Objective :
The objective of this article is to show how can an Application Instance can be configured , and how it can provisioned to the user successfully .
Configuring Application Instance :
Application instances are provisionable resources . It is a combination of IT resource instance (target connectivity and connector configuration) and resource object (provisioning mechanism).
In pre-R2 releases, requests creation was based on name of resources and it was Administrator-centric, which needed good knowledge of technology. However in 11g Release 2 (11.1.2), accounts and entitlements of users are associated with application instances, and not with the IT resource instance or resource object. This makes it easier for an end user to operate.
Application instance will be published to organizations and can be requested by users of those organizations. Suppose Microsoft Active Directory (AD) is to be provisioned to users across different organizations or departments across the world. You can define application instances consisting of the following:
1)AD as the resource object
2)Each AD server instance with the connectivity information, such as URL and password, as IT resources
This is because the resource object is same for all users, but the connectivity information, such as port number, can be different for users who are part of different organizations. Therefore, the AD resource object can be provisioned as an application instance without the user being aware of the connectivity information.
Application Instance is the provisionable entity. In order to get an account in a specific target, end users will need to request for the application instance. Instead of requesting for a resource and configuring IT resource instance separately, end user can request for an application instance. The request is subject to approval by an approver. When the request is approved, the resource is provisioned to the user, and an account is created in the target system.
You cannot create Application Instance directly first you need to create sandbox . Whenever you are customizing
the OIM you have to create the sandbox . When we perform the changes all the changes will be saved in the sandox and when the administrator confirms that its worling fine then you can export that sandox so that it is available to the live users . If anything goes wrong you can just delete the sandbox so that nothing will be modified in OIM .
-> To create sanbox click On Sandboxes link in right top corner as shown in below screen shot.
1. Click on Create Sandbox
2. Name the Sandbox SB4ApplicationInstance & click on save
Now on the screen you can see there is one Active Sandbox (SB4ApplicationIstance) , henceforth whatever changes will be done will be captured on sandbox . At a time you can keep only one sandbox active.
Now we will go for Application Instance creation .
Steps to create Application Instance :
1) Click on Configuration>Application Instance
2)Click on Create
3) Enter the details :
Name : OUD Server
Display Name : OUD Server
4)Search for Resource Object and select LDAP user
5)Search IT Resource Instance Name & select OUD_ITR which we had created .
Sandbox is going to use a form , so we will create a new form by Clicking on Create . OIM data will be available temporarily in these form and then will be transferred to connectors while provisioning .
Give the Form Name as OUDForm & Click on Create
6)Refresh & Select the OUDForm from the list
Finally the values enetered for creating the Application Instance are as per the following screen shot .
Once all the required values entered click on Save and Application Instance will be successfully created .
7)Now we can publish the sandbox now , if anything goes wrong we can just delete the sandbox . . To publish Click on the Sandbox 
It will ask Do you want to continue ? Click on Yes to publish
Once you publish you will se that there is no Active Sandbox in the list .
8) Now we will login to Admin console and I will search for the user kashif123 and provision him the Application Instance . Before provisioning we need to run the scheduler jar file .
To run the jar file Click on System Management>Scheduler
Then perform *OU* lookup and find OU Reconciliation Job that we need to run . Once you find LDAP Connector Group Lookup Reconciliation Job select it .
Under Job Details tab :
Update IT Reosurce Name to OUD_ITR (The IT Resource which we created .).
Click on Apply & then on Run Now to run this job .
The Job Status should change to Running once you run this job . Once the job is stopped its successfull.
Now we will go to Identity Self Service Control and search for the user kashif123 for whome we will provision in the resource on his behalf .
-> Click on Accounts>Request Account.
We can see that no resource is provisioned for the user .
-->In the Catalog search for OUD server instance .
You will see that OUD server is an Application Instance .
--> Select OUD Server & Click on Add to Cart .
You will get the message that item added to the Cart .
--> Once the item is added , you need to click on Checkout .
When you click Checkout it shows one more screen wherein you will see that Submit button is not enabled.
