Student Guide - Oracle Identity Manager 11g Essentials Volume I

600 11 0
  • Loading ...
1/600 trang
Tải xuống

Thông tin tài liệu

Ngày đăng: 25/11/2016, 19:22

Oracle Identity Manager 11g: Essentials Volume I • Student Guide D65160GC10 Edition 1.0 November 2010 D69802 Copyright © 2010, Oracle and/or its affiliates All rights reserved Disclaimer This document contains proprietary information and is protected by copyright and other intellectual property laws You may copy and print this document solely for your own use in an Oracle training course The document may not be modified or altered in any way Except where your use constitutes "fair use" under copyright law, you may not use, share, download, upload, copy, print, display, perform, reproduce, publish, license, post, transmit, or distribute this document in whole or in part without the express authorization of Oracle The information contained in this document is subject to change without notice If you find any problems in the document, please report them in writing to: Oracle University, 500 Oracle Parkway, Redwood Shores, California 94065 USA This document is not warranted to be error-free Restricted Rights Notice If this documentation is delivered to the United States Government or anyone using the documentation on behalf of the United States Government, the following notice is applicable: U.S GOVERNMENT RIGHTS The U.S Government’s rights to use, modify, reproduce, release, perform, display, or disclose these training materials are restricted by the terms of the applicable Oracle license agreement and/or the applicable U.S Government contract Trademark Notice Oracle and Java are registered trademarks of Oracle and/or its affiliates Other names may be trademarks of their respective owners Authors Robert LaVallie, Terri Cantor Technical Contributors and Reviewers Eswar Vandanapu, Raj Kuchi, Rajesh Bhabu, Sri Subramanian, Gopal Kumarappan, Mario Lim, Ajay Keni, Brad Donison, Ashok Maram, Bitan Biswas, Amol Dharmadhikari, Abhishek Sharma, Semyon Shulman, Viresh Garg, Sid Choudhury, Javed Beg, Jatan Rajvanshi, Sidhartha Das, Ashutosh Pitre, Shyam Narayan Singh, Sanjay Rallapalli, Srinivas Marni, Debapriya Datta, Alexandre Babeanu, Don Biasotti, Gururaj B.S This book was published using: Oracle Tutor Table of Contents Introduction 1-1 Introduction 1-2 Road Map 1-3 Course Objectives 1-4 Road Map 1-7 Course Units 1-8 Unit 1: Product Overview .1-9 Unit 2: Managing Users, User Entities, and Resources 1-11 Unit 3: Handling Reconciliation Workflows .1-13 Unit 4: Managing Policies, Reports, and Tools 1-14 Unit 5: Deploying Configurations 1-16 Road Map 1-17 Lesson Summary 1-18 Road Map 1-19 What's Next? 1-20 Identity Management and Identity Administration: Overview 2-1 Identity Management and Identity Administration: Overview 2-2 Road Map 2-3 Lesson Objectives 2-4 Road Map 2-6 Identity Management: Overview .2-7 Identity Management: Importance 2-9 Identity Management: Benefits .2-11 Quiz 2-13 Identity Management: Values 2-17 How Can Identity Management Help? 2-19 Quiz 2-23 Identity Management: Terminology 2-25 Identity Management: Functions 2-27 Identity Administration 2-29 Access Management 2-31 Directory Services 2-33 Audit and Compliance 2-35 Suite Management 2-37 Quiz 2-39 Road Map 2-43 Identity Administration: Infrastructure .2-44 Identity Administration: Benefits .2-45 Road Map 2-46 Lesson Summary 2-47 Road Map 2-48 Lesson Demos .2-49 Road Map 2-50 What's Next? 2-51 Launching Oracle Identity Manager .3-1 Launching Oracle Identity Manager .3-2 Road Map 3-3 Copyright © 2010, Oracle and/or its affiliates All rights reserved Oracle Identity Manager 11g: Essentials Table of Contents i Lesson Objectives 3-4 Road Map 3-6 Oracle WebLogic Server Overview 3-7 Oracle WebLogic Server Overview: Domains 3-8 Comparing Administration Servers and Managed Servers 3-10 Oracle Identity Manager Server Overview .3-12 SOA Server Overview 3-13 Starting Administration and Managed Servers .3-15 Starting the Administration Server 3-16 Starting the Managed Servers 3-17 Monitoring the Status of the Managed Servers 3-18 Quiz 3-19 Road Map 3-22 Oracle Identity Manager Interfaces 3-23 Oracle Identity Manager Administrative and User Console Overview 3-24 Oracle Identity Manager Unauthenticated Self Service Console Overview 3-26 Oracle Identity Manager Unauthenticated Self Service Console: Reset Password 