Pre-Requisite
Incremental Target Reconciliation can be build in OIM using the SearchReconTask and also SyncReconTask. To build the incremental reconciliation, the following components needs to be modified and Developed:
Incremental Reconciliation for Database ICF SearchReconTask
1. Lookup.dbicf.Configuration
Add the Recon Date Format as a lookup code and decode should be valid java date format. For example
| Recon Date Format | - yyyy/MM/dd HH:mm:ss |
2. DataBaseIdentityFilter Class
Override the createGreaterThanExpression and createAndExpression methods to implement the Incremental Reconciliation.
@Override
protected String createGreaterThanExpression(
GreaterThanFilter filter, boolean not) {
String operation="createGreaterThanOrEqualExpression - ";
logger.ok(operation + " Started");
String query= null;
if(not)
{
return query;
}
Attribute attr= filter.getAttribute();
if(attr==null || attr.getValue()==null || (attr.getValue()!=null && attr.getValue().isEmpty()))
{
return query;
}
String name=filter.getName();
Object val=attr.getValue().get(0);
if(DataBaseIdentityUtil.isEmpty(val))
{
throw new ConnectorException("The filter value can not be empty");
}
String strValue=DataBaseIdentityUtil.getString(val);
if(name.equalsIgnoreCase("updateDate"))
{
query="T."+name + " > FUNC('TO_DATE','"+DataBaseIdentityUtil.convertDateToString(new Date(new Long(strValue).longValue()))+"','"+DataBaseIdentityConstants.DB_DATE_FORMAT+"')";
}
else
{
query="T."+name + " > '"+strValue+"'";
}
logger.ok(operation + " Final Filter "+query);
logger.ok(operation + " Ended ");
return query;
}
@Override
protected String createAndExpression(String leftExpression,
String rightExpression) {
return leftExpression + " AND "+ rightExpression;
}
3. Schedule Task Reconciliation Metadata
Add the Scheduled Task Name parameter name in the Schedule Task Reconciliation Metadata file. After Adding the parameter to the file as follows:
<?xml version = '1.0' encoding = 'UTF-8'?>
<xl-ddm-data version="2.0.1.0" user="XELSYSADM" database="jdbc:oracle:thin:@localhost:5524/estView.regress.rdbms.dev.us.oracle.com" exported-date="1307546406635" description="FF">
<scheduledTask repo-type="MDS" name="DataBaseICFConnectorReconciliation" mds-path="/db" mds-file="DataBaseICFConnectorReconciliation.xml">
<completeXml>
<scheduledTasks xmlns="http://xmlns.oracle.com/oim/scheduler">
<task>
<name>DataBaseICFConnectorReconciliation</name>
<class>oracle.iam.connectors.icfcommon.recon.SearchReconTask</class>
<description>DataBaseICFConnectorReconciliation</description>
<retry>0</retry>
<parameters>
<string-param required="false" encrypted="false" helpText="Filter">Filter</string-param>
<string-param required="false" encrypted="false" helpText="Incremental Recon Date Attribute">Incremental Recon Date Attribute</string-param>
<string-param required="false" encrypted="false" helpText="IT Resource Name">IT Resource Name</string-param>
<string-param required="false" encrypted="false" helpText="Object Type">Object Type</string-param>
<string-param required="false" encrypted="false" helpText="Latest Token">Latest Token</string-param>
<string-param required="false" encrypted="false" helpText="Resource Object Name">Resource Object Name</string-param>
<string-param required="false" encrypted="false" helpText="Scheduled Task Name">Scheduled Task Name</string-param>
</parameters>
</task>
</scheduledTasks>
</completeXml>
</scheduledTask>
</xl-ddm-data>
The newly added parameter is highlighted as a bold font.
4. Import Schedule Task Reconciliation Metadata
Re-import the Schedule Task Reconciliation Metadata into the oim repository as follows:
Login to the OIM Console --> Advance --> Import Deployment Manager File --> Select the Scheduler Task File --> Add File --> Import. It will import the XMl File into the OIM Repository.
5. DataBaseIdentityConnector Class
Include the Incremental Recon Date Attribute parameter as a Long value in the ConnectorObject attributes in the executeQuery method. The sample code is given below.
