oracle identity manager interview questions

7/23/2019 Oracle Identity Manager Interview Questions

http://slidepdf.com/reader/full/oracle-identity-manager-interview-questions 1/34

Oracle Identity Manager Interview Questions

What are the steps to integrate Active Directory with Oracle Identity Manager ?

How will I confgure Scheduler only on single node in a clustered environment which

is having more than one node OIM !"g and OIM !!g# ?

What are the possi$le ways to integrate Approval Wor%&ow with a 'esource O$(ect

in Oracle Identity Manager !!g ?

How )scalation and 'emiders *otifcation wor% in Oracle Identity Manager !!g ?

How will you add additional felds on Sel+ 'egister ,orm OIM !"g and OIM !!g# ?

How Approval -olicies are di.erent +rom Access -olcies ?

How do we create comple/ rules +or Approval -olicies ?

What is the signifcance o+ 01reate 'econciliation -rofle0 $utton in Oracle IdentityManager !!g ?

What are O$(ect 'econciliation 'ule ?

)/plain the Architecture o+ OIM ?

How will $e remove 2alidation +or duplicate email address ?

Di.erence $etween OIM !!g '! and OIM !!g '3 ?

Di.erence $etween OIM !"g and OIM !!g '3 ?

What is 'e4uest 1atalog ?

What is 'e4uest -rofle ?

Di.erence $etween Application Instance and 'esource O$(ect ?

What are Admin 'oles ?

)/perience with 5I 1ustomi6ation in OIM !!g '3 ?

)/perience with I1, 1onnector ?

)/perience in upgrading e/isting OIM implementation to OIM !!g '3 ?

7ist o+ connectors which you have wor%ed on ?

High level steps +or 1ustom 1onnector ?



What are Archival 5tilities ?

How do you hide Admin 7in%s +or )nd 5sers +rom Identity 1onsole ?

What are +actors which one should %eep in mind +or upgrade pro(ect ?

How will you plan an upgrade pro(ect ?

What are the $enefts o+ Identity Management?

1entrali6ed auditing and reporting 8 9now who did what and report on system

usage:

'educe I; operating costs 8 Immediate return on investment is reali6ed $y

eliminating the use o+ paper +orms< phone calls and wait time +or new account

generation and ena$ling

user sel+ service and password management:

Minimi6e Security 'is% 8 1ontrol access to the networ% and instantaneously update

accounts in a comple/ enterprise environment including= layo.s< ac4uisitions<

partner

changes< temporary and contract wor%ers:

Improved 4uality o+ I; services

7egal compliance 8 Many government mandates re4uire secure control o+ access:

How does Identity Management IDM# wor%?

;he process involves creating user accounts that are a$le to $e modifed< disa$led

or deleted: Delegated wor%&ows< rules and policies are applied to the users account:

A user profle will tell the company= who they are< what they are entitled to do< whenthey are allowed to per+orm specifc +unctions< where they are allowed to per+orm

+unctions +rom and why they have $een granted permissions:



How are Identity Management Solutions Implemented?

Step One= Inventory and assess current investments and processes: 1lean and

consolidate identity data stores: 1reate virtual identities +or enterprise users:

Step ;wo= Design and deploy identity in+rastructure components: 1reate identity

provisioning and deploy password management< user sel+>service< and regulatory

compliance:

Step ;hree= Deliver applications and services: Access management deployed to a

clean environment: 7everage +ederated identity +or improving supply chain and

employee

eciencies:

)/plain the Architecture o+ Oracle identity Manager?

;he Oracle Identity Manager architecture consists o+ three tiers

;ier != 1lient= ;he Oracle Identity Manager application @5I component reside in this

tier: 5sers log in $y using the Oracle Identity Manager client:;he Oracle Identity

Manager

client interacts with the Oracle Identity Manager server< providing it with the users

login credentials:

;ier 3= Application Server= ;he second tier implements the $usiness logic< which

resides in the Bava Data O$(ects that are managed $y the supported B3))application server

BCoss application server< C)A We$7ogic< and ICM We$Sphere#: ;he Bava Data

O$(ects implement the $usiness logic o+ the Oracle Identity Manager application<

however< they are



not e/posed to any methods +rom the outside world: ;here+ore< to access the

$usiness +unctionality o+ Oracle Identity Manager< you can use the A-I layer within

the B3))

in+rastructure< which provides the loo%up and communication mechanism:

;ier = Data$ase= ;he third tier consists o+ the data$ase: ;his is the layer that is

responsi$le +or managing the storage o+ data within Oracle Identity Manager:

How many ;ypes o+ users are there in oracle identity manager?