3-27 Oracle Identity Manager Unauthenticated Self Service Console: Self-Registration .3-30 Oracle Identity Manager Unauthenticated Self Service Console: Track Registration .3-33 Web Console Overview 3-35 Self-Service Functionalities 3-36 Oracle Identity Manager Self Service Console .3-38 Oracle Identity Manager Administration Console 3-40 Oracle Identity Manager Advanced Administration Console 3-42 Starting the Oracle Identity Manager Web Consoles .3-45 Oracle Identity Manager Design Console Overview .3-46 Design Console: User Management 3-47 Design Console: Resource Management .3-48 Design Console: Process Management 3-49 Design Console: Administration .3-50 Design Console: Development Tools .3-52 Starting the Oracle Identity Manager Design Console 3-54 Quiz 3-55 Road Map 3-58 Oracle SOA Consoles Overview 3-59 Oracle SOA Platform 3-60 Oracle BPM Worklist Console 3-61 Launching the Oracle SOA Consoles 3-62 Road Map 3-63 Lesson Summary 3-64 Road Map 3-65 Practice Overview: Launching Oracle Identity Manager .3-66 Road Map 3-67 What's Next? 3-68 Understanding Oracle Identity Manager 4-1 Understanding Oracle Identity Manager .4-2 Road Map 4-3 Lesson Objectives 4-4 Road Map 4-6 Copyright © 2010, Oracle and/or its affiliates All rights reserved Oracle Identity Manager 11g: Essentials Table of Contents ii Oracle Identity Management Products 4-7 Road Map 4-10 Oracle Identity Manager: Overview 4-11 Oracle Identity Manager: Features 4-14 Oracle Identity Manager Features: Self-Service and Delegated Administration 4-16 Oracle Identity Manager Features: Workflow and Policy Management 4-17 Oracle Identity Manager Features: Password Management 4-19 Oracle Identity Manager Features: Audit and Compliance Management .4-21 Oracle Identity Manager Features: Integration Solutions .4-23 Oracle Identity Manager: Functional Layers 4-25 Oracle Identity Manager: Solving Business Challenges 4-27 Quiz 4-29 Road Map 4-32 Oracle Identity Manager Architecture .4-33 Quiz 4-35 Road Map 4-39 Use Case #1: Initial Onboarding 4-40 Use Case #2: Request-Based Scenario .4-41 Road Map 4-42 Reconciliation and Provisioning: Overview 4-43 Quiz 4-45 Road Map 4-47 Oracle Identity Manager Connector: Overview .4-48 Quiz 4-49 Road Map 4-50 Lesson Summary 4-51 Road Map 4-53 What's Next? 4-54 Understanding Organizations, Roles, and Users 5-1 Understanding Organizations, Roles, and Users 5-2 Road Map 5-3 Lesson Objectives 5-4 Road Map 5-5 Oracle Identity Manager User 5-6 User Entity Life Cycle .5-7 Oracle Identity Manager User Types 5-9 Oracle Identity Manager Functional Users .5-11 Quiz 5-13 Road Map 5-16 Oracle Identity Manager Organizations 5-17 Oracle Identity Manager Roles .5-18 Role Hierarchy .5-19 Role Category 5-20 Oracle Identity Manager Entity Relationships 5-21 Quiz 5-22 Road Map 5-25 Overview of the Bulk Load Utility 5-26 Loading Data with the Bulk Load Utility 5-27 Bulk Load Utility Scripts, Data Files, and Database Tables 5-29 Copyright © 2010, Oracle and/or its affiliates All rights reserved Oracle Identity Manager 11g: Essentials Table of Contents iii Bulk-Load Input Source 5-31 Bulk-Load Database Columns 5-32 Configuring the Bulk Load Utility 5-36 Quiz 5-37 Road Map 5-38 Creating Oracle Identity Manager Entities 5-39 Creating an Organization .5-40 Creating a User 5-42 Creating a Role Category .5-45 Creating a Role 5-47 Assigning a User to a Role .5-49 Revoking a Role from a User 5-52 Bulk Modification of Users 5-54 Modifying an Organization .5-55 Deleting an Organization 5-56 Disabling and Deleting a User 5-57 Deleting a Role .5-59 Loading User and Role-Related Data with the Bulk Load Utility 5-61 Quiz 5-68 Road Map 5-70 Lesson Summary 5-71 Road Map 5-72 Practice Overview: Understanding Organizations, Roles, and Users .5-73 Road Map 5-74 What's Next? 5-75 Using Predefined Connectors 6-1 Using Predefined Connectors (Initial Onboarding) 6-2 Road Map 6-3 Lesson Objectives 6-4 Road Map 6-6 Oracle Identity Manager Connectors: Overview 6-7 Quiz 6-8 Road Map 6-9 Types of Oracle Identity Manager Connectors .6-10 Quiz 6-13 Road Map 6-14 Transferring Oracle Identity Manager Connectors: Ways 6-15 Transferring Oracle Identity Manager Connectors: Advantages 6-17 Transferring Oracle Identity Manager Connectors: Best Practices .6-18 Transferring Oracle Identity Manager Connectors: Tools .6-23 Quiz 6-25 Road Map 6-28 Using Oracle Identity Manager Connectors: Setup 6-29 