OIM Interview Questions -Collections Part 1
** I have tried to collect OIM interview questions from various blogs/ sites / forums like reference of those blogs.
11 G Based: http://identityandaccessmanager.blogspot.com/2011/02/basic-interview-question-for-oim-10g.html
10g Questions: http://identityandaccessmanager.blogspot.com/2011/02/basic-interview-question-for-oim-10g.html
Idea here is to provide a collective spot so that we can prepare for interview and crack them in single shot :)
What are the benefits of Identity Management?
Centralized auditing and reporting – Know who did what and report on system usage.
Reduce IT operating costs – Immediate return on investment is realized by eliminating the use of paper forms, phone calls and wait time for new account generation and enabling user self service and password management.
Minimize Security Risk – Control access to the network and instantaneously update accounts in a complex enterprise environment including: layoffs, acquisitions, partner changes, temporary and contract workers.
Improved quality of IT services
Legal compliance – Many government mandates require secure control of access.
How does Identity Management (IDM) work?
The process involves creating user accounts that are able to be modified, disabled or deleted. Delegated workflows, rules and policies are applied to the users account.
A user profile will tell the company: who they are, what they are entitled to do, when they are allowed to perform specific functions, where they are allowed to perform functions from and why they have been granted permissions.
How are Identity Management Solutions Implemented?
Step One: Inventory and assess current investments and processes. Clean and consolidate identity data stores. Create virtual identities for enterprise users.
Step Two: Design and deploy identity infrastructure components. Create identity provisioning and deploy password management, user self-service, and regulatory compliance.
Step Three: Deliver applications and services. Access management deployed to a clean environment. Leverage federated identity for improving supply chain and employee efficiencies.
Explain the Architecture of Oracle identity Manager?
The Oracle Identity Manager architecture consists of three tiers
Tier 1: Client: The Oracle Identity Manager application GUI component reside in this tier. Users log in by using the Oracle Identity Manager client.The Oracle Identity Manager client interacts with the Oracle Identity Manager server, providing it with the user's login credentials.
Tier 2: Application Server: The second tier implements the business logic, which resides in the Java Data Objects that are managed by the supported J2EE application server (JBoss application server, BEA WebLogic, and IBM WebSphere). The Java Data Objects implement the business logic of the Oracle Identity Manager application, however, they are not exposed to any methods from the outside world. Therefore, to access the business functionality of Oracle Identity Manager, you can use the API layer within the J2EE infrastructure, which provides the lookup and communication mechanism.
Tier 3: Database: The third tier consists of the database. This is the layer that is responsible for managing the storage of data within Oracle Identity Manager.
How many Types of users are there in oracle identity manager?
Explain the Provisioning and Reconciliation process?
Explain the Auto provisioning Process?
What is Deprovisioning Explain auto deprovisioning process?
What is purpose of Reconciliation Manager?
You can look here for recon data once reconciliation is complete. You can determine whether event received and linked for not.
What is Application Server and Web server?
A Web server exclusively handles HTTP requests, whereas an application server serves business logic to application programs through any number of protocols.
Webserver mainly handles the Http requests but app server can be used to handle the http, rmi, TCP/IP and many more protocols. Webserver just handles the requests of the webpage – means suppose, a html page(presentation layer) requests a data - here script is written containing the business logic , then it just give the response with the required data from the database. Then the html page with script is used to show the retrieved information. In case of application server, it does the same thing, of getting and gives the response but it can process the requests. i.e. in this case, instead of script know how to fetch the data, the script is simply used to call the applications server's lookup service to retrieve and process the data. i.e here, application server is used for processing/applying logic. The web server can be considered as the subset of app server
The basic difference between a web server and an application server is
WebServer can execute only web applications i.e. servlets and JSPs and has only a single container known as Web container which is used to interpret/execute web applications
Application server can execute Enterprise application, i,e (servlets, jsps, and EJBs) it is having two containers
1. WebContainer (for interpreting/executing servlets and jsps)
2. EJB container (for executing EJBs). It can perform operations like load balancing , transaction demarcation etc
What is the purpose of rule designer?
Use this form to create rules that can be applied to password policy selection, automatic group membership, provisioning process selection, task assignment, and prepopulating adapters
General
Process Determination
Task Assignment
Pre-Populate
What is Adapter? What Adapters available in OIM?
An adapter is a Java class that is created by an Oracle Identity Manager user through the Adapter Factory.
Process Tasks adapters - automate completion of a process task and are attached to a Process Definition Form ( AD user, OID User, etc)
Entity Adapter - automatically populates a field on the OIM User form or custom User Form on pre-update, pre-delete, pre-insert, post-insert, post-update, or post-delete
Pre-Populate Adapter - specific type of rule generator attached to a user-created form field that can automatically generate data to the form but does not save that data to the OIM database but does send that information to appropriate directory user object. The data can come from manual entry on a form or from automated entry from the OIM defined forms.
