Introduction

Generic LDAP V3 is a directory storage service, Stores user identity profiles and manages access privilege to the Applications. In other words, Generic LDAP V3 is used for pulling Users, Groups & user-group-membership into Oracle Identity Cloud Service (IDCS) from various LDAP sources and Provisioning Users into different target Applications.

In this article I am using OVD as source LDAP server.

Generic LDAP V3 Features

Pre-requisites

  • Require Identity Domain Administrator, Security Administrator & Application Administrator roles in IDCS to manage User accounts and Applications.
  • Generic LDAP Server connection details – Hostname, port number & Admin credentials.
  • Windows/Linux VM for Bridge connector Installation
  • Latest JDK installed on connector server.

Creating Generic LDAP V3 application is a Two-step process –

  1. Setup Provisioning Bridge Server
  2. Setup Generic LDAP V3 Application

Setup Provisioning Bridge Server

If you are configuring Provisioning Bridge for the first time in the IDCS Instance, Then you need to log a Service Request with Oracle to Enable Provisioning Bridge feature.

Follow below steps to setup Provisioning Bridge server.

Click on (Burger Menu) > Settings > Provisioning Bridges

Setup Provisioning Bridge Server - Oracle IDCS | Tangenz Corporation

Click Add

Enter Name & Description for the Bridge connection.

Click Save

Setup Provisioning Bridge Server - Tangenz Corporation

Make a note of Identity Cloud URL, Client ID & Client Secret

Setup Provisioning Bridge Server - Oracle IDCS

You will see the Provisioning Bridge created and status as Inactive/Stopped.

Setup Provisioning Bridge Server - Oracle IDCS | Tangenz Corporation

Download and Install Bridge connector

Download provisioning bridge software and copy it to the Bridge VM.

Click on (Burger Menu) > Settings > Downloads

Download and Install Bridge connector - Oracle IDCS | Tangenz Corporation

Make sure you got latest JDK installed on Bridge VM.

Download and Install Bridge connector - Tangenz Corporation

Extract connector zip file and start the installation.

Set a password for the wallet and provide IDCS URL, Client ID & Client Secret.

Download and Install Bridge connector - Oracle IDCS

Now start the bridge.

Download and Install Bridge connector - Oracle IDCS

Go to IDCS console and check the Provisioning Bridge status (Should be started)

Provisioning Bridge status - Oracle IDCS

Now Activate the provisioning bridge.

Setup Generic LDAP V3 Application

In IDCS

Click on (Burger Menu) > Applications > Search for “Generic LDAP V3” & “Add”

Setup Generic LDAP V3 Application Oracle IDCS

Enter Name & Description

Setup Generic LDAP V3 Application - Oracle IDCS | Tangenz Corporation

Click Enable Provisioning

Setup Generic LDAP V3 Application - Tangenz Corporation

Click “OK” & select the “Provisioning Bridge” created from drop down list.

Provisioning Bridge - Oracle IDCS

Enter source LDAP server (Host Name, Port Number, Administrator Username, Password & Base Contexts) values

Provisioning Bridge - Oracle IDCS

Provide other values as per source LDAP server.

LDAP server - Oracle IDCS

Click Enable Synchronization

LDAP server - Oracle IDCS

Select the required values as needed.

LDAP server - Oracle IDCS

Click on Save

Provisioning Bridge - Oracle IDCS

Click on Activate

Provisioning Bridge - Oracle IDCS

Make sure provisioning app is activated.

Provisioning Bridge - Oracle IDCS

Now run the Users, Groups & user-group membership import.

Click on Import

Provisioning Bridge - Oracle IDCS

Click on Refresh, when the job completes will see Accounts created in the IDCS instance.

Provisioning Bridge - Oracle IDCS

 

Hope you find this article help full in Synchronizing Users, Groups and their membership into Oracle IDCS.