Using Oracle Identity Manager Connectors: Run Time 6-33 Step 1: Verifying Installation and Deployment Requirements .6-34 Step 2: Configuring the External Resource 6-35 Step 3: Copying Connector and External Code Files 6-36 Copying Connector Files: Sun Java System Directory Server 6-38 Step 4: Configuring Oracle Identity Manager Server .6-44 Copyright © 2010, Oracle and/or its affiliates All rights reserved Oracle Identity Manager 11g: Essentials Table of Contents iv Configuring Oracle Identity Manager Server: Clearing the Server Cache 6-45 Configuring Oracle Identity Manager Server: Enabling Logging 6-47 Step 5: Importing an Oracle Identity Manager Connector .6-50 Step 6: Defining an IT Resource 6-52 Step 7: Configuring Reconciliation Workflows 6-55 Step 8: Configuring Provisioning Workflows 6-60 Step 9: Assigning the Connector to a User 6-62 Step 10: Completing the Custom Process Form 6-64 Step 11: Accessing the Resource 6-66 Quiz 6-67 Road Map 6-72 Lesson Summary 6-73 Road Map 6-74 Practice Overview: Using Predefined Connectors (Initial Onboarding) 6-75 Road Map 6-76 What's Next? 6-77 Understanding Manual and Automated Provisioning 7-1 Understanding Manual and Automated Provisioning .7-2 Road Map 7-3 Lesson Objectives 7-5 Road Map 7-7 Resources 7-8 Oracle Identity Manager Connectors 7-9 Differences Between Assigning Resources and Provisioning Resources 7-10 Quiz 7-11 Road Map 7-13 Assigning Resources to Users: Overview 7-14 Assigning Resources to Users: Criteria 7-15 Assigning Resources to Users: Request 7-16 Assigning Resources to Users: Direct Provisioning .7-17 Quiz 7-18 Road Map 7-21 Types of Provisioning .7-22 Manual Provisioning .7-23 Autoprovisioning 7-24 Quiz 7-25 Road Map 7-26 Using Criteria to Assign a Resource to a User .7-27 Step 1: Creating an Auto Membership Rule 7-28 Step 2: Assigning an Auto Membership Rule to a Role .7-30 Step 3: Building an Access Policy 7-32 Provisioning a User with a Resource Manually 7-34 Step 1: Verifying a Resource Is Assigned to a User .7-36 Step 2: Completing a Custom Process Form 7-38 Step 3: Accessing the Resource 7-40 Quiz 7-41 Road Map 7-43 Modifying an Oracle Identity Manager Connector 7-44 Step 1: Modifying the Provisioning Process 7-46 Copyright © 2010, Oracle and/or its affiliates All rights reserved Oracle Identity Manager 11g: Essentials Table of Contents v Step 2: Modifying the Custom Process Form 7-49 Provisioning a User with a Resource Automatically .7-51 Step 1: Verifying a Resource Is Assigned to a User .7-53 Step 2: Accessing the Resource 7-55 Quiz 7-56 Road Map 7-58 Lesson Summary 7-59 Road Map 7-61 Practice Overview: Understanding Manual and Automated Provisioning 7-62 Road Map 7-63 What's Next? 7-64 Understanding Approval Processes and Requests 8-1 Understanding Approval Processes and Requests 8-2 Road Map 8-3 Lesson Objectives 8-4 Road Map 8-6 Request Workflow and Approval Process Overview 8-7 Request Overview 8-8 Request Type 8-10 Request Type Catalog 8-12 Request Dataset 8-14 Default Request Dataset XML Files .8-16 Request Template 8-18 Approval Process 8-21 Approval Processes .8-22 Oracle SOA Platform 8-23 Template Level Approval Process 8-25 Approval Policies and the Request and Operation Approval Levels 8-26 Request and Operation Level Approval Processes 8-27 Quiz 8-29 Road Map 8-36 JDeveloper and SOA Composite Overview 8-37 Loading an SOA Composite in JDeveloper 8-38 Deploying an SOA Composite to a Defined Application Server .8-40 Registering an SOA Composite with Oracle Identity Manager .8-47 Registering a New SOA Composite with Oracle Identity Manager 8-48 Disabling an SOA Composite from Oracle Identity Manager 8-51 Enabling an SOA Composite with Oracle Identity Manager 8-52 Road Map 8-53 Creating an Approval Policy 8-54 Policy Details 8-55 Set Approval Rule 8-56 Approval Policy Summary 8-57 Approval Policy: Operation-Level Example 8-58 Quiz 8-59 Road Map 8-60 Modeling a Request Template .8-61 Access the Request Template Wizard 8-62 Request Template Details 8-63 Copyright © 2010, Oracle and/or its affiliates All rights reserved Oracle Identity Manager 11g: Essentials Table of Contents vi Allowed Resources 8-65 Attribute Restrictions 8-66 Attribute Restriction Details 8-67 Additional Attributes .8-68 Template User Roles .8-69 Request Template Confirmation 8-70 Road Map 8-71 Request Initiation Flowchart 8-72 Request and Approval Stages for Requests 