Creating User with identical attributes

Similar Messages

• Failed to sync user with identity native://nvid=9236b494f1ddf8ca:-7297b89f:

  Hi,
  I have created a native user in hyperion share services 11.1..2.1 and provisioned him as a planner for one planning application.The issue is getting errors when i am giving access to dimension members in planning application.
  Below are the errors:
  1)failed adding users and groups
  2)Failed to sync user with identity native://nvid=9236b494f1ddf8ca:-7297b89f:132610f37e3:-7e0f?USER with user provisioning. Check Planning log for details
  Regards,
  Ra

  Hi,
  I have seen this though maybe not in the same context, I will describe what I saw..
  Migrated planning database, updated sid for native users...
  1 native was fine logging into the planning app, the other user got "Failed to sync with user provisioning. Check Planning log for details"
  The sid was correct so it wasn't a problem on the planning side, what I did notice was in the EAS console the user did not exist, usually when you first log into planning it will check if the users exists in essbase, if they don't then it adds the user as a planning user to essbase.
  What I did was add the user in HSS as having essbase server access, then refreshed security in EAS, the user now appeared in EAS as an essbase user.
  Then tried to log into planning and suddenly the user could connect with no problems.
  So then I removed the essbase server access for the user in HSS and refreshed security in EAS, the user was gone, tried to log into planning and logged in with no problems.. Migrated identities in Planning.... Back in EAS the user was now in there as a Planning user...
  I don't know if this the same problem but you could try playing around with the essbase security and see what happens.
  Cheers
  John

• Not able to create users in identity system -OAM

  Hi all,
  I am new to OAM and trying to create users from identity system -OAM.
  I have logged in as 'orcladmin', who is my 'Master Administrator' and 'Master identity Administrator'.
  To create the user, I click on 'User Manager' tab and then 'Create user identity' tab but I get a message saying
  "*You do not have sufficient access rights*."
  Same message comes up when I try to create groups also.
  Please guide me on how I can give these rights to 'orcladmin'.
  It will be helpfull if you can specify some links where I can learn the basic consepts of OAM(identity system and access system).
  Thanks in advance
  Roopa

  Hi,
  Before you attempt to create a user, you would need to create a workflow in OAM Identity System.
  Below is the link which will get you started -
  http://download.oracle.com/docs/cd/E15217_01/doc.1014/e12489/workflow.htm#BABEFGAA
  -- Pramod Aravind

• Problem in creating users with password restrictions

  I have enabled the following option in the Authentication>Enterprise tab of CMC.
  Must contain at least N Characters and specified N as 7
  Enforce mixed-case passwords
  However I am able to create user with password as abcd.
  Please suggest.
  Thanks in Advance

  I might be missing something but the rule applies to users changing their pw not administrators creating accounts. If the administrator sets this rule it would be thought/assumed that they would enforce their own rule when creating accounts. The users however should not be able to select 4 character passwords.
  I'll run some tests and see if I find out anything different.
  Tested this on XIR2 SP4 and XI 3.0 The rules apply to the user not the administrator creating the account.
  So create an account while the 7 character pw is enabled. By default the user logs in with the pw (any amount of characters) and is prompted to change their pw. They cannot choose anything less than 7 characters. So unless an administrator creates an account with a password less than 7 characters AND deselects the option to force a pw change. All new users will be forced to select a 7 character password.
  This is by design. If it forced the administrator to create accounts without a 7 character pw they could simply deselect the options(as administrators) so there is no security in forcing this.
  Regards,
  Tim
  Edited by: Tim Ziemba on Aug 13, 2008 5:28 PM
  Edited by: Tim Ziemba on Aug 13, 2008 5:33 PM

• Create user with select privilege only one schema

  can someone tell me how i can create user with select priviliges only one schema.
  i don't want the user to have any select privileges with other schema.
  can someone advise me.
  Thansk