)/plain the -rovisioning and 'econciliation process?

)/plain the Auto provisioning -rocess?

What is Deprovisioning )/plain auto deprovisioning process?

What is purpose o+ 'econciliation Manager?

Eou can loo% here +or recon data once reconciliation is complete: Eou can determine

whether event received and lin%ed +or not:

What is Application Server and We$ server?

A We$ server e/clusively handles H;;- re4uests< whereas an application server

serves $usiness logic to application programs through any num$er o+ protocols:

We$server mainly handles the Http re4uests $ut app server can $e used to handle

the http< rmi< ;1-FI- and many more protocols: We$server (ust handles the re4uests

o+ the



we$page 8 means suppose< a html pagepresentation layer# re4uests a data > here

script is written containing the $usiness logic < then it (ust give the response with

the

re4uired data +rom the data$ase: ;hen the html page with script is used to show the

retrieved in+ormation: In case o+ application server< it does the same thing< o+

getting

and gives the response $ut it can process the re4uests: i:e: in this case< instead o+

script %now how to +etch the data< the script is simply used to call the applications

servers loo%up service to retrieve and process the data: i:e here< application server

is used +or processingFapplying logic: ;he we$ server can $e considered as the

su$set o+

app server

;he $asic di.erence $etween a we$ server and an application server is

We$Server can e/ecute only we$ applications i:e: servlets and BS-s and has only a

single container %nown as We$ container which is used to interpretFe/ecute we$

applications

Application server can e/ecute )nterprise application< i<e servlets< (sps< and )BCs# it

is having two containers

!: We$1ontainer +or interpretingFe/ecuting servlets and (sps#

3: )BC container +or e/ecuting )BCs#: It can per+orm operations li%e load $alancing <

transaction demarcation etc

What is the purpose o+ rule designer?



5se this +orm to create rules that can $e applied to password policy selection<

automatic group mem$ership< provisioning process selection< tas% assignment< and

prepopulating

adapters

@eneral

-rocess Determination

;as% Assignment

-re>-opulate

What is Adapter? What Adapters availa$le in OIM?

An adapter is a Bava class that is created $y an Oracle Identity Manager user

through the Adapter ,actory:

-rocess ;as%s adapters > automate completion o+ a process tas% and are attached to

a -rocess Defnition ,orm AD user< OID 5ser< etc#

)ntity Adapter > automatically populates a feld on the OIM 5ser +orm or custom5ser ,orm on pre>update< pre>delete< pre>insert< post>insert< post>update< or post>

delete



-re>-opulate Adapter > specifc type o+ rule generator attached to a user>created

+orm feld that can automatically generate data to the +orm $ut does not save that

data to

the OIM data$ase $ut does send that in+ormation to appropriate directory user

o$(ect: ;he data can come +rom manual entry on a +orm or +rom automated entry

+rom the OIM

defned +orms:

'ule @enerator > can populate felds automatically on an OIM +orm or a user>created

+orm and save to the OIM data$ase $ased on $usiness rules

;as% Assignment Adapter > automates the assignment o+ a process tas% to a user or

group

)/plain the Approval process?

What is suppress standard approval process?

Have u involved to develop a custom connector?

Have u involved to develop a custom adapter?

)/plain the attestation process?

What is clustering in IDM?

)/plain the process o+ user defned feld1ustome ,ield# provisioning process?



)/plain the deligate administration processDesign consoleGAdmin console#?

How do re+er 7ogs +or OIM Server?

)/plain the password Sync?

How to confger the connector?

What is on $oarding< o. $oarding process?

)/plain the archatecture o+ O2D<OID?

1an you @enerate connector using @;1?

What is pro/y<How to modi+y and remove pro/y?

1an you e/plain how to e/port aconnector?

What is report?what is di.erence $etween operational reports and historical

reports?

Operational 'eport=

5ser )ntitlements

'esource Access 7ist



@roup Mem$ership

-olicy 7ist

OIM -assword )/piration

Approval Status $y Approver

Historical 'eports=

5ser Access History

'esource Access 7ist History

5ser -rofle History

5ser Mem$ership History

@roup Mem$ership History

5ser 7i+ecycle

5sers Deleted

;as% Assignment History



How to 1hange the +unctionality o+ the Administrative console without modi+ying the

Oracle Identity Manager code?

How to modi+y loo% and +eel o+ Administrative console?

HOW to version 5pgrade in OIM?

Di.erence $etween O$(ect ,orm and -rocess ,orm?

Di.erence $etween )vent Handler and )ntity Adapter ?

Di.erence $etween ;rusted and ;arget 'econciliation ?

What are the $asic steps +or 1reating a 1ustom 'eport in OIM ?