8-74 Request and Approval Stages for Bulk Requests 8-76 Initiating a Request 8-77 Request Beneficiary .8-78 Request Template 8-79 Select Users 8-80 Select Resources 8-81 Resource Details and Additional Data 8-82 Request Justification 8-83 Road Map 8-84 Lesson Summary 8-85 Road Map 8-86 Practice Overview: Understanding Request Workflows and Approval Processes 8-87 Road Map 8-88 What's Next? 8-89 Understanding Reconciliation 9-1 Understanding Reconciliation 9-2 Road Map 9-3 Lesson Objectives 9-5 Road Map 9-8 Reconciliation and Provisioning .9-9 Reconciliation: Types .9-11 Reconciliation: Events 9-14 Quiz 9-17 Road Map 9-23 Authoritative Reconciliation: Conceptual Diagram 9-24 Authoritative Reconciliation: Single and Multiple Trusted Sources .9-25 Account Reconciliation: Conceptual Diagram 9-26 Account Reconciliation: Target System 9-27 Account Reconciliation: Data Process Flow 9-28 Road Map 9-30 Implementing a Reconciliation Workflow 9-31 Step 1: Verifying Installation and Deployment Requirements .9-34 Step 2: Configuring the External Resource 9-36 Step 3: Copying Connector and External Code Files 9-38 Copying Connector Files: Microsoft Active Directory 9-40 Copying External Code Files: Microsoft Active Directory 9-45 Step 4: Configuring Oracle Identity Manager Server .9-46 Configuring Oracle Identity Manager Server: Clearing the Server Cache 9-47 Configuring Oracle Identity Manager Server: Enabling Logging 9-49 Step 5: Importing an Oracle Identity Manager Connector .9-51 Copyright © 2010, Oracle and/or its affiliates All rights reserved Oracle Identity Manager 11g: Essentials Table of Contents vii Step 6: Defining an IT Resource 9-54 Step 7: Modifying a Scheduled Job 9-59 Modifying a Scheduled Job: Trusted Source 9-61 Modifying a Scheduled Job: Target Resource .9-63 Step 8: Reconciling with a Trusted Source 9-64 Step 8: Reconciling with a Target Resource 9-67 Quiz 9-70 Road Map 9-74 Lesson Summary 9-75 Road Map 9-76 Practice Overview: Understanding Reconciliation 9-77 Road Map 9-78 What's Next? 9-79 Managing Authorization Policies 10-1 Managing Authorization Policies 10-2 Road Map 10-3 Lesson Objectives 10-4 Road Map 10-6 Security Principles: Identity, Authentication, and Authorization 10-7 What Is Authorization? 10-9 Quiz 10-10 Road Map 10-12 Oracle Entitlement Server 10-13 Authorization Policy – Overview .10-15 Authorization Policy: Relationship to Roles 10-17 Authorization Policy: Target 10-18 Entity Association and Functional Security: Role Management 10-19 Entity Association and Functional Security: Self Service User Management 10-21 Entity Association and Functional Security: User Management 10-22 Authorization Policy: Defining Scope with Data Security 10-24 Authorization Policy: Policy Assignment 10-26 Out-of-the-Box Authorization Policies 10-27 When to Define Authorization Policies 10-34 Quiz 10-35 Road Map 10-41 Creating Role Management Authorization Policies 10-42 Step 1: Complete the Basic Policy Information 10-43 Step 2: Select the Role Management Permissions 10-44 Step 3: Choose Data Constraints 10-45 Step 4: Select the Assignees 10-46 Step 5: Confirm the Results 10-47 Creating Self Service User Management Authorization Policies 10-48 Step 1: Complete the Basic Policy Information 10-49 Step 2: Select the Self Service User Management Permissions 10-50 Step 3: Select the Assignees 10-51 Step 4: Confirm the Results 10-52 Creating User Management Authorization Policies 10-53 Step 1: Complete the Basic Policy Information 10-54 Step 2: Select the User Management Permissions 10-55 Copyright © 2010, Oracle and/or its affiliates All rights reserved Oracle Identity Manager 11g: Essentials Table of Contents viii in Microsoft Active Directory Through the reconciliation workflow, this record is detected in the trusted source and brought into Oracle Identity Manager automatically Note: You now see whether the authoritative reconciliation workflow is successful To verify that the user record is retrieved from Microsoft Active Directory and transferred into Oracle Identity Manager, complete the remaining steps of this procedure Navigate to the Home page of the Oracle Identity Manager Advanced Administration Console On the Home page of the Oracle Identity Manager Advanced Administration Console, click the Search Scheduled Jobs link (located in the System Management pane) 10 Query for the scheduled job for Microsoft Active Directory that you modified in the practice titled “Modifying a Scheduled Job: Trusted Source.” For this lesson, the job is AD User Trusted Recon 11 Click the Run Now button that appears to the right of the name of the scheduled job 12 Navigate to the Home page of the Oracle Identity Manager Administrative and User Console Note: For more information about accessing the Home page of this console, refer to the lesson titled “Understanding Organizations, Roles, and Users.” 