Solving Problems with OIM Flat File Connector

Recently, I supported two projects that required the use of Oracle Identity Manager Flat File connector. Each project had very different requirements. One project required a disconnected resource and the other, reconciliation of PeopleSoft data. In this blog post I will describe the two problems and how I used the Flat File connector to overcome them.

Oracle provides connectors for the Oracle Identity Manager (OIM) Product.  The purpose is a plug-in component that will link the Identity Management system to other applications external to OIM.  Oracle provides a connector that will utilize connection to flat files that reside on the local operating system.  Built into the connector is the reconciliation and provisioning functionality. Reconciliation provides the service of creating and updating data in Oracle Identity Manager; provisioning updates data external to Oracle Identity Manager.

Problem A – Disconnected Resource

My first experience with the Flat File connector was with a problem that required a disconnected resource. My first attempt was to follow the example, building out the configuration, and executing the generation. The result was a functional disconnected resource that provided reconciliation; but I also needed to provision a request. I found that building the disconnected resource and flat file artifacts manually yielded a disconnected resource that provided both reconciliation and a provisioning request.

The following describes the procedure to integrate the Flat File connector with a disconnected resource.

  1. Install the Oracle Flat File connector 11.1.1.5.0.
  2. Create the schema for the Flat File.
  3. Create the disconnected application instance and form.
  4. Update the Flat File user’s IT resource schema file with the location of the schema properties file.
  5. Update the Lookup.FlatFile.UM.Configuration meaning to match the lookup for the reconciliation attributes code and meaning.
  6. Update the Lookup.FlatFile.EntFieldMap for the entitlements map and create the lookup for the reconciliation attributes.
  7. Update the Scheduled Job Flat File Accounts Loader with the Flat File directory, IT resource name and the disconnected application instance name.
  8. Update the Flat File entitlements loader with the Flat File directory, IT resource name, disconnected application instance name and the target lookup name.
  9. Run the scheduled jobs to perform the reconciliation.

Problem B – PeopleSoft Data

The next example is for the integration with PeopleSoft data. One key aspect of the data migration is to assign entitlements to the provisioned resource. To that end, the data contains all the data for the resource and associated entitlements. The process I followed was driven by the data.  First I extracted the PeopleSoft connector data from the PeopleSoft resource tables and reformatted the data to populate the target PeopleSoft connector requirements.  For this problem I built the Flat File connector artifacts manually. This created the Flat File schema, IT Resource, Scheduled Jobs, and Lookups. I then updated the Resource Object and Process Definition. When the reconciliation runs I provisioned all the PeopleSoft accounts with a resource status of, “Provisioned”.

Another key aspect of the PeopleSoft connector is child data that stores email information. The child table stores multiple attributes for the email definition. The Flat File connector has the ability to manage reconciliation of the email child table; this structure is called a complex child form.

Here is an example of a schema file to support the email child form:

Schema File

Here is an example of the Lookup for the reconciliation attributes:

Reconciliation Attributes Lookup

The following describes the procedure to integrate the Flat File connector with Peoplesoft.

  1. Install the Oracle Flat File connector 11.1.1.5.0.
  2. Create the Schema for the Flat File.
  3. Create a separate lookup reconciliation attribute map for the Flat File connector.
  4. Update the PeopleSoft Resource Object and Process Definition to match the values in the reconciliation lookup code column.
  5. Note that the meaning column in reconciliation attribute map must match the field names in the schemaFile.
  6. Update the Flat File Users IT Resource schemaFile with the location of the Schema properties file.
  7. Update the Lookup.FlatFile.UM.Configuration meaning to match the lookup for the reconciliation attributes code and meaning.
  8. Update the Lookup.FlatFile.EntFieldMap for the entitlements map and create the lookup for the reconciliation attributes.
  9. Update the Scheduled Job Flat File Accounts Loader with the Flat File directory, IT Resource Name and the PeopleSoft Application instance name.
  10. Update the Flat File entitlements loader with the Flat File directory, IT Resource Name, PeopleSoft Application instance name and the Target Lookup Name.
  11. Extract the data from the source system that match the schema file and copy to the OIM system.
  12. Run the scheduled jobs to perform the reconciliation and migration of data to the 11g system.