Role-Sync Missing Without Access Manager Integrated LDAPSync in 22.214.171.124
(Doc ID 2833544.1)
Last updated on JULY 11, 2022
Identity Manager - Version 126.96.36.199.0 and later Information in this document applies to any platform.
On : 188.8.131.52.0 version, Upgrade
ACTUAL BEHAVIOR --------------- The OIM (Oracle Identity Manager) 11g setup uses LDAP-Sync without OAM (Oracle Access Manager) integration and Role-Sync is automated via LDAP-Sync and works fine, until the move to version 184.108.40.206 of OIM / OIG (Oracle Identity Governance) and trying to use Connector based Sync. Then the Roles do not Sync into LDAP (Lightweight Directory Access Protocol) anymore. The documentation shows no support for non-OAM integrations migrated to Connector based LDAP-Sync.
The migration from LDAP-Sync to Connector-Sync need to account for non-OAM setups and Role Sync should remain functional.
STEPS ----------------------- The issue can be reproduced at will with the following steps: 1. Have an 11g setup with LDAP-Sync and with OAM integration missing or removed 2. Perform an In-Place or Out-Of-Place upgrade to 220.127.116.11 retaining all LDAP-Sync and container rules features 3. Create Roles in OIG UI 4. Notice that the code seems to not support migration from LDAP-Sync without OAM Integration.
The result is that the Roles are not automatically sync'd over to the LDAP target via the Connector setup.
Upgrade from an 11g LDAP-Sync style setup, but without any OAM Integration, to 12c.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!