All types o+ Adapters and their +unctions ?

Di.erence $etween O$(ect ,orm and -rocess ,orm ?



What is 'esource O$(ect in OIM ?

Di.erence $etween I; 'esource ;ype Defnition G I; 'esource ?

How to 'econcile -assword through ;rusted 'econciliation ?

How to Send -assword in an )mail at 5ser 1reation into OIM ?

Casic Steps +or 5I 1ustomi6ation say 0Help Des% ,unctionality0

!! @ Cased =

What is the di.erence $etween 'e4uest Dataset and 'e4uest ;emplate ?

How do you send data +rom 'e4uest DatasetFO$(ect ,orm to -rocess ,orm ?

What is the $eneft +or 5ploadBar 5tility in Oracle Identity Manager !!g ?

Casic di.erence $etween Oracle Identity Manager !"g and OIM !!g ?



What is the +unction o+ O2D Oracle 2irtual Directory# in OIM !!g ?

Steps to create ;wo 7evel SerialF-arallal Approval -rocess in C-)7 ?

How to modi+y data o+ a re4uest dataset associated with a 'e4uest ID ?

Steps to create )vent Handlers in OIM !!g and how it is di.erent +rom OIM !"g

)vent handlers ?

Which class do we implement to create Schedule ;as% in OIM !!g and which

methods are re4uired to override ?

How to allow a group o+ users to trac% each re4uest in Oracle Identity Manager

!!g ?

What are 0Approval -olicies0 and 0Access -olicies0 ?

What is O-A;1H ?

What are the advantages o+ having Stored procedure $ased 'econciliation?

Celow Questions 1ourtsey u$air 9han =

What is the di.erence $etween OIM !!g and !"g +rom the high level architecture

perspective?

Ans!= At high level $elow are the $rie+ di.erences

a# !"g 'e4uest Management has $een replaced $y SOA composite which has a

customi6ed schema accommodating C-)7 and Human ;as%:



$# 'econciliation engine has $een re>written in !!g to enhance the per+ormance $y

introducing the cache mechanism:

c# O)S li$raries are used as an authori6ation engine unli%e !"g had its own o$(ect vs

view $ased authori6ation:

d# -lugin services plat+orm is introduced in !!g to have easy customi6ation in place

which can $e some what mapped to entity adapter +unctionality in !"g:

e# @roups in !"g are now called as 'oles in !!g with some modifcations which

ma%es it li%e ldap roles:

Some more di.erences related with notifcations< schedulers and etc can $e

discussed i+ time permits:

Q3= What is ,orm 2ersion 1ontrol 5tility ,21# and why it is used?

Q= What are the $enefts o+ using MDS in OIM !!g ?

Q= Suppose i+ a target system is integrated with OIM and the administrator o+ that

particular application creates an account in it: How would you %now this irregularity

through OIM?

QJ= Suppose you dont have the connector cloning tool in OIM< then how would you

clone a connector? )/plain the step $y step approach:

QK= Why OIM uses 'emote Manager 'M#?

QL= What is a service account? Or Why a service account is re4uired?

Q= Will account attri$utes o+ a service account would change with the change o+ its

owner corresponding user account? )/plain your reasoning in either case?



QN= What is the signifcance o+ 5S';riggersP loo%up?

Q!"= Di.erentiate the scenario when you would use ldap sync 2S OID 1onnector?

Q!!= Suppose i+ you have to write a custom connector +or a ;arget Application

e/posing some (ava A-I: What all methods do u need to write a $asic connector?

Q!3= Di.erentiate $Fw 'e4uest Model and 'e4uest ;emplate:

Q!= What all di.erent levels o+ approvals does OIM !!g approval engine carry? Also

e/plain their di.erences:

Q!= What is SOD? how it has $een implemented in OIM?

Q!J= While migrating OIM !"g to !!g what all components can directly $e

migrated?

-ro$lem =

How to use ,215til,orm 2ersion 1ontrol 5tility# in OIM +or newer version o+ +orm to

wor% +or users which are already provisioned with that resource o$(ect:

Solution =OIM have ,orm 2ersion 1ontrol 5tilityR ,215til# utility to deal with this:Cy the help o+ ,215til< newer version o+ +orm will wor% +or e/isting usersi:e= users

those are already provisioned with the old :



'un the +vcutil:cmd +or this $ut need to ma%e sure +vc:properties fle should $e

properly confgured then only changes will $e re&ect:

Important 4uestion O$(ect +orm versus -rocess +orm T O$(ect +orm in !!g 'eplaced

$y 'e4uest Data SetU

;he $asics are that a -rocess +orm is attached to a process< such as a provisioning

process< and an o$(ect +orm is attached to a resource o$(ect: When a provisioning

process

has $een initiated that +orm is re4uired data:However< i+ a re4uest< either a sel+>

re4uest or a re4uest +rom some manager or admin< is initiated< then it is not yet a

provisioning process and is only a re4uest: In this case< a re4uest +or a

o$(ect +orm< i+ there is one: Once the re4uired in+ormation +or the re4uest has $een

input< and i+ there are approvals then those must also $e completed< then it triggers

some

provisioning

provisioning process then triggers its attached process +orm i+ needed# and

completes the provisioning:

'e+er +or more details =

http=FFdocs:oracle:comFcdF)!"N!"!Fdoc:N!"Fe!"KFdevtools:htm

Whats is the Structure +or OIM o$(ects and their relationship ?

!: 'esource O$(ect



3: I; 'esource

: 5ser defned adapters +or create F update F delete operations:

: 'esource -rocess ,orm associated with 'esource O$(ect:

J: -rocess Defnition associated with 'esource O$(ect and 'source -rocess +orm:

K: -rocess Defnition have tas%s +or each process +orm felds:;hese are tas%s

associated with a$ove created adapters:

Adapters again T Most imp +unctions o+ OIM U = 'e+er ;ool re+erence guide +or more

details =

;here are fve types o+ adapters=

■ A process tas% adapter< which allows Oracle Identity Manager to automate the

completion o+ a process tas%:

■ A tas% assignment adapter< which ena$les Oracle Identity Manager to automate

the assignment o+ a process tas% to a user or group:

■ A rule generator< which incorporates $usiness rules to the felds o+ either an

Oracle



Identity Manager +orm or a user>defned +orm created using the ,orm Designer

+orm#< so these felds can $e populated automatically and saved to the Oracle

Identity Manager data$ase:

■ A pre>populate adapter< which is a specifc type o+ rule generator adapter that can

$e attached to a user>created +orm feld: ;he data generated $y this type o+ adapter

can appear either automatically or manually: In addition< it uses criteria that

ena$le Oracle Identity Manager to determine which pre>populate adapter will $e

applied to the designated +orm feld: It then populates the designated +orm feld

without saving this in+ormation to the Oracle Identity Manager data$ase:

■ An entity adapter< which is attached to an Oracle Identity Manager or user>created

+orm feld: Oracle Identity Manager triggers an entity adapter on pre>insert<

pre>update< pre>delete< post>insert< post>update< or post>delete: Once this occurs<

the feld to which the adapter is attached is populated automatically and saved to



the Oracle Identity Manager data$ase:

-osted $y A$hinav 'aina at N=J! -M *o comments=

7a$els= OIM Interview Questions

Wednesday< March 3< 3"!3

OIM Interview Questions >1ollections -art !

PP I have tried to collect OIM interview 4uestions +rom various $logsF sites F +orums

li%e re+erence o+ those $logs:

!! @ Cased= http=FFidentityandaccessmanager:$logspot:comF3"!!F"3F$asic>

interview>4uestion>+or>oim>!"g:html

!"g Questions= http=FFidentityandaccessmanager:$logspot:comF3"!!F"3F$asic>interview>4uestion>+or>oim>!"g:html

Idea here is to provide a collective spot so that we can prepare +or interview and

crac% them in single shot =#

What are the $enefts o+ Identity Management?

1entrali6ed auditing and reporting 8 9now who did what and report on system

usage:

'educe I; operating costs 8 Immediate return on investment is reali6ed $y

eliminating the use o+ paper +orms< phone calls and wait time +or new account

generation and ena$ling

user sel+ service and password management:

Minimi6e Security 'is% 8 1ontrol access to the networ% and instantaneously update

accounts in a comple/ enterprise environment including= layo.s< ac4uisitions<

partner

changes< temporary and contract wor%ers:



Improved 4uality o+ I; services

7egal compliance 8 Many government mandates re4uire secure control o+ access:

How does Identity Management IDM# wor%?

;he process involves creating user accounts that are a$le to $e modifed< disa$led

or deleted: Delegated wor%&ows< rules and policies are applied to the users account:

A user profle will tell the company= who they are< what they are entitled to do< when

they are allowed to per+orm specifc +unctions< where they are allowed to per+orm

+unctions +rom and why they have $een granted permissions:


Step One= Inventory and assess current investments and processes: 1lean and

consolidate identity data stores: 1reate virtual identities +or enterprise users:

Step ;wo= Design and deploy identity in+rastructure components: 1reate identity

provisioning and deploy password management< user sel+>service< and regulatorycompliance:

Step ;hree= Deliver applications and services: Access management deployed to a

clean environment: 7everage +ederated identity +or improving supply chain and

employee

eciencies:

)/plain the Architecture o+ Oracle identity Manager?

