Oracle Identity Cloud Service: Integrating with Microsoft Active Directory Using Directory Integrations

1. In the Identity Cloud Service console, expand the Navigation Drawer , click Settings, click the Directory Integrations, and then click the bridge you just registered.
Tip: The page contains four items where you can select organizational units for users, for groups and configure the synchronization.
• In the Select Organizational Units (OUs) for Users section, select the users that you want to synchronize with Oracle Identity Cloud Service.
  In this example, if you select both Employees and Local Users, only users under these organizational units are synchronized with Oracle Identity Cloud Service.

  View Image

  

• In the Select organizational units(OUs) for Groups Section, select groups to be synchronized with Oracle Identity Cloud Service.
  In this example, if you select the organizational unit Employees, only groups under this organizational unit are synchronized with Oracle Identity Cloud Service.

  View Image

  

• In the Set import frequency section, select the interval at which the agent will run and synchronize users and groups with Oracle Identity Cloud Service.
  

  View Image

  

• The federated authentication is enabled by default. This configuration means the user credentials will be validated against a configured Identity Provider.
  In this tutorial, you need to uncheck the federated authentication checkbox. The Oracle Identity Cloud Service will generate the password for the users and send the notification by email (the email attribute must be filled in Microsoft Active Directory and mapped to the Oracle Identity Cloud Service).
  
2. Click Save.
3. You now see the summary of the bridge configuration.

   View Image

   

4. Click Attribute Mappings tab to modify the default attribute mappings between the Microsoft Active Directory and the Oracle Identity Cloud Service.
   This tutorial uses the default mappings.
   

   View Image

   

5. Click Import tab to see information about the last time the bridge ran. At this moment no information is shown as you did not run it yet.
   

   View Image

   

1. Click Import to manually start the import job.

   View Image

   

   Refresh the page by clicking Refresh. The Last Import Status shows Running.
   

   View Image

   

   After few seconds (or minutes, depending on the number of entries), the synchronization is completed.
   At the end of the synchronization you see important information such as:
   • How many users were successfully imported.
   • How many groups were successfully imported.
   • How many users failed to import, mainly due to attribute value issues.
   • How many groups failed to import, mainly due to attribute value issues.

   View Image

   

1. In the Oracle Identity Cloud Service Console, expand the Navigation Drawer , and then click Users.
   The users imported from the Microsoft Active Directory are displayed in Oracle Identity Cloud Service.
2. In the Navigation Drawer , click Groups.
   The groups imported from Microsoft Active Directory are displayed in Oracle Identity Cloud Service.
3. In the Navigation Drawer , click Group and then click Users tab. The group membership reflects the membership from Active Directory.

The Oracle Identity Cloud Service UI allows you to manage the connection between Oracle Identity Cloud Service and the Identity Bridge agent.

1. In the Oracle Identity Cloud Service console,  expand the Navigation Drawer , click Settings, and then click Directory Integrations.
2. Review the bridge page:
   Tip: This is the same page you review after downloading the Bridge Agent.
   • The bridge example.com status is Active.
3. You can click the bridge and modify the configurations. You can also run an import.
   
4. Optionally, explore the options for the bridge agent row. Oracle Identity Cloud Service offers options for deactivating, activating, and deleting a bridge.

   View Image

   

   Tip: When you delete an agent from the Oracle Identity Cloud Service console, you delete the agent connection. To completely uninstall the agent, run the agent uninstaller on the host machine.

The Identity Bridge configuration utility allows you to manage the connection parameters between Active Directory and Oracle Identity Cloud Service, as well as the user and group synchronization selections.

1. In the bridge agent host, launch the bridge configuration utility (C:\Program Files\Oracle\IDBridge\IDBridgeUI.exe).
2. If the OS displays an authorization dialog, click Yes.
3. The Oracle Identity Cloud Service Active Directory Agent window is displayed.
4. Optionally, explore the View logs and Stop button.
   
   • The View logs button opens a file explorer where the agent log files are stored.
   • The Stop and Start button control the agent service by enabling and disabling it.
5. Close the utility.

In this task, you learn to stop, start, and restart the Identity Bridge Agent Windows service.

1. Launch Windows Services (Click Start > Run. Enter services.msc and click OK).
   Tip: The Services utility manages daemon processes in the Windows OS.
2. Scroll down the list of services and click Oracle Identity Cloud Service Active Directory Agent Service. The left hand will display a description for the bridge service, with options for stopping or restarting the service.
   

   View Image

   

3. Optionally, stop, start, and restart the Oracle Identity Cloud Service Active Directory Agent Service.
4. Optionally, right-click Oracle Identity Cloud Service Active Directory Agent Service, click Properties, and review the additional options.
   Tip: Observe that the Startup Type for this service by default is Automatic. This means that windows launches the agent automatically during the host startup.
5. Close the Services utility.