Pages

Friday, May 31, 2013

OIM 11g R2, OIM 11g R2 PS1: Changing User prefix RND/Updating prefix RDN during Provisioning

In this post we are going to see how to update RDN of user automatically to cn or uid


  • If you want to change for OID then update lookup: 


Lookup.OID.UM.ProvAttrMap


  • If you want to change for OUD/LDAP then update lookup: 


Lookup.LDAP.UM.ProvAttrMap

Parameter that need to be changed is Name (Code Key)

If you need uid as RDN prefix change Decode as shown below:

Name                                   __NAME__="uid=${User_ID},${Container_DN}"

If you need cn as RDN prefix change Decode as shown below:
Name                                  
__NAME__="cn=${User_ID},${Container_DN}"

Thanks !!

Prepopulate attributes in OIM 11gR2

In this post, we are trying to pre-populate same value for 2 different attributes like "uid" and "title". This is during account creation.

Steps:

Login to Design Console and Navigate to Form Designer
Open the required user form 








Save and close








Click save..


Double click on 1






Save


Again save it.



Click OK


Try doing provisioning.


Thursday, May 30, 2013

ODSEE commands part 1

This post will list some of the basic and widely used commands in the world of ODSEE.

Assumptions:

Base DN:                         dc=veeru,dc=com
LDAP Instances path:     E:\dsee7\ds7\

My ODSEE has been configured on localhost. you have to replace localhost with the hostname of the server on which your ODSEE is running. use appropriate port numbers too. Below commands will help you as a sample on how they can be used.

Instance Creation/Deletion:

create instance
> E:\dsee7\bin\dsadm create -p 1089 -P 1189 E:\dsee7\ds7\instance1089

where 1089 is non-ssl port, 1189 is ssl port and E:\dsee7\ds7\instance1089 is the instance folder path

delete instance
> E:\dsee7\bin\dsadm delete E:\dsee7\ds7\instance1089

where E:\dsee7\ds7\instance1089 is the instance folder path


Instance start/stop:

start
> dsadm start E:\dsee7\ds7\instance1089

stop
> dsadm stop E:\dsee7\ds7\instance1089

Operations on suffix:

create suffix
> dsconf create-suffix -p 1089 -e dc=veeru,dc=com

Disable/Enable the suffix
> dsconf set-suffix-prop -h host -p port suffix-DN enabled:on

create sub-suffix
> dsconf create-suffix -hlocalhost -P1189 ou=users,dc=veeru,dc=com

add sub-suffix to parent suffix
> dsconf set-suffix-prop -hlocalhost -P1189 ou=users,dc=veeru,dc=com parent-suffix-dn:dc=veeru,dc=com

Register the server instance with DSCC
> dsccreg add-server -h localhost -p 3998 E:\dsee7\ds7\instance1089

Remove the server instance with DSCC
dsccreg remove-server -h localhost -p 3998 E:\dsee7\ds7\instance1089

List the server that are currently registered into DSCC
> dsccreg list-servers -h localhost -p 3998


Starting cacao Operations:
list the instances on cacao
> E:/dsee7/ext/cacao_2/bin/cacaoadm.bat list-instances

enable instance on cacao
> E:/dsee7/ext/cacao_2/bin/cacaoadm.bat enable -i default -f E:/dsee7/ext/cacao_2/bin/password.txt

start cacao
> E:/dsee7/ext/cacao_2/bin/cacaoadm.bat start

start ads
> E:/dsee7/bin/dsadm.exe start E:/dsee7/var/dcc/ads

verify cacao status
> E:/dsee7/bin/dsccsetup.exe status 

Creating OUs:

Below, i am going to create two different OUs. one for contractors and other for employees.

> dsconf create-suffix -hlocalhost -P1189 ou=contractors,ou=users,dc=veeru,dc=com

> dsconf create-suffix -hlocalhost -P1189 ou=employees,ou=users,dc=veeru,dc=com

after creating the OUs, we need to register them with the parent DN as shown below

> dsconf set-suffix-prop -hlocalhost -P1189 ou=contractors,ou=users,dc=veeru,dc=com parent-suffix-dn:ou=users,dc=veeru,dc=com

> dsconf set-suffix-prop -hlocalhost -P1189 ou=employees,ou=users,dc=veeru,dc=com parent-suffix-dn:ou=users,dc=veeru,dc=com

more to come in the following post.

Thanks,
Veeru Yads

ODSEE 11g R1 (11.1.1.5) Installation and Configuration

In this post, I have covered installation of  ODSEE 11.1.1.5, DSCC setup, LDAP instance creation and its registration with DSCC.

Environment:

Windows 7 64-bit
ODSEE 11.1.1.5
iPlanet Web Server 7.0.15 (to deploy DSCC)

you can choose either Tomcat or Jboss as well to deploy your dscc war file.

DSEE Install:


Navigate to E:\oim_11.1.1.5_Suite\DSEE\ODSEE_ZIP_Distribution
Unzip the file dsee.zip and move it to E:\dsee7\

Creating DSCC Registry:


  • Go to cmd prompt and type these commands

> cd E:\dsee7\bin
> dsccsetup ads-create


  • Pick a password for the super user account

Create war file for DSCC:


  • Go to cmd prompt and type these commands

> cd E:\dsee7\bin
> dsccsetup war-file-create



To create server instances on the same host where DSCC is deployed, register the DSCC agent in Common Agent Container.