13 Click the Advanced Search - Users link on the Oracle Identity Manager Administrative and User Console Home page 14 Query for the user account that you created in Microsoft Active Directory in steps through of this procedure For this lesson, George Trager is the user 15 Verify that this record is transferred into Oracle Identity Manager This indicates that the authoritative reconciliation workflow is successful (that is, the user record is detected in the trusted source and automatically brought into Oracle Identity Manager) Copyright © 2010, Oracle and/or its affiliates All rights reserved Understanding Reconciliation Chapter - Page 66 Step 8: Reconciling with a Target Resource Step 8: Reconciling with a Target Resource The email address of James Mosher is modified in Sun Java System Directory Server (which functions as the target resource) Step 8: Reconciling with a Target Resource You are ready to modify the email address of a user in Sun Java System Directory Server Through the account reconciliation workflow, the modified user-related information is detected in the target resource and brought into Oracle Identity Manager automatically To reconcile with a target resource: Make Sun ONE Server Console active Double-click the ID of the user who has an email address that you want to modify For this lesson, JMOSHER is the ID of the user In the E-Mail field of the Edit User window, enter a modified email address (for example, jmosher@oracle.com) Click OK Sun ONE Server Console is active The user’s email address is modified in Sun Java System Directory Server Through the reconciliation workflow, this modification is detected in the target resource and brought into Oracle Identity Manager automatically Note: You are ready to check if the account reconciliation workflow is successful To verify that the modified user-related information is detected in Sun Java System Directory Server and transferred into Oracle Identity Manager, complete the remaining steps of this procedure Copyright © 2010, Oracle and/or its affiliates All rights reserved Understanding Reconciliation Chapter - Page 67 Step 8: Reconciling with a Target Resource Step 8: Reconciling with a Target Resource The email address of James Mosher is transferred to Oracle Identity Manager through account reconciliation Step 8: Reconciling with a Target Resource (continued) Navigate to the Home page of the Oracle Identity Manager Advanced Administration Console On the Home page of the Oracle Identity Manager Advanced Administration Console, click the Search Scheduled Jobs link (located in the System Management pane) Query for the scheduled job for Sun Java System Directory Server that you modified in the practice titled “Modifying a Scheduled Job: Target Resource.” For this lesson, the job is iPlanet User Target Recon Task Click the Run Now button that appears to the right of the name of the scheduled job Navigate to the Home page of the Oracle Identity Manager Administrative and User Console 10 Click the Advanced Search - Users link on the Oracle Identity Manager Administrative and User Console Home page 11 Query for the user account with the email address that you modified in Sun Java System Directory Server in steps through of this procedure For this lesson, JMOSHER is the ID of the user 12 Click the link that contains the user’s full name Copyright © 2010, Oracle and/or its affiliates All rights reserved Understanding Reconciliation Chapter - Page 68 13.Click the Resources tab Then, click the link that contains the name of the connector’s representative resource For this example, click the iPlanet User link Note: You click the Resources tab and iPlanet User link because you want to see whether Oracle Identity Manager modified the user’s email address for the Sun Java System Directory Server resource This resource is represented by the iPlanet User connector The custom process form for the connector