Table of Contents
Oracle Connector could manage an Oracle database.
This connector is specific for integration with an Oracle database, if you want to connect a generic SQL database, please visit the following page: SQL Connector.
It is needed a user with sysdba access and permissions.
Any user or account created will be granted the CREATE SESSION privilege.
Default tablespace for each user will be the USERS tablespace. It won't be changed for existing users.
Soffid passwords expiration date will be managed by Soffid. So, Oracle won't be notified about when those passwords needs to be expired.
Roles and groups are automatically created when a user belonging to it is updated.
Error SQL: ….There was an error executing an SQL statement.
Contact with the administrator of the database. It may be a problem of user authorizations, administrator password validity, availability of space in the database, or saturation of it.
Download and install
This addon is located in the Connectors section and its name is Oracle Connector.
This connector could manage only Users objects.
After the installation of the addon, you may create and configure agent instances.
To configure this Oracle Connector you must select "OracleAgent" in the attribute "Type" of the generic parameters section in the agents page configuration.
Below there are the specific parameters for this agent implementation:
|User||Sysdba user name to authenticate|
|Oracle password||Password of the user to authenticate|
|Connection string to database||Database URL. Use something like jdbc:oracle:thin:@host:port:sid|
Password to protect roles
Optional password to use on password protected roles
Pending to be documented.
Oracle connector has the ability to establish an access control for Oracle Users.
If the access control checkbox is enabled, only the users and application that are listed at access control page will be allowed to login. So, you can restrict the IP address and application a user can connect from.
This restriction does not apply to DBA users.
After the agent configuration you could check in the monitoring page if the service is running in the Synchronization Server, please go to "Start Menu > Monitoring and reporting > System monitoring".
If you are checked "Authorized identity source", an automatic task to load identities from the managed system to Soffid is available, please go to "Start Menu > Processes and Tasks > Manage automatic tasks", and you will something like "Import authoritative data from <AGENT_NAME>".
If your are configured the "Attribute Mapping" tab with some of our objects: "user, account, role, group or grant", an automatic task to synchronize these objects from the managed system to Soffid is available, please go to "Start Menu > Processes and Tasks > Manage automatic tasks", and you will something like "Reconcile all accounts from <AGENT_NAME>".
About the synchronization of the objects, there are two possible options:
- If you are checked the generic attribute "Read Only" in the "Basics" tab, only the changes in the managed systems will be updated in Soffid. We recommend this options until the global configuration of Soffid will be tested.
- If you are not checked the generic attribute "Read Only" in the "Basics" tab, all the changes in Soffid or the managed system will be updated in the other. Note that this synchronization must be configured in the "Attribute mapping" tab correctly.