FIM 2010 R2 SP1 Password Sync to Oracle 11


  • I understand FIM can connect to an Oracle database and update a specific table with username and passwords in an application.  I'm trying to find out if FIM 2010 R2 SP1 can actually update the internal Oracle tables that users authenticate against.  Currently our Oracle DB uses internal security for a specific reason and business concerns will not allow us to authenticate externally using Kerberos or RADIUS.  So basically, I want to know if I can use the Password Change Notification Service on my Domain Controllers that will update FIM and then have FIM connect to the Oracle database and execute the following statement "alter user my_username identified by my_password;" with the username and password information in FIM.  That way Oracle can hash the password and update its internal tables (like sys.user$). 

    Thanks in advance for your assist.


    P.S.  We currently use SIM (Sun Identity Manager) to do this exact thing except the product will no longer be supported as of 2014.


    Wednesday, July 03, 2013 6:40 PM


All replies

  • Not out of the box, but it would certainly be feasible to write an extensible management agent to do this, or, take a look at Oxford's offerings (Management Agents from Partners).

    Steve Kradel, Zetetic LLC

    • Marked as answer by PJudt Monday, July 08, 2013 10:38 PM
    Wednesday, July 03, 2013 8:58 PM
  • Thanks Steve!  I reached out to Oxford and they considered it to be a week long engagement.  It's unfortunate that this is not a simple implementation.  It appears that Dell (Quest) and a couple other players can do this out-of-the-box.  I'd rather not go down the road of an outside vendor for support, so I'm going to look at other IDM solutions.  I'd rather use Microsoft, but not at a dual support solution.  Once again, I appreciate the assist.


    Monday, July 08, 2013 10:38 PM