Rule Generator - can populate fields automatically on an OIM form or a user-created form and save to the OIM database based on business rules
Task Assignment Adapter - automates the assignment of a process task to a user or group
Explain the Approval process?
What is suppress standard approval process?
Have u involved to develop a custom connector?
Have u involved to develop a custom adapter?
Explain the attestation process?
What is clustering in IDM?
Explain the process of user defined field(Custome Field) provisioning process?
Explain the deligate administration process(Design console&Admin console)?
How do refer Logs for OIM Server?
Explain the password Sync?
How to configer the connector?
What is on boarding, off boarding process?
Explain the archatecture of OVD,OID?
Can you Generate connector using GTC?
What is proxy,How to modify and remove proxy?
Can you explain how to export aconnector?
What is report?what is difference between operational reports and historical reports?
Operational Report:
User Entitlements
Resource Access List
Group Membership
Policy List
OIM Password Expiration
Approval Status by Approver
Historical Reports:
User Access History
Resource Access List History
User Profile History
User Membership History
Group Membership History
User Lifecycle
Users Deleted
Task Assignment History
How to Change the functionality of the Administrative console without modifying the Oracle Identity Manager code?
How to modify look and feel of Administrative console?
HOW to version Upgrade in OIM?
Difference between Object Form and Process Form?
Difference between Event Handler and Entity Adapter ?
Difference between Trusted and Target Reconciliation ?
What are the basic steps for Creating a Custom Report in OIM ?
All types of Adapters and their functions ?
Difference between Object Form and Process Form ?
What is Resource Object in OIM ?
Difference between IT Resource Type Definition & IT Resource ?
How to Reconcile Password through Trusted Reconciliation ?
How to Send Password in an Email at User Creation into OIM ?
Basic Steps for UI Customization say "Help Desk Functionality"
11 G Based :
What is the difference between Request Dataset and Request Template ?
How do you send data from Request Dataset/Object Form to Process Form ?
What is the benefit for UploadJar Utility in Oracle Identity Manager 11g ?
Basic difference between Oracle Identity Manager 10g and OIM 11g ?
What is the function of OVD (Oracle Virtual Directory) in OIM 11g ?
Steps to create Two Level Serial/Parallal Approval Process in BPEL ?
How to modify data of a request dataset associated with a Request ID ?
Steps to create Event Handlers in OIM 11g and how it is different from OIM 10g Event handlers ?
Which class do we implement to create Schedule Task in OIM 11g and which methods are required to override ?
How to allow a group of users to track each request in Oracle Identity Manager 11g ?
What are "Approval Policies" and "Access Policies" ?
What is OPATCH ?
What are the advantages of having Stored procedure based Reconciliation?
Below Questions Courtsey Zubair Khan :
What is the difference between OIM 11g and 10g from the high level architecture perspective?
Ans1: At high level below are the brief differences
a) 10g Request Management has been replaced by SOA composite which has a customized schema accommodating BPEL and Human Task.
b) Reconciliation engine has been re-written in 11g to enhance the performance by introducing the cache mechanism.
c) OES libraries are used as an authorization engine unlike 10g had its own object vs view based authorization.
d) Plugin services platform is introduced in 11g to have easy customization in place which can be some what mapped to entity adapter functionality in 10g.
e) Groups in 10g are now called as Roles in 11g with some modifications which makes it like ldap roles.
Some more differences related with notifications, schedulers and etc can be discussed if time permits.
Q2: What is Form Version Control Utility (FVC) and why it is used?
Q3: What are the benefits of using MDS in OIM 11g ?
Q4: Suppose if a target system is integrated with OIM and the administrator of that particular application creates an account in it. How would you know this irregularity through OIM?
Q5: Suppose you don't have the connector cloning tool in OIM, then how would you clone a connector? Explain the step by step approach.
Q6: Why OIM uses Remote Manager (RM)?
Q7: What is a service account? Or Why a service account is required?
Q8: Will account attributes of a service account would change with the change of its owner corresponding user account? Explain your reasoning in either case?
Q9: What is the significance of USR_Triggers* lookup?
Q10: Differentiate the scenario when you would use ldap sync VS OID Connector?
Q11: Suppose if you have to write a custom connector for a Target Application exposing some java API. What all methods do u need to write a basic connector?
Q12: Differentiate b/w Request Model and Request Template.
Q13: What all different levels of approvals does OIM 11g approval engine carry? Also explain their differences.
Q14: What is SOD? how it has been implemented in OIM?
Q15: While migrating OIM 10g to 11g what all components can directly be migrated?
