Deploying Provisioning-Integrated Applications 13-3 interface_name=SCHEMA.PACKAGE [interface_type=PLSQL|JAVA] interface_version=1.1|2.0|3.0] interface_connect_info=connection_string schedule=number_seconds lastchangenumber=number max_prov_failure_limit=number max_events_per_schedule=number max_events_per_invocation=number event_mapping_rules=OBJECT_TYPE:FILTER:DOMAIN event_permitted_operations=OBJECT:DOMAIN:OPERATIONattributes,... event_subscription=USER|GROUP:DOMAIN:OPERATIONattributes,... max_events_per_schedule=number max_retries=number profile_group=number profile_status=ENABLED | DISABLED profile_debug=debug_level oidprovtool {operation=enable|disable|delete|status|reset} application_dn=DN [organization_dn=DN] [ldap_host=oid_hostname] [ldap_port=port] [ldap_user_dn=bindDN] [ldap_user_password=password] [profile_debug=debug_level]

13.2.2 Arguments for oidprovtool

operation=create | modify | enable | disable | delete | status | reset Required. The operation to perform using oidprovtool. You can only perform one operation at a time. The operations are: ■ create—Creates a new provisioning profile. ■ modify—Modifies the given properties of an existing provisioning profile. ■ enable—Enables a provisioning profile. ■ disable—Disables a provisioning profile. ■ delete—Deletes a provisioning profile. ■ status—Shows the current status of a given provisioning profile. ■ reset—Clears all errors for a provisioning profile. ldap_host=oid_hostname Optional. The host name of the Oracle Internet Directory server. If not provided then the name of the local host is used. ldap_port=port Optional. The LDAP listening port of Oracle Internet Directory. The default is 389. ldap_user_dn=bindDN Required. The DN of the superuser or a user that has sufficient permissions to perform provisioning subscription operations. The default is cn=orcladmin. ldap_user_password=password Optional.The user password used to bind to the directory. If you do not specify the password on the command line, you will be prompted for it. Best security practice is to provide the password in response to a prompt. profile_mode=OUTBOUND | INBOUND | BOTH Optional for the create operation only. The direction of the provisioning events. The default is OUTBOUND data is provisioned from Oracle Internet Directory to the application. 13-4 Oracle Fusion Middleware Administrators Guide for Oracle Directory Integration Platform application_dn=DN Required. The distinguished name of the application to which the provisioning subscription belongs. The combination of the application DN and organization DN uniquely identifies a provisioning profile. For example, here is the application DN for Portal: orclApplicationCommonName=PORTAL,cn=Portal,cn=Products,cn=OracleContext application_type=type Required. The type of application being provisioned. application_name=name Optional. The name of the application being provisioned. If not provided, defaults to the distinguished name assigned to application_dn. application_display_name=name Optional. The display name of the application being provisioned. If not provided, defaults to the value assigned to application_name. organization_dn=DN Optional. If not provided, defaults to the default identity management realm. The distinguished name of the organization to which the provisioning subscription belongs, for example dc=company,dc=com. The combination of the application DN and organization DN uniquely identifies a provisioning profile. application_isdasvisible=TRUE | FALSE Optional. Determines whether the application is visible as a provisioning-integrated application in the Oracle Internet Directory Provisioning Console. The default value is TRUE. manage_application_default=TRUE | FALSE Optional. Determines whether the Oracle Internet Directory Provisioning Console manages the applications default values. The default value is TRUE. enable_bootstrap=TRUE | FALSE Optional. Indicates whether the application should receive provisioning events for users that existed in Oracle Internet Directory before creating the applications provisioning integration profile. The default value is FALSE. user_data_location=DN Optional. Identifies the DN of the container in which to store application-specific user information. default_provisioning_policy=PROVISIONING_REQUIRED | PROVISIONING_NOT_ REQUIRED Optional. Specifies the applications default provisioning policy. The default value is PROVISIONING_REQUIRED. interface_name=SCHEMA.PACKAGE Required for create or modify operations. The database schema name for the PLSQL package. The format of the value is schema.package_name, for example here is the schema and PLSQL package information for Portal: Deploying Provisioning-Integrated Applications 13-5 interface_name=PORTAL.WWSEC_OID_SYNC interface_version=1.1 | 2.0 | 3.0 The version of the interface protocol. Allowed values are 1.1, 2.0, or 3.0. The default value is 2.0. interface_type=PLSQL | JAVA Optional. The type of interface to which events will be propagated. The default is PLSQL. interface_connect_info=connection_string Required for create or modify operations. To connect to an Oracle database and propagate events, use one of the following formats for the connection string: ■ DBURL=ldap:ldaphost:ldapportservice:username:password recommended ■ host:port:sid:username:password ■ DBSVC=service:username:password schedule=number_seconds Optional for create and modify operations only. The number of seconds between executions of this profile. The default is 3600, which means the profile is scheduled to be executed every hour. lastchangenumber=number Optional for create and modify operations on OUTBOUND events only. The last change number in Oracle Internet Directory after which all qualifying events should be provisioned to the application. Defaults to the latest current change number. max_prov_failure_limit=number Optional. Determines the number of times the Oracle Provisioning System attempts to provision a user. The default is 1. max_events_per_schedule=number Optional for create and modify operations only. The maximum number of events that the Oracle directory integration platform server sends to an application during one execution of a provisioning profile. The default is 100. max_events_per_invocation=number Optional for create and modify operations only. The maximum number of events that can be packaged and sent to a target in one invocation of the interface. event_mapping_rules=OBJECT_TYPE:FILTER:DOMAIN Required for create and modify operations on INBOUND events only. This rule maps the object type received from the application using an optional filter condition to a domain in Oracle Internet Directory A provisioning profile can have multiple mapping rules defined. The following example shows two mapping rules. The first rule shows that an employee object EMP whose locality attribute equals America l=AMERICA should be mapped to the domain l=AMER,cn=users,dc=company,dc=com. The second rule shows that an employee object EMP should be mapped to the domain cn=users,dc=company,dc=com no filter conditions.