2 Replies Latest reply: Jan 16, 2013 2:22 AM by User475652-OC RSS

    OIM 11g R1 - Add user to group after AD Reconciliation

    User475652-OC
      Hi,

      i want to add all reconcilated users from AD to OIM to a special role in oim, after a AD reconciliation.

      By default, all users get the role ALL_USERS. I want to add a futher role, for example ALL_AD_USERS.

      How to do this?

      Edited by: 960944 on Jan 15, 2013 5:11 AM
        • 1. Re: OIM 11g R1 - Add user to group after AD Reconciliation
          Rajiv Dewan
          I assume that here you are talking about AD TRUSTED RECONCILIATION and you don't have any other TRUSTED Reconciliation and this is the only way to bring users into OIM, then you can create a role and attach a membership rule say "Organization doesn't contain ZZZZ". It will satisfy all the users
          CONS: Here you won't be able to distinguish between users which are creating through Admin Console or from AD Trusted or from some other Trusted Recon.


          Now if you want only those users who are coming from AD then Add a task on Reconciliation Insert/Update Received and add user into Role using APIs.
          • 2. Re: OIM 11g R1 - Add user to group after AD Reconciliation
            User475652-OC
            Hi Rajiv,

            thanks for helping

            The first solution, to create a rule and adding to a role membership works. But if you said, i cannot distinguish if the user come from AD Trusted recon or from Admin console.

            I prefer the second solution. What do you mean with API? Eventhandler?