change owner for a RACF connect groups

Hi All,

I have a RACF Connect group which is owned by a particular owner. Due to our business requirement we have made it to read only in web designer. But now there's a user who wants to transfer his RACF group ownership to other user. As we made it read only in front end user is not able to perform the operation. So, I was asked to change it from the Manager tool if there is a possibility. I can the see the group mentioned in our LDAP Groups, but there is no option to change the owner for that group.

Could any one suggest me who to change the owner of a RACF connect groups through manager?

Thanks in Advance!.

Regards,

T.Sudhir

  • Is the owner attribute exposed on the group object definition in the sync editor for the racf LDAP connector? That's the first question that I would ask.

  • Hi Paul,

    Thanks for responding.!

    Actually I am novie user of one identity.

    I don't see the owner information being shown in the Group overview and master data upon clicking on the group in Manager.

    I am not sure how to upload screenshots, the only options available for inserting an image are using a web usl and community base.  

    Providing some more clarity on my ask:

    I have records in "[dbo].[CCCServiceOwnerData]" table in sql. And, the owner id is being store in  the column "CCC_Owner" of the table.

    So, where can I see this table information in Manager and how can I change the owner information from there , being an admin and having all the rights to do it.

    For example, I can see the "[dbo].[LDAPGroup]" table information under LDAP -> Groups in the Manager tool and am able to edit the required group. In the similar fashion is there any way for "[dbo].[CCCServiceOwnerData]"?

    Regards,

    T.Sudhir

  • Sounds to me like there are already customisations in your database, usually anything starting with CCC is a customisation. I would find out who made those customisations and speak to them. You can define custom tasks (links) in the Manager Tasks menu list that can use generic dialog forms to launch a process for example to achieve what you want but it takes some knowledge of the product. If you look in the Sync Editor at the LDAPGroup object you can see the attributes exposed by default.

  • In Manager tool, if you do not see the owner of that racf group, it likely tells that the owner data of racf groups is not populated to OIM table via RACF connector from RACF. The table "CCC_ServiceOwnerData" table found in OIM database on SQL Server might not be used to store RACF group ownership information (it could be other purposes). You may check LDAPGroup table if RACF group owner information is stored in a custom column or somewhere in the table. if not you then have to do the customizations to load data from RACF and populate data etc.. HTH.