public void executeQuery(ObjectClass objectClass, String filter,
ResultsHandler handler, OperationOptions operations) {
logger.ok("executeQuery Started");
logger.ok("executeQuery filter "+filter);
List<String> returnAttrs= new ArrayList<String>();
if(operations != null)
{
for (String attr: operations.getAttributesToGet())
{
logger.ok("executeQuery Attributes "+attr);
returnAttrs.add(attr);
}
}
List<UserProfile> profiles=userProfileDao.findByUsersCriteria(filter);
logger.ok("executeQuery Result "+profiles);
if(profiles != null && !profiles.isEmpty())
{
for (UserProfile userProfile : profiles)
{
ConnectorObject conobj=DataBaseIdentityUtil.convertMapToConnectorObject(userProfile);
if(returnAttrs.contains(DataBaseIdentityConstants.LAST_UPDATE))
{
conobj=DataBaseIdentityUtil.convertMapToConnectorObject(userProfile,DataBaseIdentityConstants.LAST_UPDATE);
}
else if(returnAttrs.contains(DataBaseIdentityConstants.CREATE_DATE))
{
conobj=DataBaseIdentityUtil.convertMapToConnectorObject(userProfile,DataBaseIdentityConstants.CREATE_DATE);
}
else
{
conobj=DataBaseIdentityUtil.convertMapToConnectorObject(userProfile);
}
logger.ok("executeQuery Attributes Objects "+conobj.getAttributes());
handler.handle(conobj);
logger.ok("executeQuery Attributes Objects After "+conobj.getAttributes());
}
}
logger.ok("executeQuery Ended");
}
DataBaseIdentityUtil class
public static ConnectorObject convertMapToConnectorObject(UserProfile userProfile,String updateFieldName)
{
ConnectorObjectBuilder userObjBuilder = new ConnectorObjectBuilder();
String status=userProfile.getStatus();
if(!isEmpty(status) && status.equalsIgnoreCase(DataBaseIdentityConstants.STATUS_ENABLED))
{
userObjBuilder.addAttribute(DataBaseIdentityConstants.STATUS,DataBaseIdentityConstants.STATUS_ENABLED);
}
else
{
userObjBuilder.addAttribute(DataBaseIdentityConstants.STATUS,DataBaseIdentityConstants.STATUS_DISABLED );
}
userObjBuilder.addAttribute(DataBaseIdentityConstants.FIRST_NAME,userProfile.getFirstName());
userObjBuilder.addAttribute(DataBaseIdentityConstants.LAST_NAME,userProfile.getLastName());
userObjBuilder.addAttribute(DataBaseIdentityConstants.MIDDLE_NAME,userProfile.getMiddleName());
userObjBuilder.addAttribute(DataBaseIdentityConstants.USER_LOGIN,userProfile.getUserLogin());
userObjBuilder.setUid(Long.toString(userProfile.getId()));
userObjBuilder.setName(Long.toString(userProfile.getId()));
if(updateFieldName != null)
{
if(updateFieldName.equalsIgnoreCase("updateDate"))
{
if(userProfile.getUpdateDate() != null)
{
userObjBuilder.addAttribute(updateFieldName,userProfile.getUpdateDate().getTime());
}
}
if (updateFieldName.equalsIgnoreCase("createDate"))
{
if(userProfile.getCreateDate() != null)
{
userObjBuilder.addAttribute(updateFieldName,userProfile.getCreateDate().getTime());
}
}
}
logger.ok("Final Object Data "+userObjBuilder.toString());
ConnectorObject conobj=userObjBuilder.build();
logger.ok("Final Object Data "+conobj.getAttributes());
return conobj;
}
6. Re-Deploy the ICF Jar
Build the Jar File
Execute the following command to build and generate the dbconnector-demo-1.0.jar.
gradle build
Deploy the Jar File
1. Login to the OIM Server.
2. Go to the DOMAIN_HOME/bin directory and execute source ./setDomainEnv.sh file. After executing the file , it will set the classpath.
3. Go to the OIM_HOME/server/bin directory an execute the
UploadJars.sh [-username <username>] [-password <password>] [-serverURL <t3://oimhostname:oimportno>] [-ctxFactory <weblogic.jndi.WLInitialContextFactory>] [- [-ICFBundle <Location of the ICF Bundle Jar>]
It will deploy the ICFBundle into the OIM repository.
7. Restart the OIM Server
Login to the OIM Server and go to the $DOMAIN_HOME/bin directory and execute the following files:
./stopManagedWebLogic.sh oim_server1 t3://weblogicadminhost:port
./startManagedWebLogic.sh oim_server1 t3://weblogicadminhost:port
8. Re-Create the Schedule Task
Delete Schedule Task Name
Login to the OIM Admin Console --> Advanced --> System Management --> Search Schedule Jobs --> Enter Schedule task job name. After Searching the job name, Select the Job Name in the list and Click X Icon . It will delete the Schedule Task Name
Create the Schedule Task Name
Login to the OIM Admin Console --> Advanced --> System Management --> Actions --> Create --> Select Task Name from the Task List, Enter Schedule Job Name, Select No Predefined Schedule for testing, later we can configure periodic, Enter Incremental Recon Date Attribute, IT Resource Name, Object Type, Latest Token, Resource Object Name, and Scheduled Task Name. The Job Name and Scheduled Task Name should be same because it will update the Latest Token value based on the Scheduled Task Name value. The example configuration is given below.
If you specify the Filter and Incremental Recon Date Attribute in the configuration, It will search the user based on the filter and also incremental Recon Date Attribute. It will invoke the createGreathanExpression, createEqualExpression, and also createAndExpression.
How does the DatabaseIdentityFilter.createGreaterThanExpression() get called even though there is no greaterThan() expression in the job?
ReplyDelete