Add users
./ldapadd -h hostname.company.com -p 389 -D cn=orcladmin -w passwd -f /home/oracle/software/New_Oid_Users.txt
Delete Users
./ldapdelete -h hostname.company.com -p 389 -D cn=orcladmin -w passwd -c -v -f /home/oracle/software/delete_users.txt
Monday, November 22, 2010
OIM: Installing the Design Console under Linux
Follow below URL, its a cool solution.
http://www.idmworks.com/blog/oim-installing-the-design-console-under-linux
It does work!!
http://www.idmworks.com/blog/oim-installing-the-design-console-under-linux
It does work!!
Thursday, November 18, 2010
Make OIM portal load faster
Whenever a user tries to login to OIM admin console, OIM runs some additional SQL's to get the count of provisioning tasks, pending approvals etc, to display on the home page.
This can cause the home page to load slowly.
Since this information is not of much use in many organization on the home page, we can disable this additional SQL search and make sure only a link is placed on the home page to get to that same data.
To disable these counters, please execute below steps:
1) Login to Design Console with 'xelsysadm'
2) Go to Administration->> System Configuration
3) Search for the keyword "XL.WebAdminHome.CounterDisplay.Type"
4) Change the values from 'DayLimit' to 'CheckLink'
Now when a user logs in OIM he will see a link instead of counters.
For many users, the home page will be much faster from now on.
This can cause the home page to load slowly.
Since this information is not of much use in many organization on the home page, we can disable this additional SQL search and make sure only a link is placed on the home page to get to that same data.
To disable these counters, please execute below steps:
1) Login to Design Console with 'xelsysadm'
2) Go to Administration->> System Configuration
3) Search for the keyword "XL.WebAdminHome.CounterDisplay.Type"
4) Change the values from 'DayLimit' to 'CheckLink'
Now when a user logs in OIM he will see a link instead of counters.
For many users, the home page will be much faster from now on.
Special characters not allowed in name fields - OIM
The following fields in OIM do not support special characters:
If you are using your own form to create a user in OIM, make sure to restrict the above characters in the preceding fields.
The allowed special characters are as below :
! * @ $ ( ) ^ ? { } [ ] : ' ~ ` - _
Put these in a common regular expression pattern.
- User Login
- Group Name
- Organization Name
- Resource Name
- Process Name
- Request Number
- Column Label
- Task Name
- Semicolon ( ; )
- Pound ( # )
- Forward slash ( / )
- Percent ( % )
- Equals sign ( = )
- Bar ( | )
- Plus sign ( + )
- Comma ( , )
- Back slash ( \ )
- Double quotes ( " )
- Less than ( < )
- Greater than ( > )
If you are using your own form to create a user in OIM, make sure to restrict the above characters in the preceding fields.
The allowed special characters are as below :
! * @ $ ( ) ^ ? { } [ ] : ' ~ ` - _
Put these in a common regular expression pattern.
OIM user email field character restriction
If you are using OIM 9.0.1, then the user's email address field will only accept characters as defined in the below statement.
"The local-part and domain name portions of an e-mail address are restricted to ASCII letters, numbers, underscores, hyphens, and periods. The domain identifier portion of an e-mail address is restricted to ASCII letters and numbers"
(http://download.oracle.com/docs/cd/B32479_01/doc.903/b32455/componts.htm#CIHCCEAF)
But this restriction is removed in OIM 9.0.2 version. Below regular expression defined the characters allowed in the email address field in version 9.0.2
([\\w!#$%&'*+-/=?^_`{|}~])+[@](\\w|[-]|[.])+[.]([a-zA-Z0-9])+
So if you need all those special characters, you will have to make sure you are using 9.0.2 and not 9.0.1.
It is a patch update to upgrade from 9.0.1 to 9.0.2. So it should not be difficult.
"The local-part and domain name portions of an e-mail address are restricted to ASCII letters, numbers, underscores, hyphens, and periods. The domain identifier portion of an e-mail address is restricted to ASCII letters and numbers"
(http://download.oracle.com/docs/cd/B32479_01/doc.903/b32455/componts.htm#CIHCCEAF)
But this restriction is removed in OIM 9.0.2 version. Below regular expression defined the characters allowed in the email address field in version 9.0.2
([\\w!#$%&'*+-/=?^_`{|}~])+[@](\\w|[-]|[.])+[.]([a-zA-Z0-9])+
So if you need all those special characters, you will have to make sure you are using 9.0.2 and not 9.0.1.
It is a patch update to upgrade from 9.0.1 to 9.0.2. So it should not be difficult.
Auto Approve Self Registered Users in OIM
By default, a self registered user will have to be approved by a administrator. To automatically approve Self Registered Users in OIM
1. Open the OIM_HOME/xellerate/config/FormMetadata.xml file.
2. Copy the following lines from <form name="SelfRegistrationApprovalForm"> to <form name="SelfRegistrationUserForm"> section:
<attributereference editable="true" optional="true">Organizations.Organization Name</attributereference>
<attributereference editable="true" optional="false">Users.Xellerate Type</attributereference>
<attributereference editable="true" optional="true">Users.Role</attributereference>
3. Save changes and restart the OIM Server.
4. Now when you try to do a Self Register, you need to enter values for Organization name, User Type and Employee Role.
5. Enter value for User Type as End-User.
6. Enter value for Employee Role as Full-Time (Note: The value should be Full-Time and not Full-Time Employee).
7. Submit request, and the request would get automatically approved.
New Blog for Identity Management
I have added a new blog which is dedicated for Oracle identity Management.
So if you are looking for any help of identity management, please check the below link.
http://identity-corp.blogspot.com/
So if you are looking for any help of identity management, please check the below link.
http://identity-corp.blogspot.com/
Subscribe to:
Posts (Atom)