appears This connector represents the target resource (for this lesson, Sun Java System Directory Server) Because of the account reconciliation workflow, the modified user-related information (the user’s email address) is detected in the target resource and brought into Oracle Identity Manager automatically Copyright © 2010, Oracle and/or its affiliates All rights reserved Understanding Reconciliation Chapter - Page 69 Quiz Quiz To set up and run a reconciliation workflow, you must confirm that your system meets requirements for installing and deploying a connector These requirements include: a The correct version of Oracle Identity Manager b The correct version of each external resource with which Oracle Identity Manager communicates (through a connector) c An account in each resource with administrative privileges d All of the above Answer: d To install and deploy a connector, ensure that your system meets the requirements listed in this slide The connector represents the trusted source or target resource with which you are reconciling to implement an authoritative or account reconciliation workflow Note: For more information about checking if your Oracle Identity Manager environment meets requirements for installing and deploying a connector, refer to the slides in this lesson titled “Step 1: Verifying Installation and Deployment Requirements.” Copyright © 2010, Oracle and/or its affiliates All rights reserved Understanding Reconciliation Chapter - Page 70 Quiz Quiz Use the _ command to clear the Server cache for Oracle Identity Manager a PurgeCache ConnectorResourceBundle.sh b PurgeCache.sh ConnectorResourceBundle c PurgeCache.bat ConnectorResourceBundle d PurgeCache ConnectorResourceBundle.bat Answer: b, c To clear the Server cache for Oracle Identity Manager: • Use the PurgeCache.bat ConnectorResourceBundle command (for Windows environments) or the PurgeCache.sh ConnectorResourceBundle command (for Linux environments) • Provide administrative and server credentials for Oracle Identity Manager Note: For more information about clearing the Server cache for Oracle Identity Manager, refer to the slide in this lesson titled “Configuring Oracle Identity Manager Server: Clearing the Server Cache.” Copyright © 2010, Oracle and/or its affiliates All rights reserved Understanding Reconciliation Chapter - Page 71 Quiz Quiz An IT resource type contains values that Oracle Identity Manager requires to communicate with a resource and access it as an administrator a True b False Answer: b An IT resource contains values that Oracle Identity Manager requires to communicate a resource and access it as an administrator By importing an Oracle Identity Manager connector, you transfer IT resource types for that connector into your environment However, because an IT resource contains administrative credentials that Oracle Identity Manager requires to provision a user to a specific resource, you must create this definition Note: For more information about creating IT resources, refer to the slides in this lesson titled “Step 6: Defining an IT Resource.” Copyright © 2010, Oracle and/or its affiliates All rights reserved Understanding Reconciliation Chapter - Page 72 Quiz Quiz These records contain tasks that are configured to run in Oracle Identity Manager at a particular date and time, or on demand a Scheduled jobs b IT resources c Resource objects d Process forms Answer: a Scheduled jobs are records that are created or imported into Oracle Identity Manager (along with other components of the connectors that are imported) These records contain tasks that are configured to run in Oracle Identity Manager at a particular date and time, or on demand Note: For more information about scheduled jobs, refer to the slide in this lesson titled “Step 7: Modifying a Scheduled Job.” Copyright © 2010, Oracle and/or its affiliates All rights reserved Understanding Reconciliation Chapter - Page 73 Road Map Road Map • • Lesson Objectives Reconciliation and Provisioning – Reconciliation: Types – Reconciliation: Events • Authoritative and Account Reconciliation – Conceptual Diagrams – Implementing Reconciliation Workflows • • • Lesson Summary Lesson Practice What's Next? Road Map This section lists areas of reconciliation that you should have learned about in this lesson Copyright © 2010, Oracle and/or its affiliates All rights reserved Understanding Reconciliation