Role-Sync Missing Without Access Manager Integrated LDAPSync in 12.2.1.4
(Doc ID 2833544.1)
Last updated on DECEMBER 14, 2023
Applies to:
Identity Manager - Version 12.2.1.4.0 and later Information in this document applies to any platform.
Symptoms
On : 12.2.1.4.0 version, Upgrade
ACTUAL BEHAVIOR --------------- The OIM (Oracle Identity Manager) 11g setup uses LDAP-Sync without OAM (Oracle Access Manager) integration and Role-Sync is automated via LDAP-Sync and works fine, until the move to version 12.2.1.4 of OIM / OIG (Oracle Identity Governance) and trying to use Connector based Sync. Then the Roles do not Sync into LDAP (Lightweight Directory Access Protocol) anymore. The documentation shows no support for non-OAM integrations migrated to Connector based LDAP-Sync.
The migration from LDAP-Sync to Connector-Sync need to account for non-OAM setups and Role Sync should remain functional.
STEPS ----------------------- The issue can be reproduced at will with the following steps: 1. Have an 11g setup with LDAP-Sync and with OAM integration missing or removed 2. Perform an In-Place or Out-Of-Place upgrade to 12.2.1.4 retaining all LDAP-Sync and container rules features 3. Create Roles in OIG UI 4. Notice that the code seems to not support migration from LDAP-Sync without OAM Integration.
The result is that the Roles are not automatically sync'd over to the LDAP target via the Connector setup.
Changes
Upgrade from an 11g LDAP-Sync style setup, but without any OAM Integration, to 12c.
Cause
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
