This post covers Oracle E-Business Suite (EBS or Apps) integration with Oracle Identity Manager (OIM) for User Provisioning and Reconciliation. OIM is Identity Management and Identity Provisioning/Reconciliation software from Oracle. OIM 11g Architecture & Administration is also covered in my book Oracle Identity and Access Manager for Administrators.
Here are key things you should know if you are planning to use OIM to provision accounts to EBS or reconcile users from EBS to OIM.
1. There are mainly three type of users in Oracle E-Business Suite
a) EBS Accounts – is an entry in FND_USER that represents an Oracle E-Business Suite Account. To login to E-Business Suite user must have record in FND_USER
b) HRMS / PERSON Record – Some applications in EBS (like iExpense) require user to have HRMS (Person) record. PERSON record can be of different type like Employee, Part-time worker, Contractor, etc. Person records are stored in table PER_ALL_PEOPLE_F
c) Customer/Vendor Record – Some applications in EBS (like iStore or iProcurement) require user to have TCA record (Trading Community Architecture) that are representative or employees of customers and vendors . TCA record is in stored in table HZ_PARTIES
2. OIM uses pre-built connectors to provision accounts or reconcile users with LDAP Servers, Databases, Operating Systems and Business Applications including Oracle E-Business Suite.
3. There are two type of OIM connector for EBS
a) Oracle e-Business Employee Reconciliation (ER) – In this integration Oracle E-Business Suite HRMS acts as an authoritative source (aka trusted source) for OIM. In this configuration (trusted source) of connector, person records are created and modified only on EBS HRMS. Information about these users is then reconciled in to OIM. This connector has a Reconciliation Process.
Note: You can NOT use EBS ER connector to provision accounts from OIM to EBS (FND_USER), if you need to provision accounts in EBS (FND_USER) from OIM then you should use EBS User Management (UM) connector.
b) Oracle e-Business User Management (UM) – In this integration Oracle E-Business Suite acts as managed resource (target resource) for OIM. Users in OIM can be provisioned to EBS. Using this connector, users created or modified directly on Oracle E-Business Suite can also be reconciled in to OIM. There are two processes in this connector Reconciliation Process and Provisioning Process.
4. There are three versions of EBS-UM Connector
a) User Management (FND_USER)
b) User Management with HR Foundation (FND_USER & HRMS/PER)
c) User Management with TCA Foundation (FND_USER & TCA/HZ_PARTIES)
5. EBS-UM connector can be configured in any one or combination of
a) User Management : Use this to create FND_USER record (in EBS) for OIM User and to grant roles and responsibilities to this EBS Record (FND_USER).
b) User Management with HR Foundation : Use this connector to create FND_USER record in EBS (same as User Management) but you can also create basic HRMS user in EBS and link record in HRMS with record in FND_USER (EMPLOYEE_ID column in FND_USER table is linked with PERSON_ID column of PER_ALL_PEOPLE_F table). Use this version of connector if you wish to create record in FND_USER (of EBS) and HRMS (of EBS) from OIM.
c) User Management with TCA Foundation : Use this connector to create FND_USER record in EBS (same as User Management) but you can also create basic TCA person-type party record in EBS and link it with record in FND_USER (PERSON_PARTY_ID column in FND_USER table is linked with PARTY_ID column of HZ_PARTIES table). Use this version of connector if you wish to create record in FND_USER (of EBS) and TCA (of EBS) from OIM.
a) EBS User Management Connector installation & configuration document is available here
b) EBS Employee Reconciliation Connector installation & configuration document is available here
7. It is recommended NOT to configure Oracle e-Business Employee Reconciliation and Oracle e-Business User Management with HRMS (HRF or HR Foundation) both at same time.
If you have not yet downloaded FREE eBook – 7 Docs every Oracle Apps DBA must read for EBS R12 integration with OAM/OID for SSO get a copy in your Email
To know more about OIM connector for Oracle E-Business Suite , leave comment below !
Oracle ACE, Author, Speaker and Founder of K21 Technologies & K21 Academy : Specialising in Design, Implement, and Trainings.