Saturday, 2 January 2021

OIC - New Features

Asserter to store the run results and can be used to replay the request. 

Oracle OIC agent framework uses OIC messaging channel , Oracle SaaS agent and one or more connectivity agents.

Agents polls for outbound invocations. It also support triggers configured with Agents. 

One Agent is enough to connect with all your on premise applications.  We dont need to have multiple agents for each connection. 

Agent group can contain multiple agents configured in different hosts in on premise server and they can act like HA server. 

ATP Connections : 

1. Login to OCI
2. Go to Autonomous Database
3. Select a  compartment
4. It will display the configured ATP.
5. Select the DB connection option on top
6. Download the Wallet 
7. Provide the Password while downloading the wallet. Zip file will get downloaded
8. Extract the zip file and you will find TNS file.  
9. TNS file will have an entry for each consumer type - HIGH , LOW , MEDIUM
10.  Get the required connection details from tns file
11. Select Authentication type as JDBC over SSL.
12. Updload the Wallet Zip file 
13. Provide Wallet password. 
14. Provide DB user name and password. 

Oracle Fusion - User Creation or Migration and Role Provisioning

Oracle Fusion Users can be originated in Fusion Application where in users are created in Fusion (Security Console) or can be provisioned from identity providers like IDCS to Fusion Application. 

In case users are originating at IDCS and then provisioned or synced with Fusion Application then it is required  to setup SSO application in IDCS and enable User Sync from IDCS to FA. 

It is required to configure Auto Role Provisioning to all the users and assign Employee role or Contingent worker role to User.  It will assign a default role to user when an User account is created in Fusion. 

In case users are not assigned with any role and by chance if you run a seeded job - "Send Pending LDAP Request"  or if it gets kicked off due to some other sync job like Role Assignment then it will remove the users which are not assigned with any roles.  

"Send Pending LDAP Request" job will perform following tasks. 

  • Create , Suspend and Reactivate User Accounts. 
  • User create will be triggered when Person record is created for a Worker. 
  • User will be suspended when roles are removed from a User. 
  • User will be Reactivated when a User will be rehired. 

Note: These jobs will triggered when automatic user creation and management is enabled in Fusion. 

It is not required to run this Job if the user is created manually or synced from IDCS.  It is required only if we need to create user automatically using Employee records. 

Enable Auto Creation and Management :  FA > Setup and Maintenance > Manager Enterprise HCM Information > Edit and Set > User Account Creation as - Both Person and Party User. 

Automatic Role Provisioning >  FA > Setup and Maintenance > Manager Enterprise HCM Information > Edit and Set > User Account Role Provisioning as - Both Person and Party User. 

Provision Roles to  Users Automatically. 
  • Login into FA
  • Setup and Maintenance
  • Tasks
  • Search > Manage Role Provisioning Rules / Manager Role Mapping
  • + Create
  • Give a Mapping Name - Employee Prov
  • Update Following Fields.  This will assign the roles to Active Employee
    • System Person Type =  Employee
    • HR Assignment Status = Active.
  • Under Associated role
    • + Add Row
    • Role Name >  Search for a Role - Employee Role
    • Add
    • Select Auto Provision Option. 
    • Save and Close. 
  • Follow Above Steps for Contingent Worker.
    • Add Mapping Name - Contingent Work
      • System Person Type = Contingent Worker
      • HR Assignment Status = Active
    • Add Role 
    • Select Contingent Worker Role
    • Select Auto Provision Option. 
    • Save and Close. 

When you schedule "Send Pending LDAP Request" it will perform Auto Role Provisioning.