;he Oracle Identity Manager architecture consists o+ three tiers



;ier != 1lient= ;he Oracle Identity Manager application @5I component reside in this

tier: 5sers log in $y using the Oracle Identity Manager client:;he Oracle Identity

Manager

client interacts with the Oracle Identity Manager server< providing it with the users

login credentials:

;ier 3= Application Server= ;he second tier implements the $usiness logic< which

resides in the Bava Data O$(ects that are managed $y the supported B3))

application server

BCoss application server< C)A We$7ogic< and ICM We$Sphere#: ;he Bava DataO$(ects implement the $usiness logic o+ the Oracle Identity Manager application<

however< they are

not e/posed to any methods +rom the outside world: ;here+ore< to access the

$usiness +unctionality o+ Oracle Identity Manager< you can use the A-I layer within

the B3))

in+rastructure< which provides the loo%up and communication mechanism:

;ier = Data$ase= ;he third tier consists o+ the data$ase: ;his is the layer that is

responsi$le +or managing the storage o+ data within Oracle Identity Manager:

How many ;ypes o+ users are there in oracle identity manager?


)/plain the Auto provisioning -rocess?



What is Deprovisioning )/plain auto deprovisioning process?


Eou can loo% here +or recon data once reconciliation is complete: Eou can determine

whether event received and lin%ed +or not:


A We$ server e/clusively handles H;;- re4uests< whereas an application server

serves $usiness logic to application programs through any num$er o+ protocols:

We$server mainly handles the Http re4uests $ut app server can $e used to handlethe http< rmi< ;1-FI- and many more protocols: We$server (ust handles the re4uests

o+ the

we$page 8 means suppose< a html pagepresentation layer# re4uests a data > here

script is written containing the $usiness logic < then it (ust give the response with

the

re4uired data +rom the data$ase: ;hen the html page with script is used to show the

retrieved in+ormation: In case o+ application server< it does the same thing< o+

getting

and gives the response $ut it can process the re4uests: i:e: in this case< instead o+

script %now how to +etch the data< the script is simply used to call the applications

servers loo%up service to retrieve and process the data: i:e here< application serveris used +or processingFapplying logic: ;he we$ server can $e considered as the

su$set o+

app server



;he $asic di.erence $etween a we$ server and an application server is

We$Server can e/ecute only we$ applications i:e: servlets and BS-s and has only a

single container %nown as We$ container which is used to interpretFe/ecute we$

applications

Application server can e/ecute )nterprise application< i<e servlets< (sps< and )BCs# it

is having two containers

!: We$1ontainer +or interpretingFe/ecuting servlets and (sps#

3: )BC container +or e/ecuting )BCs#: It can per+orm operations li%e load $alancing <

transaction demarcation etc


5se this +orm to create rules that can $e applied to password policy selection<

automatic group mem$ership< provisioning process selection< tas% assignment< and

prepopulating

adapters

@eneral

-rocess Determination

;as% Assignment

-re>-opulate

What is Adapter? What Adapters availa$le in OIM?



An adapter is a Bava class that is created $y an Oracle Identity Manager user

through the Adapter ,actory:

-rocess ;as%s adapters > automate completion o+ a process tas% and are attached to

a -rocess Defnition ,orm AD user< OID 5ser< etc#

)ntity Adapter > automatically populates a feld on the OIM 5ser +orm or custom

5ser ,orm on pre>update< pre>delete< pre>insert< post>insert< post>update< or post>

delete

-re>-opulate Adapter > specifc type o+ rule generator attached to a user>created

+orm feld that can automatically generate data to the +orm $ut does not save that

data to

the OIM data$ase $ut does send that in+ormation to appropriate directory user

o$(ect: ;he data can come +rom manual entry on a +orm or +rom automated entry

+rom the OIM

defned +orms:

'ule @enerator > can populate felds automatically on an OIM +orm or a user>created

+orm and save to the OIM data$ase $ased on $usiness rules

;as% Assignment Adapter > automates the assignment o+ a process tas% to a user or

group

)/plain the Approval process?

What is suppress standard approval process?



Have u involved to develop a custom connector?


)/plain the attestation process?


)/plain the process o+ user defned feld1ustome ,ield# provisioning process?

)/plain the deligate administration processDesign consoleGAdmin console#?

How do re+er 7ogs +or OIM Server?

)/plain the password Sync?

How to confger the connector?

What is on $oarding< o. $oarding process?