  • Go to cmd prompt and type these commands
> cd E:\dsee7\bin
> dsccsetup cacao-reg
In case of issues, navigate to E:\dsee7\ext\cacao_2 and run the file “configure.bat” as administrator.
After this, run the command 
> dsccsetup cacao-reg again
Type the following command to check the location and other statistics of your war file and DSCC registry:
> dsccsetup status

             


Oracle iPlanet Web Server 7.0.15 Install:


Navigate to E:\oim_11.1.1.5_Suite\iPlanet_7.0.15\145847-09\Oracle-iPlanet-Web-Server-7.0.15-windows and run ‘setup.exe’

Username: iplanet
Password: Your own password



Deploy the war file.
Browse the Oracle iPlanet Web Server console using https://hostname:8989
Under the Common Tasks tab, click Add Web Application in the Virtual Server Tasks section.
In the Add Web Application form, provide the following values and click OK.
Web Application Location: install-path/var/dscc7.war
URI: /dscc7

Instance Creation:









Registering LDAP instances to access from DSCC console:


> dsccreg add-server -h localhost -p 3998 E:\dsee7\ds7\instance1089

Thanks,
Veeru Yads

Wednesday, May 29, 2013

OIM Integration with SOA Composite and Web Services Connector:

As the Webservice Connector is  a Generic Connector, it is wired to specific Target Webservice.The Connector Package will Contain set of Templates and build utility script which will generate OIM Artifacts specific to web service to which we can connect to from the set of template that are available in the Connector.This Utility also capable of generating SOA Composite which is used to wired to the target.

High Level Steps :

1)Build the Connector:
Build the Connector From the Connector Default folder and unzip the Connector where we will see the build scripts  and the  set of templates in Templates folder.

Run the Command build-connector.sh/bat with the  two arguments Long and short Descriptive Code.
eg:build-connector.sh "Long" "Short Descriptive Code"  "CLOUDCRM""CCRM"  like which web service we want to Connect to. Once this is Run Webservice Connector zip is generated.

2)Open the SOA Composite in Jdeveloper: Once the build is finish ,the SOA Composite will be generated in the /connectorDefaultDirectory/WSConnector(folder)/soa/project open it in the Jdeveloper and wire them with the target application webservice.

3)Configure the SOA Composite:  Configure SOA Process and BPEL, specify the partnerlink details for the specific target webservices and invoking the operation on the target ,mapping variables. Assigning the Connector input end point to the input of the target web services operations.

4)Deploy the Composite: Build the project and see there are no compilations error. Deploy the Ready Composite on to the SOA server and trace the deployment progress on the logs.

Test the composite in the EM Console  and test the Webservice.

5)Install the Connector: Install the connector  in the OIM.

6)Create the IT Resource: Create the IT Resource and Configure all the required parameters.

7)Test the User for Provisioning: Provision the Accounts  to the target web service from OIM.

Generic Web services Connector for OIM

What is Web service:

Web services are web API which are exposed by certain web applications to enable interoperability with their application. The operations exposed by them can be invoked by any system and the entire interactions as be done by SOAP protocol.

SOAP -Simple Object Access Protocol.

  • It's a Communication Protocol.
  • It  Communicates between different application.
  • It is platform and Language independent.
  • It Communicates via internet.


Webservices Connector Role:

This Connector will play a vital role in achieving integration with many established products that expose web service or any custom in house web service applications and it provides generic infrastructure where customers can connect to any web services end point for Provisioning and Reconciliation of the Accounts.


Connector Architecture:







The Target Application is the Web service End point, and SOA Composite is used to bind and invoke operations on the target webservice.SOA invokes all the operations from the target.
SOA composite is wired to web service client  which is connector web services endpoint, that exposes the  operations which are corresponding to  the ICF operations like Create, Delete, Update and Search etc; So when we have target  application which exposes its web service it has Operations Similar to the above operations with its own input and output convention.

The Web service Connector is responsible for invoking the operations on the SOA stubs that are generated by the Connector  Web services Client with the Specific Input Structure, which in turn triggers the BPEL process for the Specific Type of Operation on the Target system.

Once the Operations are invoked the Output is Passed back to SOA Composite, which optionally make use of XLST transform the payload for which the ICF can understand.

Tuesday, May 28, 2013

Cognos Express 9.5 Installation and Configuration

Scenario: The idea is to install Cognos and configure SSO using OAM 11gR2. In this post i will cover Cognos 9.5  installation setup

Environment:
Windows 7 64 bit
Cognos 9.5 64-bit (Express Edition)
OAM 11gR2
AD installed on Windows server 2008 R2

Steps:


  • Register on IBM site and down Cognos 9.5 64-bit (Express Edition) using the below URL. IBM by default uses its own download manager to perform the software download.
  • Navigate to the downloadable and Launch setup.exe







  • Select the desired Folder PATH and proceed







  • Leave the Default ports as it is and define the administrator username and password what ever you like






  • "icognosexpress" is a system account that will be created by the installer. Not sure where it will be used










  •     Admin URL:   http://localhost:19300/cognos_express/manager/main.html?lang=en





  •     Notice that Manager shown as Installing.






  • On the Right Pane, you can observe the status as notifications.





  • Once the installation is done, You will get a login page as below. Login using the Admin account that was created during installation




  • In order to install reporting functionality, Navigate to "Reporter" pane and click on Install




  •     After installation, you will get a screen like below





  • Observe the below 5 services were craeted as part of the Cognos installation. you can start/stop services to control




Administration Console:

On the top right corner, you can navigate to Admin Page and will get a page like below



  • If you want to configure Mail server and AD for authentication, Navigate to Manager and click on configure.
  • Enter appropriate host and port details





  • You can observe the changes made in the logs as below




Thanks,
Veeru Yads