Generic LDAP V3 is a directory storage service, Stores user identity profiles and manages access privilege to the Applications. In other words, Generic LDAP V3 is used for pulling Users, Groups & user-group-membership into Oracle Identity Cloud Service (IDCS) from various LDAP sources and Provisioning Users into different target Applications.
In this article I am using OVD as source LDAP server.
Generic LDAP V3 Features
- Synchronize users, groups and user-group memberships into Oracle Identity Cloud Service.
- Assign and revoke user access to Generic LDAP using the Oracle Identity Cloud Service administration console.
- Manage user group membership through Oracle Identity Cloud Service.
- Require Identity Domain Administrator, Security Administrator & Application Administrator roles in IDCS to manage User accounts and Applications.
- Generic LDAP Server connection details – Hostname, port number & Admin credentials.
- Windows/Linux VM for Bridge connector Installation
- Latest JDK installed on connector server.
Creating Generic LDAP V3 application is a Two-step process –
- Setup Provisioning Bridge Server
- Setup Generic LDAP V3 Application
Setup Provisioning Bridge Server
If you are configuring Provisioning Bridge for the first time in the IDCS Instance, Then you need to log a Service Request with Oracle to Enable Provisioning Bridge feature.
Follow below steps to setup Provisioning Bridge server.
Click on (Burger Menu) > Settings > Provisioning Bridges
Enter Name & Description for the Bridge connection.
Make a note of Identity Cloud URL, Client ID & Client Secret
You will see the Provisioning Bridge created and status as Inactive/Stopped.
Download and Install Bridge connector
Download provisioning bridge software and copy it to the Bridge VM.
Click on (Burger Menu) > Settings > Downloads
Make sure you got latest JDK installed on Bridge VM.
Extract connector zip file and start the installation.
Set a password for the wallet and provide IDCS URL, Client ID & Client Secret.
Now start the bridge.
Go to IDCS console and check the Provisioning Bridge status (Should be started)
Now Activate the provisioning bridge.
Setup Generic LDAP V3 Application
Click on (Burger Menu) > Applications > Search for “Generic LDAP V3” & “Add”
Enter Name & Description
Click Enable Provisioning
Click “OK” & select the “Provisioning Bridge” created from drop down list.
Enter source LDAP server (Host Name, Port Number, Administrator Username, Password & Base Contexts) values
Provide other values as per source LDAP server.
Click Enable Synchronization
Select the required values as needed.
Click on Save
Click on Activate
Make sure provisioning app is activated.
Now run the Users, Groups & user-group membership import.
Click on Import
Click on Refresh, when the job completes will see Accounts created in the IDCS instance.
Hope you find this article help full in Synchronizing Users, Groups and their membership into Oracle IDCS.