Disabling OIM LDAP Synchronization & Enabling OIM LDAP Synchronization

Disabling OIM LDAP Synchronization
  1. Login to EM Console and navigate to OIM -> oim(11.1.2.X)
  2. Click on System Mbean Browser
  3. Navigate to oracle.mds.lcm -> Server: oim server  -> Application : OIMMetadata -> MDSAppRuntime and click on MDSAppRuntime. refer snapshot:
  1. Click on Operation Tab and Export Metadata before Remove/Disable LDAPSync.
Refer Screen Shot.
  1. Provide Location where to export Meta Data and which file to export.
In our case  File is : /db/ldapMetadata/EventHandlers.xml file from MDS
Refer Screen Shot:
  1. Remove the /db/ldapMetadata/EventHandlers.xml file from MDS by navigating from Operation : deleteMetaData
  1. Provide file name and click on Invoke which will remove EventHandler.xml from MDS.
  1. Login to OIM System Admin console and disable below jobs :
  1. LDAP User Create and Update Reconciliation
  2. LDAP Role Create and Update Reconciliation
  3. LDAP Role Membership Reconciliation
  4. LDAP Role Hierarchy Reconciliation
Enabling OIM LDAP Synchronization
  1. Login to EM Console and navigate to OIM -> oim(11.1.2.X)
  2. Click on System Mbean Browser
  3. Navigate to oracle.mds.lcm -> Server: oim server  -> Application : OIMMetadata -> MDSAppRuntime and click on MDSAppRuntime. refer snapshot:
  1. Click on Operation Tab and Import Metadata Enable LDAPSync.
Refer Screen Shot.
  1. Provide From Location to import Meta Data and which file to import.
In our case  File is : /db/ldapMetadata/EventHandlers.xml file from MDS
Refer Screen Shot:
Note: We should have been exported /db/ldapMetadata/EventHandlers.xml before we disable LDAPSync
  1. Need to import /db/LDAPContainerRules.xml
Sample File :
        <?xml version='1.0' encoding='UTF-8'?>
<container-rules>
<user>
<rule>
<expression>Default</expression>
<container>cn=users,dc=us,dc=oracle,dc=com</container>
<description/>
</rule>
</user>
<role>
<rule>
<expression>Role Description=TestGroup</expression>
<container>cn=TestGroup,dc=us,dc=oracle,dc=com</container>
<description/>
</rule>
<rule>
<expression>Default</expression>
<container>cn=groups,dc=us,dc=oracle,dc=com</container>
<description/>
</rule>
</role>
</container-rules>
  1. Provide From Location to import /db/LDAPContainerRules.xml
Refer Screen Shot:
Note: We should have been exported  /db/ldapMetadata/EventHandlers.xml before we disable LDAPSync which also consist of /db/LDAPContainerRules.xml
  1. Login to OIM System Admin console and Enable below jobs :
  1. LDAP User Create and Update Reconciliation
  2. LDAP Role Create and Update Reconciliation
  3. LDAP Role Membership Reconciliation
  4. LDAP Role Hierarchy Reconciliation
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)