Deploying Provisioning-Integrated Applications 13-5 interface_name=PORTAL.WWSEC_OID_SYNC interface_version=1.1 | 2.0 | 3.0 The version of the interface protocol. Allowed values are 1.1, 2.0, or 3.0. The default value is 2.0. interface_type=PLSQL | JAVA Optional. The type of interface to which events will be propagated. The default is PLSQL. interface_connect_info=connection_string Required for create or modify operations. To connect to an Oracle database and propagate events, use one of the following formats for the connection string: ■ DBURL=ldap:ldaphost:ldapportservice:username:password recommended ■ host:port:sid:username:password ■ DBSVC=service:username:password schedule=number_seconds Optional for create and modify operations only. The number of seconds between executions of this profile. The default is 3600, which means the profile is scheduled to be executed every hour. lastchangenumber=number Optional for create and modify operations on OUTBOUND events only. The last change number in Oracle Internet Directory after which all qualifying events should be provisioned to the application. Defaults to the latest current change number. max_prov_failure_limit=number Optional. Determines the number of times the Oracle Provisioning System attempts to provision a user. The default is 1. max_events_per_schedule=number Optional for create and modify operations only. The maximum number of events that the Oracle directory integration platform server sends to an application during one execution of a provisioning profile. The default is 100. max_events_per_invocation=number Optional for create and modify operations only. The maximum number of events that can be packaged and sent to a target in one invocation of the interface. event_mapping_rules=OBJECT_TYPE:FILTER:DOMAIN Required for create and modify operations on INBOUND events only. This rule maps the object type received from the application using an optional filter condition to a domain in Oracle Internet Directory A provisioning profile can have multiple mapping rules defined. The following example shows two mapping rules. The first rule shows that an employee object EMP whose locality attribute equals America l=AMERICA should be mapped to the domain l=AMER,cn=users,dc=company,dc=com. The second rule shows that an employee object EMP should be mapped to the domain cn=users,dc=company,dc=com no filter conditions. 13-6 Oracle Fusion Middleware Administrators Guide for Oracle Directory Integration Platform event_mapping_rules=EMP:l=AMERICA:l=AMER,cn=users,dc=company,dc=com event_mapping_rules=EMP::cn=users,dc=company,dc=com event_permitted_operations=OBJECT:DOMAIN:OPERATIONattributes,... Required for create and modify operations on INBOUND events only. This property is used to define the types of events that the application is allowed to send to the Oracle Directory Integration Platform service. A provisioning profile can have multiple permitted operations defined. For example, if you wanted to permit the application to send events whenever a user object was added or deleted, or when certain attributes were modified, you would have three permitted operations such as this: event_permitted_operations=USER:dc=mycompany,dc=com:ADD event_permitted_operations=USER:dc=mycompany,dc=com:MODIFYcn,sn,mail,password event_permitted_operations=USER:dc=mycompany,dc=com:DELETE event_subscription=USER | GROUP:DOMAIN:OPERATIONattributes,... Required for create and modify operations on OUTBOUND events only. This property is used to define the types of events that the Oracle Directory Integration Platform service should send to the application. A provisioning profile can have multiple event subscriptions defined. For example, if you wanted the directory integration server to send events to the application whenever a user or group object was added or deleted, you would have four event subscriptions such as this: event_subscription=GROUP:dc=mycompany,dc=com:ADD event_subscription=GROUP:dc=mycompany,dc=com:DELETE event_subscription=USER:dc=mycompany,dc=com:ADD event_subscription=USER:dc=mycompany,dc=com:DELETE max_events_per_schedule=number Optional for create and modify operations only. The maximum number of events to be provisioned in one schedule. The default is 100. max_retries=number Optional for create and modify operations only. The number of times a failed event should be retried. The default is 5. profile_group=number Required for create and modify operations only. The group number of the profile. Default is DEFAULT. This is required to address scalability issues when different Oracle Directory Integration Platform server instances will be used to execute different selected groups. profile_status=ENABLED | DISABLED Required for the create operation only. Determines whether the profile is enabled or disabled. The default is ENABLED. profile_debug=debug_level Required. The debug level for the profile.

13.2.3 Tasks and Examples for oidprovtool

You can perform the following tasks using oidprovtool: