The Advanced setting provides the following options that allow you to specify custom SQL queries which will automatically run each time has created, updated, or deleted a user account in Oracle Database:
-
SQL queries to run after user provisioned: Specifies the SQL queries to run each time creates a user account in the Oracle Database.
-
SQL queries to run after user updated: Specifies the SQL queries to run each time updates a user account in the Oracle Database.
-
SQL queries to run after user deprovisioned: Specifies the SQL queries to run each time deletes a user account in the Oracle Database.
Below each of these options, you can use the following buttons:
-
Add: Adds a new SQL query to the list.
-
Edit: Allows you to edit the SQL query selected in the list.
-
Delete: Deletes the SQL query selected in the list.
SQL queries run in the order they are listed. If necessary, you can rearrange the SQL queries in the lists: select an SQL query in the appropriate list, then click the up or down arrow button to move the query as necessary.
The Specify attributes to identify objects option provides the following options, allowing you to specify the attributes for uniquely identifying each object in the connected data system:
-
Available attributes: Lists the attributes that are available in the external data system. Use this list to select the attributes whose values you want to use to generate a unique identifier for each object in the external data system. You can filter attributes by typing in the text box at the top of this list. To select multiple attributes, hold down CTRL and click to select attributes in the list.
-
UniqueID attributes: Lists the attributes whose values are currently used to generate a unique identifier for each object in the external data system.
-
Add->: Moves the selected attributes from the Available attributes list to the UniqueID attributes list.
-
<-Remove: Moves the selected attributes from the UniqueID attributes list to the Available attributes list.
-
Constructed UniqueID: Displays a combination of the attributes whose values will make up a unique identifier for each object in the external data system.
The sample queries provided below are only applicable if is connected to the target Oracle Database through the Oracle Database Connector.
Example: Adding a new entry
This SQL query illustrates how to add a new entry to the table named SQLConnTest1 in Oracle Database to which you want to provision data from another connected system.
Table 12: Adding a new entry to the SQLConnTest1 table
Database table structure |
Sample query |
CREATE TABLE "SQLConnTest1"("Id" number,"attr1" nchar(64), "attr2" nchar(64)) |
Insert into SQLConnTest1(attr1) values(:attr1) returning Id into :Id |
In this sample query, Id stands for the attribute that uniquely identifies each object in the Oracle Database.
Example: Creating a new user
This SQL query illustrates how to create a new user in the Oracle Database:
call dbms_utility.exec_ddl_statement('CREATE USER ' || :USERNAME || ' IDENTIFIED BY ' || :newPassword)
In this sample query:
-
USERNAME refers to the name of the attribute that uniquely identifies the user in the Oracle Database.
-
newPassword refers to the name of the attribute that will store the initial password you want to set for the new Oracle Database user.
This section describes how to create or modify a connection to Oracle Database user accounts with the Active Roles . It also lists the type of data you can read and/or write in Oracle Database user accounts with the .
To create a connection to Oracle Database user accounts and work with the user accounts in that data system, use the Oracle Database User Account Connector of the .
The Oracle Database User Account Connector supports the following features:
Table 13: Oracle Database User Account Connector – Supported features
Bidirectional synchronization
Specifies whether you can both read and write data in the connected data system. |
Yes |
Delta processing mode
Specifies whether the connection can process only the data that has changed in the connected data system since the last synchronization operation. This reduces the overall synchronization duration. |
No |
Password synchronization
Specifies whether you can synchronize user passwords from an Active Directory (AD) domain to the connected data system. |
Yes
NOTE: Password synchronization is only supported for user accounts that are authenticated entirely by Oracle Database. The Oracle Database User Accounts Connector does not support password synchronization for Oracle Database user accounts that use external or global authentication from the side of the connected Oracle system. |