Friday 24 April 2015

Bulkload in OIM

1.      The  Object Classes and the Attributes  in csv should follow the below standards .
2.      CSV sample format to be  specified .
3.      Below mentioned details during the Bulk upload has to be specified, like for forcing the user to change password during first login set the parameters.
4.       Username, Group name, Organization names should be unique and should not exists in the OID already. If exists then import of the groups / Users / Organizations would fail.
5.       The hierarchy of the Load should be maintained such as
Organization should be created first.
6.      User cannot exist in multiple organizations.
7.      User

DIT Structure alignment with the File being Uploaded .

The structure of the DIT should align with the  below structure specified and the object classes and attributes should be align with the above attached mapping document .

BulkLoad in OIM:
The Bulk Load utility is aimed at automating the process of loading a large amount of data into Oracle Identity Manager. It helps reduce the downtime involved in loading data. You can use this utility after you install Oracle Identity Manager or at any time during the production lifetime of Oracle Identity Manager. The Bulk Load utility can load users, accounts, roles, role hierarchy, role membership, and role category data.

Creating the Input Source for the Bulk Load Operation Using CSV Files As the Input Source:

If you want to use CSV files as the input source for the bulk load operation, then apply the following guidelines while creating the CSV files:
·         The CSV files must be placed in the oimbulkload/csv_files directory.
·         The first line in the CSV file is called the control line. This line must contain a comma-separated list of column names in the account (UD_*) table into which you want to load the account data. To find out the UD_ table, go to the process form in the Design Console.

Note:
Ensure that the Password column or any other encrypted column is not included in the list of columns.
·         From the second line onward, the file must contain values for the columns in the control line. The order of columns in the first line and the values in the rest of the lines must be the same.
·         If the value in any column contains a comma, then that value must be enclosed in double quotation marks (").
·         The CSV file must contain values for all columns that are designated as mandatory in the account table. The key mandatory columns in the account table must be ignored.
·         If you want to load account data into parent and child tables, then you must create one parent CSV file and one child CSV file for each child table. For example if you are loading data into one parent table and three child tables, then you must create one parent CSV file and three child CSV files.
·         If you want to load account data into parent and child tables, then at least one column must be the same in both tables. This column corresponds to the link attribute between the parent and child CSV files. The following example illustrates this:
The following are sample contents of a parent CSV file:
UD_ADUSER_UID,UD_ADUSER_ORGNAME,UD_ADUSER_FNAME,UD_ADUSER_LNAME,UD_ADUSER_MNAME,UD_ADUSER_FULLNAME,UD_ADUSER_OBJECTGUID
ADTEST1,"7~CN=ForeignSecurityPrincipals,DC=vivek01,DC=com",adtest1,adtest1,,adtest1,102
Note:
The UD_ADUSER_OBJECTGUID column is mandatory in the parent CSV file for loading accounts by using the bulk load operation. This column must be added to the parent CSV file in spite of nullable column in the database.
The following are sample contents of a child CSV file:
UD_ADUSER_UID,UD_ADUSER_ORGNAME,UD_ADUSRC_GROUPNAME
ADTEST1,"7~CN=ForeignSecurityPrincipals,DC=vivek01,DC=com",group2
The UD_ADUSER_UID column is common to both the parent file and the child file.
·         If the CSV file is generated on Microsoft Windows and is to be loaded on Linux environment, then remove the special characters, such as '\n\r', to avoid run-time errors.

Verifying the Outcome of the Bulk Load Operation

To verify the outcome of the bulk load operation, check if you are able to perform the following steps for one of the OIM Users for whom an account has been added by the utility:
·         Log in as the OIM User, and check if the newly created account is displayed in the resource profile of the user.
·         Log in to the target system by using the credentials of the newly created account.

Creating the Input Source for the Bulk Load Operation

Depending on the input source that you want to use, apply the guidelines given in one of the following sections:

 Using CSV Files As the Input Source

If you want to use CSV files as the input source for the bulk load operation, then apply the following guidelines while creating the CSV files:
·         The CSV files must be placed in the oimbulkload/csv_files directory.
·         The first line in the CSV file is called the control line.
·         This line must contain a comma-separated list of column names based on the selected role upload (role, role hierarchy, role membership, and role category) in the Oracle Identity Manager database.
·         From the second line onward, the file must contain values for the columns in the control line. The order of columns in the first line and the values in the rest of the lines must be the same. The following is a sample content of a role (UGP) CSV file:
        UGP_ROLENAME,UGP_NAMESPACE,USR_LOGIN,ORG_NAME,INCLUDE_HIERARCHY
               "Finance Controllers",Default,XELSYSADM,Finance,YES
               "Finance Controllers",Default,XELSYSADM,Requests,YES
·         Role load is capable of publishing the roles to organizations to follow the security model in Oracle Identity Manager, with an option to include hierarchy.
As a value of the ORG_NAME parameter, specify the organization name, such as Finance or Requests, to which you want to publish the roles. Specify YES for INCLUDE_HIERARCHY if you want to publish the roles to the specified organization and its suborganizations. Specify NULL or NO for INCLUDE_HIERARCHY if you want to publish the roles only to the specified organization and not its suborganizations. If you do not specify values for the ORG_NAME and INCLUDE_HIERARCHY parameters, then by default, the roles are published to the Top organization with hierarchy.
·         If the value in any column contains a comma, then that value must be enclosed in double quotation marks (").
·         The CSV file must contain values for all columns that are designated as mandatory in the respective role tables.
·         The CSV file must contain values for all columns that are designated as mandatory depending on the upload role data, role hierarchy data, role membership data, and role category data.
o    Role UGP): UGP_ROLENAME,UGP_NAMESPACE,USR_LOGIN,ORG_NAME,INCLUDE_HIERARCHY (UGP_NAMESPACE,ORG_NAME,INCLUDE_HIERARCHY
INCLUDE_HIERARCHY can be left as null when not required.
o    Role Hierarchy (GPG): UGP_NAME, GPG_UGP_NAME
o    Role Membership (USG): UGP_NAME, USR_LOGIN
o    Role Category (ROLE_CATEGORY): ROLE_CATEGORY_NAME
Each row in the CSV file must have a unique value for the combinationation of manadatory columns.
·         The following default values are inserted into Oracle Identity Manager if the CSV file does not contain values for these columns:
o    For Role (UGP)
o    ROLE_CATEGORY_NAME: Default
o    UGP_DISPLAY_NAME: Defaults to UGP_NAME
o    ORG_NAME: TOP
o    INCLUDE_HIERARCHY: YES
o    For Role Hierarchy (GPG)
None
o    For Role Membership (USG)
RUL_KEY: RUL_KEY from RUL table with RUL_NAME as 'Default'
USG_PRIORITY: group and rank based on UGP_KEY based on the rows given for upload.
o    Role Category (ROLE CATEGORY)
None
·         Create a master TXT file containing the names of the CSV files containing role data to be loaded. You can specify any name for the file, for example, master.txt. Save the master file in the oimbulkload/csv_files directory.
If you want to load multiple CSV files, then enter the name of each data CSV file on a separate line in the master file. Order the list of CSV file names in the sequence in which you want the utility to load data from the files. For example, suppose you have created three data CSV files, Role1.csv, Role2.csv, and Role3.csv. In the master file, enter the names of the data CSV files in the following order:
Role1.csv
Role2.csv
Role3.csv
When you run the utility, data is loaded in this order.
·         If the CSV file is generated on Microsoft Windows and is to be loaded on Linux environment, then remove the special characters, such as '\n\r', to avoid run-time errors.

Verifying the Outcome of the Bulk Load Operation

To verify the outcome of the bulk load operation, check if you are able to perform the following steps for one of the OIM Role added by the utility:
1.      Log in to Oracle Identity Self Service, and verify that the newly created role is displayed in the search result for roles.
2.      For the newly created role hierarchy and role members, click the Hierarchy and Members tabs respectively on the role details page.
3.      To verify the newly created role category, in the Welcome page of Oracle Identity Administration, click Advanced Search - Role Categories. Then, perform an advanced search to find the newly created role.
References:


Posted by at

1 comment:

  1. nanjaciela5 March 2022 at 01:05

    Harrah's Cherokee Casino Resort - MapYRO
    Welcome to Harrah's Cherokee Casino Resort. We offer the ultimate 안동 출장샵 in casino 보령 출장안마 gaming, 여수 출장마사지 featuring more 대구광역 출장안마 than 2600 electronic games, a popular music venue, 제주 출장안마

    ReplyDelete

Subscribe to: Post Comments (Atom)