table = trg.i_table (+)
    and trg.i_mod = mt.i_mod (+);

    Just add a filter on UPPER (I.POP_NAME) = UPPER ('').

    Kind regards

    JeromeFr

  • Partition member in source and target must be the same

    Hello gurus, I have a cube with partitions and each partition is to have about 10 dimensions.

    A dimension, I became a member and wrote a rule for this member in the partition of the source, I have to take the same Member in the score target to write the rule.

    No, you don't have to have the same set of members on both sides.

    If you have...

    A, B, C, D

    .. .in the source, and...

    A, B, C

    .. .in the target, you have two options.

    First option, live with the warnings of validation "incompatibility of cell count" and do nothing to do.  Then no data will appear in the target for had 'and had data' will be not only be pushed in any of the partition.

    Second option, card would be "one of the 'A', 'B' and 'C'."

  • How can I change the connections of source and target OWB?

    Hello, I have hurt to change the connection to the source in OWB.

    My login name of source is identical to the front. That DB name, schema name is now moving to connect to the source. Here are the steps that I did.

    1. went to control Center Manager and cancel the mapping of source.
    2. is go explore connection and right click on the connection to the source, and then click Open Editor. change the username, ip address, password, name of the comic.
    3. goes to control Center Manager and redeploy the mapping. It does not work... It is said, table or view does not exist.

    Is there somewhere else I need to change... Somewhere, Miss me...

    Any help is appreciated...

    Hello

    Go to the module using the mentioned location.
    Change the module, set the location of metadata to the correct location
    Go to data locations, the correct location should be with selected locations. If so, remove it and place it again.

    Now, go to the configuration of the module and go to the Identification
    Check the value of the location and make sure that it uses the correct location

    I think it is sometimes useful to change the location to another location and back to the correct location.
    I hope this helps.

    Kind regards

    Emile

  • automatically create source and target tables

    Hello
    I need to convert many flat COBOL tables (each table has a file description and a data file) to the Oracle Tables.
    I just create (using the 'flat file to oracle table' online documentation) my first project and it works.

    It is possible to automate the operation without manually create each single source table and the target table?
    Where can I find a manual?

    Thanks to advice
    Fabio

    Fabio,

    I do not see how ODI could do this process automatically except by accessing the repository, but it won't work for repositories of executions.

    I suggest do you it manually...

    On the stpe update, if you need not change the revenge for SQL append coming to do inserts.

    Do not forget to put the IKM 'Flow Control' or 'no' which generates fewer steps and really increase performance...

    No sense?

    Cezar Santos
    [www.odiexperts.com]

  • Active Directory user confidence and target user Recon fails for an ORGANIZATIONAL unit

    Hello

    Active Directory trusted user and target user Recon fails for single ORGANIZATIONAL unit and others to run correctly.

    We get the "the server does not support the requested critical extension.

    I read, we must use the entrance of page size of the definition of Lookup.Configuraiton.ActiveDirectory or Lookup.Configuraiton.ActiveDirectory.Trusted search for settting granular level.

    I looked into this research and got the PageSize as 1000. So, does that mean? How to use the pagesize?

    It's the user Trusted Recon Brio ST AD

    Thank you

    After increasing the value of pagesize, jobs are working well.

  • Error during the reconciliation of the trusted source

    Hello
    I am facing a problem using the connector (DBAT_91050) of the Table of database Applications.
    I have correctly installed the connector and created a simple table in a database diagram (first name, family name, emp_id, role (as well as varchar2)).
    Then I created a generic connector for a trusted source and mapping.
    When I try to run the task to reconcile my source I get the following error:

    Caused by: org.xml.sax.SAXParseException: cvc-minLength valid: value "with length = '0' is not facet-valid with respect to minLength 1' of type 'matchingRuleType '.
    at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException (unknown Source)
    at org.apache.xerces.util.ErrorHandlerWrapper.error (unknown Source)
    at org.apache.xerces.impl.XMLErrorReporter.reportError (unknown Source)
    at org.apache.xerces.impl.XMLErrorReporter.reportError (unknown Source)
    at org.apache.xerces.impl.XMLErrorReporter.reportError (unknown Source)
    to org.apache.xerces.impl.xs.XMLSchemaValidator$ XSIErrorReporter.reportError (unknown Source)
    at org.apache.xerces.impl.xs.XMLSchemaValidator.reportSchemaError (unknown Source)
    at org.apache.xerces.impl.xs.XMLSchemaValidator.elementLocallyValidType (unknown Source)
    at org.apache.xerces.impl.xs.XMLSchemaValidator.processElementContent (unknown Source)
    at org.apache.xerces.impl.xs.XMLSchemaValidator.handleEndElement (unknown Source)
    at org.apache.xerces.impl.xs.XMLSchemaValidator.endElement (unknown Source)
    at org.apache.xerces.jaxp.validation.ValidatorHandlerImpl.endElement (unknown Source)
    at com.sun.xml.bind.v2.runtime.unmarshaller.ValidatingUnmarshaller.endElement(ValidatingUnmarshaller.java:106)
    at com.sun.xml.bind.v2.runtime.unmarshaller.InterningXmlVisitor.endElement(InterningXmlVisitor.java:81)
    at com.sun.xml.bind.v2.runtime.unmarshaller.SAXConnector.endElement(SAXConnector.java:158)
    at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:255)
    at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:281)
    at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:250)
    at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:281)
    at com.sun.xml.bind.unmarshaller.DOMScanner.visit(DOMScanner.java:250)
    at com.sun.xml.bind.unmarshaller.DOMScanner.scan(DOMScanner.java:127)

    I've read Re: trusted object reconciliation Mapping for act_key - 11g Realease2 source but I am not able to apply the solution in my case.

    No rules none of the transformations are applied during the card.

    Thank you.

    It is ok...
    Welcome to Oracle Forum...
    Fairly good condition of the work you are considering its only your second day...

    In any case, you must open Console Design to solve this problem... Click on the subject of resource... There will be a resource object... namely TEST_GTC...
    Open the process of commissioning for the purpose of resource...
    There will be a tab "Reconciliation field mapping... Click on this... Then see if the user ID is marked as 'key to reconciliation... "
    Then go to the menu item "Reconciliation rule" at the bottom of the console of design...
    Open the rule for TEST_GTC Recon...

    Check if validates it and Active, both boxes are TRUE...

    Then go back to the subject of resource TEST_GTC... --> Rules of Action reconciliation reconciliation tab--> create a profile reconciliation...
    Then go to DEV_OIM... This time, you will be able to see a RA_TEST_GTC_1234 (1234 being OBJ_KEY for TEST_GTC)

    If you find this useful or appropriate response, please mark the helpful or appropriate. And then mark the entire thread as a response.

Maybe you are looking for