11 G Based: http://identityandaccessmanager.blogspot.com/2011/02/basic-interview-question-for-oim-10g.html
10g Questions: http://identityandaccessmanager.blogspot.com/2011/02/basic-interview-question-for-oim-10g.html
Idea here is to provide a collective spot so that we can prepare for interview and crack them in single shot :)
What are the benefits of Identity Management?
Centralized auditing and reporting – Know who did what and report on system usage.
Reduce IT operating costs – Immediate return on investment is realized by eliminating the use of paper forms, phone calls and wait time for new account generation and enabling user self service and password management.
Minimize Security Risk – Control access to the network and instantaneously update accounts in a complex enterprise environment including: layoffs, acquisitions, partner changes, temporary and contract workers.
Improved quality of IT services
Legal compliance – Many government mandates require secure control of access.
How does Identity Management (IDM) work?
The process involves creating user accounts that are able to be modified, disabled or deleted. Delegated workflows, rules and policies are applied to the users account.
A user profile will tell the company: who they are, what they are entitled to do, when they are allowed to perform specific functions, where they are allowed to perform functions from and why they have been granted permissions.
How are Identity Management Solutions Implemented?
Step One: Inventory and assess current investments and processes. Clean and consolidate identity data stores. Create virtual identities for enterprise users.
Step Two: Design and deploy identity infrastructure components. Create identity provisioning and deploy password management, user self-service, and regulatory compliance.
Step Three: Deliver applications and services. Access management deployed to a clean environment. Leverage federated identity for improving supply chain and employee efficiencies.
Explain the Architecture of Oracle identity Manager?
The Oracle Identity Manager architecture consists of three tiers
Tier 1: Client: The Oracle Identity Manager application GUI component reside in this tier. Users log in by using the Oracle Identity Manager client.The Oracle Identity Manager client interacts with the Oracle Identity Manager server, providing it with the user's login credentials.
Tier 2: Application Server: The second tier implements the business logic, which resides in the Java Data Objects that are managed by the supported J2EE application server (JBoss application server, BEA WebLogic, and IBM WebSphere). The Java Data Objects implement the business logic of the Oracle Identity Manager application, however, they are not exposed to any methods from the outside world. Therefore, to access the business functionality of Oracle Identity Manager, you can use the API layer within the J2EE infrastructure, which provides the lookup and communication mechanism.
Tier 3: Database: The third tier consists of the database. This is the layer that is responsible for managing the storage of data within Oracle Identity Manager.
How many Types of users are there in oracle identity manager?
Explain the Provisioning and Reconciliation process?
Explain the Auto provisioning Process?
What is Deprovisioning Explain auto deprovisioning process?
What is purpose of Reconciliation Manager?
You can look here for recon data once reconciliation is complete. You can determine whether event received and linked for not.
What is Application Server and Web server?
A Web server exclusively handles HTTP requests, whereas an application server serves business logic to application programs through any number of protocols.
Webserver mainly handles the Http requests but app server can be used to handle the http, rmi, TCP/IP and many more protocols. Webserver just handles the requests of the webpage – means suppose, a html page(presentation layer) requests a data - here script is written containing the business logic , then it just give the response with the required data from the database. Then the html page with script is used to show the retrieved information. In case of application server, it does the same thing, of getting and gives the response but it can process the requests. i.e. in this case, instead of script know how to fetch the data, the script is simply used to call the applications server's lookup service to retrieve and process the data. i.e here, application server is used for processing/applying logic. The web server can be considered as the subset of app server
The basic difference between a web server and an application server is
WebServer can execute only web applications i.e. servlets and JSPs and has only a single container known as Web container which is used to interpret/execute web applications
Application server can execute Enterprise application, i,e (servlets, jsps, and EJBs) it is having two containers
1. WebContainer (for interpreting/executing servlets and jsps)
2. EJB container (for executing EJBs). It can perform operations like load balancing , transaction demarcation etc
What is the purpose of rule designer?
Use this form to create rules that can be applied to password policy selection, automatic group membership, provisioning process selection, task assignment, and prepopulating adapters
General
Process Determination
Task Assignment
Pre-Populate
What is Adapter? What Adapters available in OIM?
An adapter is a Java class that is created by an Oracle Identity Manager user through the Adapter Factory.
Process Tasks adapters - automate completion of a process task and are attached to a Process Definition Form ( AD user, OID User, etc)
Entity Adapter - automatically populates a field on the OIM User form or custom User Form on pre-update, pre-delete, pre-insert, post-insert, post-update, or post-delete
Pre-Populate Adapter - specific type of rule generator attached to a user-created form field that can automatically generate data to the form but does not save that data to the OIM database but does send that information to appropriate directory user object. The data can come from manual entry on a form or from automated entry from the OIM defined forms.
