Chat now with support
Chat mit Support

Identity Manager 8.2.1 - Administration Guide for Connecting to Oracle E-Business Suite

Mapping an Oracle E-Business Suite in One Identity Manager Synchronizing Oracle E-Business Suite
Setting up initial synchronization of Oracle E-Business Suite Customizing the synchronization configuration Running synchronization Tasks following synchronization Troubleshooting Ignoring data error in synchronization
Managing E-Business Suite user accounts and employees Login information Managing entitlement assignments Mapping of E-Business Suite objects in One Identity Manager Handling of E-Business Suite objects in the Web Portal Basic configuration data Configuration parameters for managing Oracle E-Business Suite Permissions required for synchronizing with Oracle E-Business Suite Default project templates for synchronizing an Oracle E-Business Suite Editing system objects Example of a schema extension file

Synchronizing Oracle E-Business Suite

One Identity Manager supports synchronization with Oracle E-Business Suite 12.1 and 12.2. The One Identity Manager Service is responsible for synchronizing data between the One Identity Manager database and Oracle E-Business Suite.

This sections explains how to:

  • Set up synchronization to import initial data from Oracle E-Business Suite to the One Identity Manager database.
  • Adjust a synchronization configuration, for example, to synchronize different E-Business Suite systems with the same synchronization project.
  • Start and deactivate the synchronization.
  • Analyze synchronization results.

TIP: Before you set up synchronization with Oracle E-Business Suite, familiarize yourself with the Synchronization Editor. For detailed information about this tool, see the One Identity Manager Target System Synchronization Reference Guide.

Detailed information about this topic
Related topics

Setting up initial synchronization of Oracle E-Business Suite

The Synchronization Editor provides several project templates with which Oracle E-Business Suite user accounts and entitlements can be selected from either organizational data or data from the Human Resource Module for setting up synchronization. You use these project templates to create synchronization projects with which you import the data from an Oracle E-Business Suite into your One Identity Manager database. In addition, the required processes are created that are used for the provisioning of changes to target system objects from the One Identity Manager database into the target system.

To create a synchronization configuration for the initial synchronization of an Oracle E-Business Suite:

  1. Prepare a user account with sufficient permissions for synchronizing in Oracle E-Business Suite.
  2. One Identity Manager components for managing Oracle E-Business Suite environments are available if the TargetSystem | EBS configuration parameter is set.

    • In the Designer, check if the configuration parameter is set. Otherwise, set the configuration parameter and compile the database.

      NOTE: If you disable the configuration parameter at a later date, model components and scripts that are not longer required, are disabled. SQL procedures and triggers are still carried out. For more information about the behavior of preprocessor relevant configuration parameters and conditional compiling, see the One Identity Manager Configuration Guide.

    • Other configuration parameters are installed when the module is installed. Check the configuration parameters and modify them as necessary to suit your requirements.
  3. Install and configure a synchronization server and declare the server as a Job server in One Identity Manager.
  4. Create a synchronization project with the Synchronization Editor.
Detailed information about this topic

Users and permissions for synchronizing with Oracle E-Business Suite

The following users are involved in synchronizing One Identity Manager with Oracle E-Business Suite.

Table 2: Users for synchronization

User

Permissions

User for accessing the target system (synchronization user)

You must provide a user account with the minimum permissions required for full synchronization of Oracle E-Business Suite objects with the supplied One Identity Manager default configuration. For more information, see How to prepare the synchronization user and Permissions required for synchronizing with Oracle E-Business Suite.

One Identity Manager Service user account

The user account for the One Identity Manager Service requires user permissions to carry out operations at file level (adding and editing directories and files).

The user account must belong to the Domain users group.

The user account must have the Login as a service extended user permissions.

The user account requires permissions for the internal web service.

NOTE: If the One Identity Manager Service runs under the network service (NT Authority\NetworkService), you can grant permissions for the internal web service with the following command line call:

netsh http add urlacl url=http://<IP address>:<port number>/ user="NT AUTHORITY\NETWORKSERVICE"

The user account needs full access to the One Identity Manager Service installation directory in order to automatically update One Identity Manager.

In the default installation, One Identity Manager is installed under:

  • %ProgramFiles(x86)%\One Identity (on 32-bit operating systems)

  • %ProgramFiles%\One Identity (on 64-bit operating systems)

User for accessing the One Identity Manager database

The Synchronization default system user is provided to run synchronization using an application server.

How to prepare the synchronization user

You have three ways of providing a synchronization user with all the permissions required for accessing the Oracle E-Business Suite.

Scenario 1:

Use the APPS user as the synchronization user.

Scenario 2:

Load the wrapper package supplied into the APPS schema and add the synchronization user using the script provided.

Scenario 3:

Add a synchronization user who has a minimum of all the permissions listed.

In Oracle E-Business Suite version 12.2, the calling permissions of standard packages have been changed (from CURRENT_USER AUTHID to DEFINER AUTHID). To be able to run operations for user accounts in the target system, you now require the user APPS. Use Scenario 1 or 2, in this case, to provide the synchronization user. If you are working with Oracle E-Business Suite 12.1, you can also use scenario 3.

Scenario 1:

To ensure that the Oracle E-Business Suite can run connector operations for user accounts in the target system, use the APPS user as the synchronization user.

Scenario 2:

If you cannot use the APPS user as the synchronization user directly, create a synchronization user with the required minimum permissions. Use the script supplied and the wrapper package to do this. You will find these files on the One Identity Manager installation medium in the Modules\EBS\dvd\AddOn\SDK directory.

To add the synchronization user

  1. Add the FND_USER_Wrapper.sql wrapper package to the APPS schema of your Oracle Database.

  2. Add the synchronization user with minimum permissions. Use the script CreateSyncUser.sql for this.

    Take note of the comment in the script to replace the &&username and &&password variables.

This script creates a user with the required permissions. The wrapper ensures that the user also obtains the implicit permissions for the package apps.fnd_user_pkg.

Scenario 3:

If you cannot use either scenario 1 or scenario 2, create a synchronization user with all required permissions.

IMPORTANT: The synchronization user requires:

  • All the permissions listed

    and also

  • All implicit permissions for the package apps.fnd_user_pkg
Detailed information about this topic
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen