Fanwei OA E9 System as an Identity Source

Overview

IDaaS supports enterprises to import user and organizational information into the IDaaS platform through various identity source channels. This article explains how to configure the Fanwei OA-E9 identity source in the IDaaS platform to achieve synchronization of organizational and user data.

Prerequisites

• Possess enterprise administrator permissions for the Fanwei OA_E9 platform.
• Possess administrator permissions for the IDaaS Enterprise Center platform.
• Fanwei (Token) integration requires that the IDaaS environment can access the Fanwei address for obtaining Tokens. The network must be connected before integration.
• Fanwei OA version must be E9 9.00.201114kb or higher.

Configuration Process

Steps

Obtain Parameters from the Fanwei OA_E9 Platform

1. Log in to the Fanwei OA_E9 platform, and modify the accessed OA address by changing the CN suffix to /hrm/websevice/hrm_webservice_config.jsp.

2. Set the authentication method to "TOKEN+MD5", then obtain the token.

   

Configure the Fanwei OA_E9 Identity Source in IDaaS

1. Log in to the IDaaS Enterprise Center platform, select "Users > Identity Source Management" from the top navigation bar, click "Add Identity Source", and choose the "Fanwei OA_E9" identity source.

   

2. Customize the identity source name, fill in parameters such as the interface authentication token and call address as prompted on the interface. Click "Confirm" to save after setup.

3. Enter the details page of the newly added identity source to view and update the "Basic Configuration" of the Fanwei OA_E9 identity source, including connection parameters and synchronization mechanisms.

   

4. Switch to the "Advanced Configuration" tab. It is recommended to keep the defaults or fill in according to actual needs.

   

   Parameter	Description
   Select Root Organization	Select an organizational node in IDaaS to serve as the root node for the synchronized Fanwei OA_e9 organizations.
   Organization Matching Policy	By default, the organization code in IDaaS is associated with the division or department number in Fanwei OA_e9.
   Create Organization	Default is Yes
   Update Organization	Default is Yes
   Delete Organization	Default is to retain the organization (i.e., if an organization is deleted in Fanwei OA, it is retained in IDaaS). Also supports disabling or deleting organizations.
   User Matching Policy	By default, the user's mobile phone number and username in IDaaS are associated with the user number and phone in Fanwei OA.
   Create User	Default is Yes
   Update User	Default is Yes
   Delete User	Default is to disable the user (i.e., if a user is deleted in Fanwei OA, the user is disabled in IDaaS). Also supports retaining or deleting users.
   Security Threshold Adjustment	Set the maximum threshold ratio for changes in the upstream identity source when users/organizations are deleted or organizational hierarchy changes occur. Threshold = (Difference between platform recycled data and this recycling / Recycled data) * 100%. When the disabled/deleted data from the upstream identity source application exceeds the set threshold, the platform will not perform disable/delete operations upon receiving the instruction.

5. After configuration, switch to the "Object Model" tab and select "Mapping Definition". Configure the mapping relationship between the attributes of organizations and users in Fanwei OA_e9 and the attributes of organizations and users in IDaaS according to the actual project requirements.

   The object model supports mapping and matching the attributes of users and organizations from the Fanwei OA_e9 identity source with the attributes of users and organizations in IDaaS. After setup, this enables the retrieval of user and organization attributes from Fanwei OA_e9 to the corresponding user and organization attributes in IDaaS.

• Execution Method: Sets under which circumstances the attribute needs to be mapped.
  • No Mapping: This attribute will not be synchronized to IDaaS.
  • Create: This attribute is only synchronized during creation.
  • Update: This attribute is only synchronized during updates.
  • Create and Update: This attribute is synchronized during both creation and updates.
• Conversion Method: Sets the method for attribute mapping.
  • Automatic Conversion: Synchronizes the value exactly as it is in the identity source.
  • Script Conversion: Use this method to transform values from the identity source if they do not meet the required format. Please refer to Script Mapping Methods.

6. After configuration, click "Execute Sync" to immediately perform the synchronization operation.

   If the synchronization mechanism in the basic configuration is set to scheduled sync, manual execution of the sync task is not required here.

7. After execution is complete, switch to the "Sync Events" page to view all synchronization tasks for this identity source. Click "Details" under the "Operation" column of a sync task to view the import results, or go to the "Users > Users and Organizations" page to view the imported data.