9-2 Oracle Fusion Middleware Administrators Guide for Oracle Directory Integration Platform ■ Preparing the Mapping File ■ Preparing the Directory Integration Profile ■ Example: Synchronizing a Relational Database Table to Oracle Internet Directory

9.1 Preparing the Additional Configuration Information File

During synchronization from a relational database to Oracle Internet Directory, the additional configuration information file governs the retrieval of data from the database. It provides the Oracle Directory Integration Platform with the following information: ■ The SELECT statement to execute ■ Either the attributes or the database columns to be used in incremental synchronization. Generally, this is either an attribute that contains a timestamp or a change sequence number that the next SQL statement should use to retrieve incremental data. To configure this file, use the sample file DBReader.cfg.master in the ORACLE_ HOMEldapodiconf directory, and edit it to your specifications. Formatting the Additional Configuration Information File It is very important to follow the correct format of this file. The various sections are divided using TAG names. Every TAG section has a list of parameters and their respective values. The general layout is as follows: [TAG] PARAMETER1: value PARAMETER2: value [TAG] PARAMETER1: value PARAMETER2: value\ VALUE continuation\ value continuation\ end of value continuation [TAG] PARAMETER1: value PARAMETER2: value\ end of value continuation For example, following this format, the DBReader.cfg.master file looks like this: [DBQUERY] SELECT: SELECT\ EMPNO EmpNum,\ ENAME,\ REPLACEEMAIL,ACME.COM, UID,\ EMAIL,\ TELEPHONE,\ TO_CHARLAST_UPDATE_DATE,YYYYMMDDHH24MISS Modified_Date\ FROM\ EMPLOYEE\ WHERE\ LAST_UPDATE_DATETO_DATE :Modified_Date,YYYYMMDDHH24MISS\ ORDER BY\ LAST_UPDATE_DATE Synchronizing with Relational Database Tables 9-3 [SYNC-PARAMS] CHANGEKEYATTRS: Modified_Date Note that the entire SELECT statement is put as a value in the SELECT parameter in the section represented by the tag DBQUERY. Because it is a lengthy value, the value continuation character is put as the last character in every line until the SELECT statement ends. Also note the WHERE condition that is present in the SELECT statement. The WHERE condition picks up changes based on the Modified_Date. To copy modified user records to Oracle Internet Directory, update the WHERE clause to pick up the records. In this example, the Modified_Date is the key for incremental synchronization. Because it is a date, it must be presented in string format. The CHANGEKEYATTRS parameter value is the name of the columns to be used while performing incremental synchronization. The values of these columns are always stored in the orclodipcondirlastappliedchgnum attribute of the profile. Every time the SELECT statement is executed, the current values of this attribute are put into the SQL statement accordingly. This ensures that the data is always retrieved incrementally. If there are multiple column names in the CHANGEKEYATTRS—for example, column1:column2—then the value in the orclodipcondirlastappliedchgnum attribute of the profile is stored as value1~value2 and so on, with value1 corresponding to column1 and value2 to column2. Column names are retrieved into Oracle Directory Integration Platform as attribute value pairs and subsequently mapped into LDAP attribute values according to set mapping rules. For this reason, all columns names retrieved in the SELECT statement must be simple names rather than expressions. For example, you can have the expression REPLACEEMAIL,ACME.COM,, but it retrieves the expression value as UID. When the profile is created, the orclodipcondirlastappliedchgnum attribute must be set to some value. All changes after this date—that is, rows in the table with LAST_UPDATE_DATE greater than this value—are retrieved. For example, if the orclodipcondirlastappliedchgnum attribute is set to 20000101000000, then all employee changes since January 1, 2000 are retrieved. Because of the ORDER BY clause, all the database rows returned are in the order of LAST_UPDATE_DATE—that is, the changes retrieved and applied to the directory are in chronological order. Once the last change is retrieved and applied: 1. The orclodipcondirlastappliedchgnum attribute value is set to the Modified_Date from the last row retrieved. 2. The profile is updated. Whenever the Oracle Directory Integration Platform executes the profile again, it uses the previously stored value.

9.2 Preparing the Mapping File

To configure the mapping rules, follow the instructions in Mapping rules and formats on page 5-2. 9-4 Oracle Fusion Middleware Administrators Guide for Oracle Directory Integration Platform

9.3 Preparing the Directory Integration Profile

You can create the directory integration profile by using the Oracle Enterprise Manager Fusion Middleware Control. When you use Oracle Enterprise Manager Fusion Middleware Control, you must upload the additional configuration information file and the mapping file by using the update operation of the manageSyncProfiles command. To configure the directory integration profile, follow the general instructions in Registering Connectors in Oracle Directory Integration Platform on page 6-1, but with these specific instructions in mind: ■ Do not set a value for the agent execution command orclodipAgentExeCommand attribute. ■ Set the interface type orclodipDataInterfaceType attribute to DB.

9.4 Example: Synchronizing a Relational Database Table to Oracle Internet Directory

This section demonstrates how to synchronize a relational database table with Oracle Internet Directory. This chapter contains these topics: ■ Configuring the Additional Configuration Information File ■ Configuring the Mapping File ■ Configuring the Directory Integration Profile ■ Uploading the Additional Configuration Information and Mapping Files ■ Synchronization Process ■ Observations About the Example In this example, the following relational database table containing employee data is synchronized with Oracle Internet Directory: You can find a sample profile DBReader.properties, configuration, and mapping files for this example in the ORACLE_HOMEldapodiconf directory. In this example: Note: Directory Integration Platform database profiles do not support delete operations. You can, however, create a separate trigger outside of DIP that will directly delete entries in Oracle Internet Directory whenever a row is deleted in the database. Information about how to create such a trigger is outside of the scope of this documentation. EMPNO ENAME LAST_UPDATE_DATE EMAIL TELEPHONE 98357 JOHN DOE 2-JAN-2000 JOHN.DOEACME.COM 435-324-3455 98360 ROGER BECK 3-JUL-2001 ROGER.BECKACME.COM 435-324-3600 98365 JIMMY WONG 4-MAR-2001 JIMMY.WONGACME.COM 435-324-2390 98370 GEORGE TWINSLEY 6-FEB-2002 GEORGE.TWINSLEYACME.COM 435-324-9232 Synchronizing with Relational Database Tables 9-5 ■ The name of the table is Employee ■ The Profile Name is TESTDBIMPORT. ■ The employee number EMPNO is used to join a database record with a directory entry. It is specified in the OID Matching Filter orclOdipOIDMatchingFilter attribute described in the attributes reference chapter of the Oracle Identity Management User Reference. ■ This table is present in the testsynctestsyncpwd schema in a database. The database is located on the host machine.acme.com, the database listener port is 1526, and the SID is iasdb. The database URL is machine.acme.com:1526:iasdb. ■ Appropriate readwrite permissions were given explicitly to this profile, namely, orclodipagentname=testdbimport, cn=subscriber profile, cn=changelog subscriber, cn=oracle internet directory ■ The profile is created in configuration set 1.

9.4.1 Configuring the Additional Configuration Information File

This example uses the same Additional Configuration Information file described earlier in Preparing the Additional Configuration Information File on page 9-2.