Chapter - Page 74 Lesson Summary Lesson Summary In this lesson, you should have learned how to: • Define reconciliation • Compare authoritative reconciliation and account reconciliation • Discuss Reconciliation Insert Received, Reconciliation Update Received, and Reconciliation Delete Received events • Explain authoritative reconciliation and account reconciliation conceptually Lesson Summary This Summary slide lists areas of reconciliation that you should have learned about in this lesson By now, you should have an in-depth understanding of: • Reconciliation • Two types of reconciliation associated with Oracle Identity Manager: authoritative reconciliation and account reconciliation • How authoritative reconciliation differs from account reconciliation • • Reconciliation events Three reconciliation events that Oracle Identity Manager can perform with a resource: Reconciliation Insert Received, Reconciliation Update Received, and Reconciliation Delete Received • How these events differ from one another • • Process flows for authoritative reconciliation and account reconciliation workflows Scheduled tasks • How scheduled tasks are used with authoritative and account reconciliation workflows • How to implement authoritative reconciliation and account reconciliation workflows Copyright © 2010, Oracle and/or its affiliates All rights reserved Understanding Reconciliation Chapter - Page 75 Road Map Road Map • • Lesson Objectives Reconciliation and Provisioning – Reconciliation: Types – Reconciliation: Events • Authoritative and Account Reconciliation – Conceptual Diagrams – Implementing Reconciliation Workflows • • • Lesson Summary Lesson Practice What's Next? Road Map In this section, you become familiar with implementing authoritative and account reconciliation workflows Copyright © 2010, Oracle and/or its affiliates All rights reserved Understanding Reconciliation Chapter - Page 76 Practice Overview: Understanding Reconciliation Practice Overview: Understanding Reconciliation This practice covers the following topics: • Implementing an authoritative reconciliation workflow that Oracle Identity Manager uses to: – Recognize a new user account on an authoritative source – Bring this account into Oracle Identity Manager • Implementing an account reconciliation workflow that Oracle Identity Manager uses to: – Recognize modified user-related information on a target resource (for example, a user’s email address) – Transfer this information into Oracle Identity Manager Practice Overview: Understanding Reconciliation This practice is designed to familiarize you with implementing authoritative and account reconciliation workflows Specifically, you learn how to: • Implement an authoritative reconciliation workflow that Oracle Identity Manager uses to recognize a new user account on a trusted source, and transfer this account into Oracle Identity Manager For this practice, Microsoft Active Directory represents the trusted source • Implement an account reconciliation workflow that Oracle Identity Manager uses to recognize modified user-related information on a target resource, and transfer this information into Oracle Identity Manager For this practice, the user’s email address is the user information that is modified, and Sun Java System Directory Server represents the target resource Copyright © 2010, Oracle and/or its affiliates All rights reserved Understanding Reconciliation Chapter - Page 77 Road Map Road Map • • Lesson Objectives Reconciliation and Provisioning – Reconciliation: Types – Reconciliation: Events • Authoritative and Account Reconciliation – Conceptual Diagrams – Implementing Reconciliation Workflows • • • Lesson Summary Lesson Practice What's Next? Road Map This section provides you with a high-level overview of what you are to learn in the next lesson of this course Copyright © 2010, Oracle and/or its affiliates All rights reserved Understanding Reconciliation Chapter - Page 78 What’s Next? What’s Next? In this next lesson of this course, you learn how to manage authorization policies Specifically, you gain an understanding of these policies and learn how to implement them into a provisioning workflow What’s Next? Now that you understand reconciliation, you are ready to learn about authorization policies, including how to add these policies to a provisioning workflow Copyright © 2010, Oracle and/or its affiliates All rights reserved Understanding Reconciliation Chapter - Page 79 Copyright © 2010, Oracle and/or its affiliates All rights reserved Understanding Reconciliation Chapter - Page 80 [...]