Ans: An identity is the virtual representation of an enterprise resource user including employees, customers, partners and vendors. Identity Management shows the rights and relationships the user has when interacting with a company’s network
Ans: In computing, Oracle Identity Manager (OIM) enables enterprises to manage the entire user life-cycle across all enterprise resources both within and beyond a firewall. Within Oracle Identity Management it provides a mechanism for implementing the user-management aspects of a corporate policy.
Ans: Oracle Identity Management, a software suite marketed by Oracle Corporation, provides identity and access management (IAM) technologies. The name of the software suite closely resembles the name of one of its components, Oracle Identity Manager.
Ans: Identity and access management (IAM) is a framework for business processes that facilitates the management of electronic or digital identities. The framework includes the organizational policies for managing digital identity as well as the technologies needed to support identity management.
Ans:
Ans:
Ans: Event Handlers are among the most common customization in OIM 11g implementations. They have been available in OIM for a long time, but with 11g and its new frameworks, they certainly are becoming even more popular.
The main types of Event Handlers are:
Ans: Use this form to create rules that can be applied to password policy selection, automatic group membership, provisioning process selection, task assignment, and prepopulating adapters
Ans: You can look here for recon data once reconciliation is complete. You can determine whether event received and linked for not.
Ans: The following components are created when you deploy a connector:
OIM 10g | OIM 11g |
Reconciliation Manager in Design Console | Event Management in Admin Console. |
Object Form | Request Dataset |
Creation of new IT Resource from Design/Admin Console. | Creation of new IT Resource from Admin Console. |
Struts based UI. | ADF based UI. |
Approvalworkflow creation from Design/Admin Console | Approval workflow creation from IDE using SOA Plugin. |
Custom workflow engine | Using BPEL as workflow engine. |
No Notification Tasks | Notification tasks which are separate from Schedule Task’s jobs. |
No Approval Policies. | Approval Policies |
No Need of BI Publishers. | Need BI Publisher for OOTB reporting. |
No need of RCU (Repository Creation Utility) | Need of RCU (Repository Creation Utility) |
Groups | Roles |
No concept of Request Template. | Request Template for controlling the Attributes of the request. |
Entity Adapters on User Form. | Event Handlers on user form. |
Support only old APIs. | Support old and new APIs. |
Ans: Centralized auditing and reporting – Know who did what and report on system usage.
Ans: The Oracle Identity Manager architecture consists of three tiers
Tier 1: Client: The Oracle Identity Manager application GUI component reside in this tier. Users log in by using the Oracle Identity Manager client.The Oracle Identity Manager client interacts with the Oracle Identity Manager server, providing it with the user's login credentials.
Tier 2: Application Server: The second tier implements the business logic, which resides in the Java Data Objects that are managed by the supported J2EE application server (JBoss application server, BEA WebLogic, and IBM WebSphere). The Java Data Objects implement the business logic of the Oracle Identity Manager application, however, they are not exposed to any methods from the outside world. Therefore, to access the business functionality of Oracle Identity Manager, you can use the API layer within the J2EE infrastructure, which provides the lookup and communication mechanism.
Tier 3: Database: The third tier consists of the database. This is the layer that is responsible for managing the storage of data within Oracle Identity Manager.
Ans: An adapter is a Java class that is created by an Oracle Identity Manager user through the Adapter Factory.
Process Tasks adapters - automate completion of a process task and are attached to a Process Definition Form ( AD user, OID User, etc)
Entity Adapter - automatically populates a field on the OIM User form or custom User Form on pre-update, pre-delete, pre-insert, post-insert, post-update, or post-delete
Pre-Populate Adapter - specific type of rule generator attached to a user-created form field that can automatically generate data to the form but does not save that data to the OIM database but does send that information to appropriate directory user object. The data can come from manual entry on a form or from automated entry from the OIM defined forms.
Rule Generator - can populate fields automatically on an OIM form or a user-created form and save to the OIM database based on business rules
Task Assignment Adapter - automates the assignment of a process task to a user or group
Ans: Process forms and child forms are used to hold account data of OIM Users. You can upgrade a form by adding, modifying, or removing fields on the form. For example, as part of an upgrade operation, you might add the Hire Date field and remove the Country of Origin field from a form. In addition, fields might be moved from the parent form to the child form. The Oracle Identity Manager Form Version Control (FVC) Utility facilitates the management of form data changes after a form upgrade operation.
The FVC Utility is a command-line utility that works directly on the Oracle Identity Manager database. When you install the Oracle Identity Manager Design Console, the utility is present in the OIM_DC_HOME directory. You use a properties file to specify the form data updates that the utility must perform. The utility supports field mapping and data updates on a provisioning process form and its associated child forms
Ans: An Oracle Identity Manager role is used to define the access rights that an entity may have. These defined roles use unique role names to differentiate them within the Oracle Identity Manager environment. A role may be associated with one or more access rights to Oracle Identity Manager Function. For example, a single role enables a user to create other Oracle Identity Manager user accounts and manage a specific organization. Roles determine the links and menus that are available to users when they log in to the console.
Roles assigned to organizations determine the access rights that members of that organization inherit. Users may also be directly assigned to a role instead of inheriting the role through the organizational structure. As with organizations, roles can be organized into a hierarchical structure.
This hierarchical structure enables roles to inherit access rights from other roles, creating parent and children roles.
Roles are closely related to Access Rights of users to use the Resources
Ans: Roles can be grouped into a category, organizing the roles for the purpose of navigation and authorization. Two categories exist by default in an out-of-the-box installation of Oracle Identity Manager:
OIM Roles: The OIM Roles category contains the list of predefined roles that exist in Oracle Identity Manager by default. These roles are primarily used for managing permissions and access rights to menu items, links, and buttons within the Oracle Identity Manager environment.
• Default: Any roles created within Oracle Identity Manager that are not assigned to a category at the time of creation are assigned to the Default category by default. Create role categories to organize the custom roles to be created for managing organizations.
Ans: An adapter is a Java class which helps in automation of process within OIM and is created by an Oracle Identity Manager user through the Adapter Factory.
Process Tasks adapters - automate completion of a process task and are attached to a Process Definition Form (AD user, OID User, etc)
Entity Adapter - automatically populates a field on the OIM User form or custom User Form on pre-update, pre-delete, pre-insert, post-insert, post-update, or post-delete
Pre-Populate Adapter - specific type of rule generator attached to a user-created form field that can automatically generate data to the Process form but does not save that data to the OIM database but does send that information to appropriate directory user object. The data can come from manual entry on a form or from automated entry from the OIM defined forms. OIM INTERVIEW QUESTIONS September 29, 2014 Created By: Ritesh Maddala Page 14
Rule Generator - can populate fields automatically on an OIM form or a user-created form and save to the OIM database based on business rules
•
Task Assignment Adapter - automates the assignment of a process task to a user or group.
Related Interview Questions...