Retiree Data Flow Diagram
-
Upload
mike-reams -
Category
Technology
-
view
155 -
download
0
Transcript of Retiree Data Flow Diagram
OID Attribute FlowThis Data is stored in OID and synced
via the DIP Servers
OVD
Common/Retrievable
Attributes
OID Attribute
LDAP Attribute
Attribute Notes
LDAP User Storage
Load Balancer
(Oracle Virtual Directory)
VIP: 0.0.0.0
sub.domain.com
HCM DB
Active Directory
Provision User Data
Identity Provisioning System
Provisions users
from HCM into Active Directory
Get Data
Synchronization ProfileUser: _svcaccountSource Container:
ou=users,dc=companyA,dc=com
Push data
Retrieve or Update Data
dc
description
orclSamAccountName
domain
Groupofuniquenames
orcladgroup
uniquememberGroupofuniquen
ames
ownerGroupofuniquen
ames
displaynameorclgroup
ObjectClass
departmentnumberinetorgperson
mobileinetorgperson
telephonenumberinetorgperson
facsimiletelephonenumberinetorgperson
ouorganizationalu
nit
cnperson
orclsourceobjectdnorcladobject
snperson
employeenumberinetorgperson
titleorganizationalp
erson
givennameinetorgperson
uidinetorgperson
mailinetorgperson
categoryinetorgperson
OID Data Provisioning
nameinetorgperson
cn
dnQualifier
manager
pwdchangedtime
orclnormdn
sn
name
title
givenname
uid
categoryWithin the Portal, the crawler uses the following ldp filter to crawl in any eligible retiree:(&(|(category=Retiree1)(destinationIndicator=RetireeOU))(cn=*))
destinationindicator
Connects to LB
The Portal uses this field as the “User Name Attribute”, “User Authentication Attribute”, “User Unique Name Attribute”, & “Group Name Attribute”
objectclass
createtimestamp
HomeEmployeeID
modifytimestamp
employeeNumber
The Login Page uses this as the user’s Alias to authenticate into the portal
The Portal feeds this value through the “Profile Source” crawler. This is required to be present in the portal in order for the user to interact with portlet content.
This value will tell you the last time the user changed the password
Non Synced
Non Synced
Non Synced
Non Synced
Non Synced
Non Synced
Provisions users with Status of (T or R) as enabled if
they have a valid Retiree Code value from HCM. Will
show up in the downstream field called “Category”
users
users
Author: M.REAMSPrints 8 ½” x 17"
userPasswordNon Synced
Retiree login uses this to store user’s password
pwdaccountlockedtimeNon Synced This field will tell you when a user’s account was locked out
Virtual Server 2
0.0.0.0
Virtual Server 1
0.0.0.0
Cluster
LDAP Web Service
Connects to LBIdentity
Services
Portal CrawlerHelp Desk
Admins
DIP Servers (OID Sync Tool)
Virtual Server 2
0.0.0.0
Virtual Server 1
0.0.0.0
Load Balancer
(Oracle Internet Directory)
VIP: 0.0.0.0
sub.domain.com
Virtual Server 2
0.0.0.0
Virtual Server 1
0.0.0.0
Cluster
users