OID/ODSEE Connector Removing The Groups From LDAP Which Are Not Part Of The Child Data In OIM (Doc ID 2282429.1)

Last updated on JUNE 30, 2017

Applies to:

Identity Manager Connector - Version 11.1.1.6.0 and later
Information in this document applies to any platform.

Goal

OID/ODSEE 11.1.1.6 Version of the Connector is removing those groups from LDAP which are not part of the Group Child table data for that user. In other words, suppose a user: user1 belongs to two groups in LDAP group1 and group2 but that user LDAP Account in OIM has only one group say group1 provisioned and later if one provisions say group3 to this user from OIM, the Add Group to User task would trigger but would end up removing group2 from LDAP. So user would be left with group1 and group3 in LDAP matching what he has in OIM.
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms