Oracle Identity Manager (OIM) can be integrated with Microsoft Active Directory (AD) using OIM’s Active Directory User Management (UM) Connector. Steps to deploy Active Directory User Management (AD-UM) Connector are covered in this guide
One of the step after Connector deployment is to run Group and Organization Lookup reconciliation. These reconciliation jobs are executed by running Job Active Directory Group Lookup Recon and Active Directory Organization Lookup Recon. After successful completion of Job, Lookup Definition (in OIM) Lookup.ActiveDirectory.Groups should pull Groups from AD and populate Lookup Code Information. (Similarly Active Directory Organization Lookup Recon job should populate Lookup.ActiveDirectory.Organization from Organizations in AD)
How 11g Active Directory Connector works :
From connector version 11g onwards, OIM Server communicates to Active Directory Server via Connector Server (OIM Server -> Connector Server -> Active Directory)
Note: Connector Server is mandatory for .Net based connector code in 11g where as for Java based connector code, connector server is optional.
C:\Oracle\ConnectorServer>ConnectorServer.exe /setKey connectorserverkey123
Root Cause : In my case key set on Connector Server was different than key configured in OIM (under Active Directory Connector Server IT Resource)
Fix: Set key on Connector Server, restart connector server and set same key on OIM server (under Active Directory Connector Server IT Resource). Run job Active Directory Group Lookup Recon and Active Directory Organization Lookup Recon again
Oracle ACE, Author, Speaker and Founder of K21 Technologies & K21 Academy : Oracle Gold Partner specialising in Design, Implement, and Trainings.
Find Us On