)/plain the archatecture o+ O2D<OID?

1an you @enerate connector using @;1?

What is pro/y<How to modi+y and remove pro/y?



1an you e/plain how to e/port aconnector?

What is report?what is di.erence $etween operational reports and historicalreports?

Operational 'eport=

5ser )ntitlements

'esource Access 7ist

@roup Mem$ership

-olicy 7ist

OIM -assword )/piration

Approval Status $y Approver

Historical 'eports=

5ser Access History

'esource Access 7ist History

5ser -rofle History



5ser Mem$ership History

@roup Mem$ership History

5ser 7i+ecycle

5sers Deleted

;as% Assignment History

How to 1hange the +unctionality o+ the Administrative console without modi+ying the

Oracle Identity Manager code?

How to modi+y loo% and +eel o+ Administrative console?

HOW to version 5pgrade in OIM?

Di.erence $etween O$(ect ,orm and -rocess ,orm?

Di.erence $etween )vent Handler and )ntity Adapter ?

Di.erence $etween ;rusted and ;arget 'econciliation ?

What are the $asic steps +or 1reating a 1ustom 'eport in OIM ?



All types o+ Adapters and their +unctions ?

Di.erence $etween O$(ect ,orm and -rocess ,orm ?

What is 'esource O$(ect in OIM ?

Di.erence $etween I; 'esource ;ype Defnition G I; 'esource ?

How to 'econcile -assword through ;rusted 'econciliation ?

How to Send -assword in an )mail at 5ser 1reation into OIM ?

Casic Steps +or 5I 1ustomi6ation say 0Help Des% ,unctionality0

!! @ Cased =



What is the di.erence $etween 'e4uest Dataset and 'e4uest ;emplate ?

How do you send data +rom 'e4uest DatasetFO$(ect ,orm to -rocess ,orm ?

What is the $eneft +or 5ploadBar 5tility in Oracle Identity Manager !!g ?

Casic di.erence $etween Oracle Identity Manager !"g and OIM !!g ?

What is the +unction o+ O2D Oracle 2irtual Directory# in OIM !!g ?

Steps to create ;wo 7evel SerialF-arallal Approval -rocess in C-)7 ?

How to modi+y data o+ a re4uest dataset associated with a 'e4uest ID ?

Steps to create )vent Handlers in OIM !!g and how it is di.erent +rom OIM !"g

)vent handlers ?

Which class do we implement to create Schedule ;as% in OIM !!g and which

methods are re4uired to override ?

How to allow a group o+ users to trac% each re4uest in Oracle Identity Manager

!!g ?

What are 0Approval -olicies0 and 0Access -olicies0 ?



What is O-A;1H ?

What are the advantages o+ having Stored procedure $ased 'econciliation?

Celow Questions 1ourtsey u$air 9han =

What is the di.erence $etween OIM !!g and !"g +rom the high level architecture

perspective?

Ans!= At high level $elow are the $rie+ di.erences

a# !"g 'e4uest Management has $een replaced $y SOA composite which has a

customi6ed schema accommodating C-)7 and Human ;as%:

$# 'econciliation engine has $een re>written in !!g to enhance the per+ormance $y

introducing the cache mechanism:

c# O)S li$raries are used as an authori6ation engine unli%e !"g had its own o$(ect vs

view $ased authori6ation:

d# -lugin services plat+orm is introduced in !!g to have easy customi6ation in place

which can $e some what mapped to entity adapter +unctionality in !"g:

e# @roups in !"g are now called as 'oles in !!g with some modifcations which

ma%es it li%e ldap roles:

Some more di.erences related with notifcations< schedulers and etc can $e

discussed i+ time permits:

Q3= What is ,orm 2ersion 1ontrol 5tility ,21# and why it is used?

Q= What are the $enefts o+ using MDS in OIM !!g ?

Q= Suppose i+ a target system is integrated with OIM and the administrator o+ that

particular application creates an account in it: How would you %now this irregularity



through OIM?

QJ= Suppose you dont have the connector cloning tool in OIM< then how would you

clone a connector? )/plain the step $y step approach:

QK= Why OIM uses 'emote Manager 'M#?

QL= What is a service account? Or Why a service account is re4uired?

Q= Will account attri$utes o+ a service account would change with the change o+ its

owner corresponding user account? )/plain your reasoning in either case?

QN= What is the signifcance o+ 5S';riggersP loo%up?

Q!"= Di.erentiate the scenario when you would use ldap sync 2S OID 1onnector?

Q!!= Suppose i+ you have to write a custom connector +or a ;arget Applicatione/posing some (ava A-I: What all methods do u need to write a $asic connector?