When you scroll down it will ask to enter User ID for which the resource will be provisioned ,but we wont enter manually it will take it from OIM attribute automatically . But if we can also enter the User Id and password if we want. But it is unable to decide which will be the Container DN(people or group ). So click on Search button to search for the Container DN .
Once new window opens click on Search button to search for the Conatiner DN . If none of the containers are listed you need to go back and run Reconciliation job again .
To run the reconciliation job we need to go to Identity System Administration :
1) Go to System Management > Scheduler
2) Search for ldap*
3) Select LDAP Connector OU Lookup Reconciliation .
4)Change the IT Resource Name to OUD_ITR.
5) Click on Apply & Then Run Now
6) If the Execution Status changes to Sussessfull your JOB is now properly configured .
So new we will go back to Identity Self Service screen and search for Container DN .
--> Once Clicking the Search button and you will se two Containers one is people container & the other is group container . We will select the people Container from the list and click on Ok
-> Once Container is selected , enter the User Id as kashif123 and enter he password .
--> Once all the information entered click on Ready to submit.
Once you click on Rady To Submit user will be provisioned through OUD now .
--> Now we will go to the User Details to see whether the user is provisioned with Resource or not .
--> Click Accounts tab & Click Refresh Button you will see that the user is provisioned with LDAP resource .
Now the reosurce is successfuly provisioned for the user . That means user Kashif is provisioned to OUD server and he can access the OUD Server .
9)To modify the attributes of an application instance:
1)In the Application Instances page, search and select the application instance that you want to open.
2)From the Actions menu, click Open. Alternatively, click Open on the toolbar. You can also click the Display Name of the application instance.
3)The Application Instance details page is displayed.
4)Ensure that the Attributes tab is displayed. The fields that you are not allowed to modify are grayed out.
5)Edit the values in the fields, such as Display Name, Description, Form, and Parent AppInstance.
6)Click Apply. The attribute modifications are saved.
10) Now lets open the LDAP beowser again to see that whether the user is created .
You need to refresh to see the changes , Right Click ou=people and select Reload Entry .
--> After exanding you will se that there is one user available now in people's container i.e. kashif123
Also he can access other applications which are using OUD as user store . Similarly you can request other reosurces available in Group container also as was listed in LDAP like Advertising , Approval Journal Entries . etc . For requesting Advertising which is in Group container you need to request for Entitlement instaed of requesting for Accounts.
Summary :
1) Unzip connector zip file to connectors default folder . (oim installation folder )
2) Login ti Sytsem Admin Console and install the connector
3) Configure the I.T Resource
4) Create a Sandbox & create an Application Instance.
5) OU Lookup- Container(Sysadmin) , which is the Conatiner where the users will be provisioned .
6) Group Lookup- Entitlement Harvesting(sysadmin)
FAQ's:
What is LDAP ?
LDAP is the protocol to acces the Directory Services that can be OUD or any other directory services , like http is the protocol to acces web application , to access database we use sql protocol .
Apps2Fusion Articles 
Comments
tips on how to get listed in Yahoo News? I've been trying for a while but I never seem to get there!
Many thanks
Here is my web site: Myrtis: http://ikeynote.cn/home.php?mod=space&uid=2674271
I saved as a favorite it to my bookmark webpage list and will be checking back soon. Take a look at
my website as well and let me know how you feel.
of area . Exploring in Yahoo I eventually stumbled upon this website.
Studying this info So i'm happy to show that I've a very just right uncanny feeling I came upon just what I needed.
I so much undoubtedly will make certain to do not put out of your mind this site and provides it a glance regularly.
from PHP. I have always disliked the idea because of the expenses.
But he's tryiong none the less. I've been using WordPress on various websites
for about a year and am worried about switching to another platform.
I have heard great things about blogengine.net.
Is there a way I can transfer all my wordpress content into it?
Any kind of help would be really appreciated!
I assumed this put up used to be good. I do not know who you might be however
certainly you're going to a famous blogger for those who are not already.
Cheers!
Do you have any suggestions on how to get listed in Yahoo News?
I've been trying for a while but I never seem to get there!
Cheers
RSS feed for comments to this post