In this post I am going to cover two modes (Target Resource or Trusted Source) that OIM uses to integrate with applications like LDAP (OID, AD, OVD, iPlanet), HR (EBS, SAP, etc), Unix (Linux, Solaris), etc.

1. Oracle Identity Manager (OIM) can be integrated with Applications (LDAP, AD, OID, HR etc) in one of two modes
a) Target Resource Mode
or
b) Trusted Source Mode

2. You configure application (AD, OID, OVD, HR) etc in Trusted Source Mode if that application is source of truth for user provisioning (All users are created in Application and OIM reconcile data from application).

3. You configure application (AD, OID, OVD, HR) etc in Target Resource Mode if that OIM is source of truth for user provisioning (All users are created in OIM and OIM then provision accounts in Application. Any changes in Application are reconciled back to OIM).

To know more about provisioning and reconciliation click here

4. Target Resource mode is also called as Managed Resource mode or Account Management mode

5. Trusted Source mode is also called as Authoritative Source mode or Identity Reconciliation mode

6. To find out in what mode (Trusted Source or Target Resource) OIM 11gR1 is integrated with application

a) Login to OIM Advanced Console and click on Manage IT Resource under configuration
b) Click on Edit Link against IT Resource (that is integrated with OIM and for which you wish to see configuration)
c) Check value of Configuration Lookup

Note: Navigation is slightly different in OIM 11gR2 

Value Lookup.Configuration.ActiveDirectory mean Active Directory is configured in Managed Resource Mode 
Value Lookup.Configuration.ActiveDirectory.Trusted mean Active Directory is configured in Trusted Source Mode 

 

 

7. In both modes (Trusted Source or Target Resources) you can reconcile data from target system in to OIM. To reconcile data from target systems, you run reconciliation schedules jobs in OIM. To reconcile data in to OIM from target system (configured in trusted source mode) you run different job like [Active Directory] User Trusted Recon scheduled job where as to reconcile data in to OIM from target system (configured in target resource mode) you run different job like [Active Directory] User Target Recon scheduled job .


 

8. In Target Resource mode, if a user record is deleted on the target system and Scheduled Job “[Application] Target Delete Recon” is run  then the corresponding [Application] User resource is revoked from the OIM User.

Note: Target System or Application are system that is integrated with OIM like Active Directory  

9. In Trusted Source mode, if a user record is deleted on the target system and Scheduled Job “[Application] Trusted Delete Recon” is run then the corresponding OIM User is deleted.

Note: Target System or Application are system that is integrated with OIM like Active Directory  

 

 

Related Posts for Identity Manager


  1. Oracle Identity Manager (User Provisioning – Thor)
  2. Installing Oracle Identity Manager (Thor Xellerate)
  3. Oracle Identity Manager 9.1 released
  4. Oracle Identity Manager (Thor Xellerate) Architecture
  5. Resource, Reconciliation, Provisioning and Connector in Oracle Identity Manager #OIM
  6. Oracle Identity Manager (OIM) Connector for Oracle Internet Directory (OID) : Architecture and Overview
  7. Step by Step Installation of OIM Design Console 9.1.0
  8. Error while running PurgeCache in OIM 11g : LoginException unable to find LoginModule class : WebLogic Full Clinet
  9. Integrate OIM 11g with OID using connector for Provisioning / Reconcilliation – Installation
  10. PurgeCache in OIM 11g : CategoryName
  11. OIM LDAP Sync : Overview and Key Points
  12. OIM 11g : How to export/import/delete Files from MDS
  13. Where are OAM details stored in OIM (account unlock, password reset)
  14. libOVD adapters in OIM LDAP Integration : LDAPsync – view and modify Adapter settings (bindDN and bindPassword)
  15. Error Starting OIM Design Console (xlclient.sh) on Linux java.lang. NoClassDefFoundError
  16. OIM 11g Challenge Questions (PCQ) for forgot password
  17. Oracle EBS Integration with OIM (Identity Manager) : Things you should know
  18. Users not synced from OID to OIM : Debug Scheduled Job
  19. OIM Connector for Microsoft : AD, Exchange, Windows, Password Management
  20. Connector Server for OIM connectors : .NET or JAVA
  21. OIM 11g Challenge Questions – Everything you must know
  22. OIM 11g How to add Challenge Questions
  23. OIM : Assign AD resource : An error occurred because the Adapters are not compiled : How to compile adapters in OIM
  24. OIM User Creation : An Error occurred while performing create user operation. Unable to get LDAP connection
  25. OIM – AD integration : Active Directory Group Lookup Recon failed with error Remote Framework Key is invalid
  26. Microsoft Active Directory (AD) to Oracle Identity Manager (OIM) Password Synchronization: Things you must know : Part I
  27. Provision resource “Microsoft Exchange” to user in OIM : Status remains in Provisioning : Part I
  28. Target Resource (or Managed Resource) vs Trusted Source (or Authoritative Source) Mode : OIM integration with applications (AD, OID, OVD, EBS, SAP, HR, LDAP)
  29. 500 Internal server accessing OIM application : com.bea. security.MicroSM. getInstance oracle.iam. platform. authz.impl
  30. Your account is locked. You can unlock your account by going to Forgot Password
  31. OIM 11g : How to find User and Manager details : USR table
  32. OIM 11g : User Detail/Attribute (Description) not visible in OIM User screen : EBS / OID / OIM integration
  33. OIM 11g: The add proxy operation for user XXXXX failed with following error oracle. bpel. services. workflow. client. workflowservieclientException javax.xml.ws.WebServiceException could not determine wsdl ports
  34. Oracle Identity Manager BP07 for 11gR1 PS1 11.1.1.5.7 (16097399) is now available – (Part of Identity Management SUite BP03 16209876)
  35. OIM 11g : SQL to List User’s Manager
  36. OIM integrated with OAM (SSO) showing OIM login screen : User Soft Locked
  37. OIM 11g: Beware if you are applying WebLogic patch !
  38. Help Me : Microsoft Active Directory Password Sync version and latest patch for Oracle Identity Manager 9.1.1.5
  39. Upgrade OIM connector for Microsoft Exchange to 11.1.1.6 Part I
  40. OIM Administrators : Is your OIM database Growing ? Do you purge enough ?