Q!3= Di.erentiate $Fw 'e4uest Model and 'e4uest ;emplate:

Q!= What all di.erent levels o+ approvals does OIM !!g approval engine carry? Also

e/plain their di.erences:

Q!= What is SOD? how it has $een implemented in OIM?

Oracle Identity Manager interview questions & answers-2What is an Identity?

An identity is the virtual representation o+ an enterprise resource user including employees<customers< partners and vendors: Identity Management shows the rights and relationships theuser has when interacting with a companyVs networ%:



What are the benefits of Identity Management?

Centralized auditing and reporting 8 9now who did what and report on system usage:

Reduce IT operating costs 8 Immediate return on investment is reali6ed $y eliminating the use

o+ paper +orms< phone calls and wait time +or new account generation and ena$ling user sel+

service and password management:

Minimize Security Risk 8 1ontrol access to the networ% and instantaneously update accounts in

a comple/ enterprise environment including= layo.s< ac4uisitions< partner changes< temporaryand contract wor%ers:

Improved quality of IT services

egal compliance 8 Many government mandates re4uire secure control o+ access:

How does Identity Management (IDM) work?

;he process involves creating user accounts that are a$le to $e modifed< disa$led or deleted:

Delegated wor%&ows< rules and policies are applied to the users account:

A user profle will tell the company= who they are< what they are entitled to do< when they are

allowed to per+orm specifc +unctions< where they are allowed to per+orm +unctions +rom and why

they have $een granted permissions:


Step !ne= Inventory and assess current investments and processes: 1lean andconsolidate identity data stores: 1reate virtual identities +or enterprise users:

Step T"o= Design and deploy identity in+rastructure components: 1reate identityprovisioning and deploy password management< user sel+>service< and regulatorycompliance:

Step Three= Deliver applications and services: Access management deployed to aclean environment: 7everage +ederated identity +or improving supply chain andemployee eciencies:

Are your Identity Management 4uestions not listed in our ,AQs?Our e/perts are ready to help answer all your IDM 4uestions:

Eplain the !r"hite"ture of #ra"le identity Manager?

The Oracle Identity Manager architecture consists of three tiers

$ier %& 'lient& The Oracle Identity Manager application GUI component reside in this tier. Users log in

by using the Oracle Identity Manager client.The Oracle Identity Manager client interacts with the OracleIdentity Manager server, providing it with the user's login credentials.

$ier & !ppli"ation Serer& The second tier implements the business logic, which resides in the ava

!ata Ob"ects that are managed by the supported #$$ application server %&oss application server, &$

(eb)ogic, and I&M (eb*phere+. The ava !ata Ob"ects implement the business logic of the Oracle

Identity Manager application, however, they are not eposed to any methods from the outside world.

Therefore, to access the business functionality of Oracle Identity Manager, you can use the -I layer

within the #$$ infrastructure, which provides the looup and communication mechanism. $ier *& Database& The third tier consists of the database. This is the layer that is responsible for managing

the storage of data within Oracle Identity Manager.How many $ypes of users are there in ora"le identity manager?

Eplain the +roisioning and ,e"on"iliation pro"ess?

Eplain the !uto proisioning +ro"ess?

What is Deproisioning Eplain autodeproisioning pro"ess?

What is purpose of ,e"on"iliation Manager?



/ou can loo here for recon data once reconciliation is complete. /ou can determine whether event received and

lined for not.What is !ppli"ation Serer and Web serer?

(eb server eclusively handles 0TT- re1uests, whereas an application server serves business logic to application programs through any number of protocols.

(ebserver mainly handles the 0ttp re1uests but app server can be used to handle the http, rmi, T2-3I- and many

more protocols. (ebserver "ust handles the re1uests of the webpage 4 means suppose, a html page%presentation

layer+ re1uests a data 5 here script is written containing the business logic , then it "ust give the response with there1uired data from the database. Then the html page with script is used to show the retrieved information. In case of

application server, it does the same thing, of getting and gives the response but it can process the re1uests. i.e. in this

case, instead of script now how to fetch the data, the script is simply used to call the applications server's looup

service to retrieve and process the data. i.e here, application server is used for processing3applying logic. The webserver can be considered as the subset of app server

The basic difference between a web server and an application server is

(eb*erver can eecute only web applications i.e. servlets and *-s and has only a single container nown as (eb

container which is used to interpret3eecute web applicationspplication server can eecute $nterprise application, i,e %servlets, "sps, and $&s+ it is having two containers 6.

(eb2ontainer %for interpreting3eecuting servlets and "sps+

#. $& container %for eecuting $&s+. It can perform operations lie load balancing , transaction demarcation etcWhat is the purpose of rule designer?