Rule Generator - can populate fields automatically on an OIM form or a user-created form and save to the OIM database based on business rules
Task Assignment Adapter - automates the assignment of a process task to a user or group
Explain the Approval process?
What is suppress standard approval process?
Have u involved to develop a custom connector?
Have u involved to develop a custom adapter?
Explain the attestation process?
What is clustering in IDM?
Explain the process of user defined field(Custome Field) provisioning process?
Explain the deligate administration process(Design console&Admin console)?
How do refer Logs for OIM Server?
Explain the password Sync?
How to configer the connector?
What is on boarding, off boarding process?
Explain the archatecture of OVD,OID?
Can you Generate connector using GTC?
What is proxy,How to modify and remove proxy?
Can you explain how to export aconnector?
What is report?what is difference between operational reports and historical reports?
Operational Report:
User Entitlements
Resource Access List
Group Membership
Policy List
OIM Password Expiration
Approval Status by Approver
Historical Reports:
User Access History
Resource Access List History
User Profile History
User Membership History
Group Membership History
User Lifecycle
Users Deleted
Task Assignment History
How to Change the functionality of the Administrative console without modifying the Oracle Identity Manager code?
How to modify look and feel of Administrative console?
HOW to version Upgrade in OIM?
Difference between Object Form and Process Form?
Difference between Event Handler and Entity Adapter ?
Difference between Trusted and Target Reconciliation ?
What are the basic steps for Creating a Custom Report in OIM ?
All types of Adapters and their functions ?
Difference between Object Form and Process Form ?
What is Resource Object in OIM ?
Difference between IT Resource Type Definition & IT Resource ?
How to Reconcile Password through Trusted Reconciliation ?
How to Send Password in an Email at User Creation into OIM ?
Basic Steps for UI Customization say "Help Desk Functionality"
11 G Based :
What is the difference between Request Dataset and Request Template ?
How do you send data from Request Dataset/Object Form to Process Form ?
What is the benefit for UploadJar Utility in Oracle Identity Manager 11g ?
Basic difference between Oracle Identity Manager 10g and OIM 11g ?
What is the function of OVD (Oracle Virtual Directory) in OIM 11g ?
Steps to create Two Level Serial/Parallal Approval Process in BPEL ?
How to modify data of a request dataset associated with a Request ID ?
Steps to create Event Handlers in OIM 11g and how it is different from OIM 10g Event handlers ?
Which class do we implement to create Schedule Task in OIM 11g and which methods are required to override ?
How to allow a group of users to track each request in Oracle Identity Manager 11g ?
What are "Approval Policies" and "Access Policies" ?
What is OPATCH ?
What are the advantages of having Stored procedure based Reconciliation?
Below Questions Courtsey Zubair Khan :
What is the difference between OIM 11g and 10g from the high level architecture perspective?
Ans1: At high level below are the brief differences
a) 10g Request Management has been replaced by SOA composite which has a customized schema accommodating BPEL and Human Task.
b) Reconciliation engine has been re-written in 11g to enhance the performance by introducing the cache mechanism.
c) OES libraries are used as an authorization engine unlike 10g had its own object vs view based authorization.
d) Plugin services platform is introduced in 11g to have easy customization in place which can be some what mapped to entity adapter functionality in 10g.
e) Groups in 10g are now called as Roles in 11g with some modifications which makes it like ldap roles.
Some more differences related with notifications, schedulers and etc can be discussed if time permits.
Q2: What is Form Version Control Utility (FVC) and why it is used?
Q3: What are the benefits of using MDS in OIM 11g ?
Q4: Suppose if a target system is integrated with OIM and the administrator of that particular application creates an account in it. How would you know this irregularity through OIM?
Q5: Suppose you don't have the connector cloning tool in OIM, then how would you clone a connector? Explain the step by step approach.
Q6: Why OIM uses Remote Manager (RM)?
Q7: What is a service account? Or Why a service account is required?
Q8: Will account attributes of a service account would change with the change of its owner corresponding user account? Explain your reasoning in either case?
Q9: What is the significance of USR_Triggers* lookup?
Q10: Differentiate the scenario when you would use ldap sync VS OID Connector?
Q11: Suppose if you have to write a custom connector for a Target Application exposing some java API. What all methods do u need to write a basic connector?
Q12: Differentiate b/w Request Model and Request Template.
Q13: What all different levels of approvals does OIM 11g approval engine carry? Also explain their differences.
Q14: What is SOD? how it has been implemented in OIM?
Q15: While migrating OIM 10g to 11g what all components can directly be migrated?
Great Questions
ReplyDeleteThanks you so much :)
ReplyDeletei need answers for all the questions...
ReplyDelete