... 1 2-1 9 Oracle Fusion Middleware Audit Framework: Key Technical Concepts 1 2-2 0 Oracle Fusion Middleware Audit Framework: Oracle Identity Manager and SOA 1 2-2 1 Auditing – Oracle Identity Manager 1 2-2 2 Auditing: Oracle Identity Manager Audit Engine .1 2-2 3 Auditing: Oracle Identity Manager Audit Levels .1 2-2 5 Auditing: Changing the Oracle Identity Manager. .. Mozilla 3+ Copyright © 2010, Oracle and/or its affiliates All rights reserved Introduction Chapter 1 - Page 8 Unit 1: Product Overview Unit 1: Product Overview This unit comprises the following lessons: • Identity Management and Identity Administration: Overview • Launching Oracle Identity Manager • Understanding Oracle Identity Manager Oracle Identity Manager Unit 1: Product Overview In this unit,... single lesson titled “Understanding Reconciliation.” Unit 3: Handling Reconciliation Workflows In this unit, you learn about: • Reconciliation • Two types of reconciliation associated with Oracle Identity Manager: authoritative and account reconciliation • Three reconciliation events that Oracle Identity Manager can perform with a resource • Authoritative reconciliation and account reconciliation • Scheduled... 1 8-1 8 Copyright © 2010, Oracle and/or its affiliates All rights reserved Oracle Identity Manager 11g: Essentials Table of Contents xiv Levels of Customization 1 8-1 9 Road Map 1 8-2 1 Branding the Identity Administration Console: Overview 1 8-2 2 Branding the Identity Administration Console: Modifying Branding Text 1 8-2 3 Branding the Identity Administration... have with authoritative reconciliation and account reconciliation • How to implement authoritative reconciliation and account reconciliation workflows - How authoritative reconciliation can recognize new and modified user-related information on a trusted source (for example, Microsoft Active Directory), and transfer this information into Oracle Identity Manager - How account reconciliation can recognize... Out-of-the-box authorization policies and roles associated with these policies • Entity types available when defining authorization policies • Creating authorization policies, and assigning entity-specific permissions and attributes • Data constraints for an authorization policy • Six types of reports to create for Oracle Identity Manager organizations, roles, and users: - Access policy reports - Attestation,... Oracle SOA consoles • The Oracle Identity Management product suite • The role of Oracle Identity Manager in identity management • Business challenges and solutions that Oracle Identity Manager addresses • Tiers and components of the Oracle Identity Manager architecture • Use cases for Oracle Identity Manager • Key features of Oracle Identity Manager for identity management: reconciliation and provisioning... and provisioning • How Oracle Identity Manager manages reconciliation and provisioning • An Oracle Identity Manager connector and how it performs provisioning and reconciliation actions • Mandatory connector components • How to build an Oracle Identity Manager connector Note: This unit is covered on Day 1 of the course Copyright © 2010, Oracle and/or its affiliates All rights reserved Introduction Chapter... 1 1-6 9 What's Next? 1 1-7 0 Auditing, Monitoring, and Logging for Oracle Identity Manager 1 2-1 Copyright © 2010, Oracle and/or its affiliates All rights reserved Oracle Identity Manager 11g: Essentials Table of Contents ix Auditing, Monitoring, and Logging for Oracle Identity Manager .1 2-2 Road Map 1 2-3 Lesson Objectives 1 2-4 Roadmap... .1 6-6 Road Map 1 6-8 Oracle Identity Manager Architecture: Advantages 1 6-9 Copyright © 2010, Oracle and/or its affiliates All rights reserved Oracle Identity Manager 11g: Essentials Table of Contents xiii Road Map 1 6-1 2 Oracle Identity Manager Architecture: Features and Benefits .1 6-1 3 Road Map 1 6-2 0 Oracle Identity Manager Architecture:
- Xem thêm -

Xem thêm: Student Guide - Oracle Identity Manager 11g Essentials Volume I, Student Guide - Oracle Identity Manager 11g Essentials Volume I, Student Guide - Oracle Identity Manager 11g Essentials Volume I

Mục lục

Xem thêm

Gợi ý tài liệu liên quan cho bạn

Nạp tiền Tải lên
Đăng ký
Đăng nhập