Use this form to create rules that can be applied to password policy selection, automatic group membership, provisioning process selection, tas assignment, and prepopulating adapters-eneral

+ro"ess Determination

$ask !ssignment

+re.+opulate

What is !dapter? What !dapters aailable in #IM?

n adapter is a ava class that is created by an Oracle Identity Manager user through the dapter 7actory#• $rocess Tasks adapters > automate completion o+ a process tas% and are

attached to a -rocess Defnition ,orm AD user< OID 5ser< etc#

• %ntity &dapter > automatically populates a feld on the OIM 5ser +orm orcustom 5ser ,orm on pre>update< pre>delete< pre>insert< post>insert< post>update< or

post>delete• $re'$opulate &dapter > specifc type o+ rule generator attached to a user>

created +orm feld that can automatically generate data to the +orm $ut does notsave that data to the OIM data$ase $ut does send that in+ormation to appropriatedirectory user o$(ect: ;he data can come +rom manual entry on a +orm or +romautomated entry +rom the OIM defned +orms:

• Rule (enerator > can populate felds automatically on an OIM +orm or a user>created +orm and save to the OIM data$ase $ased on $usiness rules

• Task &ssignment &dapter > automates the assignment o+ a process tas% to auser or group

Eplain the !pproal pro"ess?

What is suppress standard approal pro"ess?Hae u inoled to deelop a "ustom "onne"tor?

Hae u inoled to deelop a "ustom adapter?

Eplain the attestation pro"ess?

What is "lustering in IDM?

Eplain the pro"ess of user defined field('ustome /ield) proisioning pro"ess?

Eplain the deligate administration pro"ess(Design "onsole0!dmin "onsole)?

How do refer 1ogs for #IM Serer?

Eplain the password Syn"?

How to "onfiger the "onne"tor?



What is on boarding2 off boarding pro"ess?

Eplain the ar"hate"ture of #3D2#ID?

'an you -enerate "onne"tor using -$'?

What is proy2How to modify and remoe proy?

'an you eplain how to eport a"onne"tor?

What is report?what is differen"e between operational reports and histori"al reports?

Operational 8eport9

User $ntitlements8esource ccess )ist

Group Membership

-olicy )ist

OIM -assword $pirationpproval *tatus by pprover

0istorical 8eports9

User ccess 0istory

8esource ccess )ist 0istoryUser -rofile 0istory

User Membership 0istory

Group Membership 0istory

User )ifecycle

Users !eletedTas ssignment 0istoryHow to 'hange the fun"tionality of the !dministratie "onsole without modifying the #ra"le Identity

Manager "ode?

How to modify look and feel of !dministratie "onsole?

H#W to ersion 4pgrade in #IM?

Differen"e between #b5e"t /orm and +ro"ess /orm?

1.What are the steps to integrate Active irectory with Oracle Identity Manager!

2."ow will I con#igure $cheduler only on single node in a clustered environ%ent which is having %ore

than one node OIM 1'g and OIM 11g( !

).What are the possi*le ways to integrate Approval Wor+#low with a ,esource O*ect in Oracle Identity

Manager 11g !

."ow /scalation and ,e%iders 0oti#ication wor+ in Oracle Identity Manager 11g !

. "ow will you add additional #ields on $el# ,egister or% OIM 1'g and OIM 11g( !

3."ow Approval 4olicies are di##erent #ro% Access 4olcies !

Oracle Identity Manager interview questions-1What is Authentication and Authori6ation?


What is the purpose and usages o+ IDM?

What is di.erence $etween (ava version li%e (ava !: and (ava !:J?


How would you provision the users to target application?

What is trusted reconciliation< target reconciliation and se4uential reconciliation?



What is Adapter and what r the types availa$le?

Where u map the %ey values while doing custom feld provisioning?


How would confgure the IDM with Data$ase Application ;a$les?Have u involved to develop a custom connector?


What r rules availa$le in IDM?

What is purpose o+ )ntity adapter and how would we di.erentiate with 'ulegenerator adapter?

What are ;as% assignment adapter and ;as% Assignment 'ule?

How would we suppress the standard approval?

What is tas% scheduler?

1an u e/plain the approval wor% &ow?


How would we provide selected menu items +or delegated user?

What is purpose o+ Access -olicy when we r u sing these access policies?

How would you import the connector mlVs in to IDM?

How would you chec% the 7O@ fles in IDM server?

What is 7DA- Directory Server?

What is O$(ect class in Directory Server?

How would you add custom attri$ute in Directory Server?


oracle identity manager interview questions

Documents