  In general, you would do something like
  CREATE ROLE abc_read_only;
  FOR x IN (SELECT * FROM dba_tables WHERE owner='ABC')
  LOOP
    EXECUTE IMMEDIATE 'GRANT SELECT ON abc.' || x.table_name || ' TO abc_read_only';
  END LOOP;
  CREATE USER your_user ...;
  GRANT abc_read_only TO your_userYou create a role, grant the role SELECT access to all the tables in the ABC schema (you can extend this to grant access to views, functions, etc depending on the requirements), and then grant that role to your user.
  Justin

• Creating user with extension mobility on prime provisioning 10.5

  Hi All,
  Does anyone know any document or have any expirenece on creating user with extension mobility on prime provisioning 10.5?
  I'm facing challenges on it, appreciate if you have any document or experience to share with me.
  Thanks,
  Cherry

  What sort of issues are you facing?
  I'm also having problems, but I think it is system related.
  CUCM is LDAP synced.
  When PCP tries to provision Extension Mobility Access, it actually seems to be trying to update the user on CUCM (via AXL) (this fails as it is an LDAP user and the values come from LDAP and cannot be updated)
  I've got a tac case open.
  Bug details are currently hidden - CSCuo11522 - but this one is extension mobility provisioning issue
  There was also mention of another bug related to failures to provision users with directory URI's in their LDAP record. I didn't catch a bug ID for this one though.
  Cheers,
  Tim

• Can't create user with Delegated Administrator Console! Thank you!

  I have installed JES2005Q4 (include Deirectory Server、Access Manager、Web Server、Messaging Server、Calendar Server、Instant Messaging、Communications Express and Delegated Administrator) ,
  i can create domain and user with "commadmin" command, but can't create user with Delegated Administrator console.
  When i checked the logs of the Web Server, found some errors:
  [04/Feb/2006:11:55:25] failure (12015): for host 192.168.182.130 trying to POST /da/wizard/WizardWindow, service-j2ee reports: ApplicationDispatcher[da] WEB2649: Servlet.service() for servlet jsp threw exception
  javax.servlet.ServletException
       at org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:536)
       at jsps.com_sun_web_ui._jsp._wizard._WizardWindow_jsp._jspService(_WizardWindow_jsp.java:559)
       at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:107)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
       at com.iplanet.ias.web.jsp.JspServlet$JspServletWrapper.service(JspServlet.java:687)
       at com.iplanet.ias.web.jsp.JspServlet.serviceJspFile(JspServlet.java:459)
       at com.iplanet.ias.web.jsp.JspServlet.service(JspServlet.java:375)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
       at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:772)
       at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:471)
       at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:382)
       at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:340)
       at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
       at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
       at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
       at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
       at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
       at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
       at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
       at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
       at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
       at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
       at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
       at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:280)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
       at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
       at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
  ----- Root Cause -----
  javax.servlet.jsp.JspException
       at com.sun.web.ui.taglib.wizard.CCWizardTag.getWizardPageHTML(CCWizardTag.java:1577)
       at com.sun.web.ui.taglib.wizard.CCWizardTag.appendPageletBodyContentHTML(CCWizardTag.java:668)
       at com.sun.web.ui.taglib.wizard.CCWizardTag.appendWizardBodyHTML(CCW
  [04/Feb/2006:11:55:25] failure (12015): for host 192.168.182.130 trying to POST /da/wizard/WizardWindow, service-j2ee reports: WEB2798: [da] ServletContext.log(): [ERROR] Uncaught application exception
  com.iplanet.jato.NavigationException: Exception encountered during forward
  Root cause = [javax.servlet.jsp.JspException]
       at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:380)
       at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
       at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
       at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
       at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
       at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
       at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
       at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
       at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
       at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
       at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
       at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
       at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:280)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
       at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
       at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
  Root cause:
  javax.servlet.jsp.JspException
       at com.sun.web.ui.taglib.wizard.CCWizardTag.getWizardPageHTML(CCWizardTag.java:1577)
       at com.sun.web.ui.taglib.wizard.CCWizardTag.appendPageletBodyContentHTML(CCWizardTag.java:668)
       at com.sun.web.ui.taglib.wizard.CCWizardTag.appendWizardBodyHTML(CCWizardTag.java:658)
       at com.sun.web.ui.taglib.wizard.CCWizardTag.getHTMLStringInternal(CCWizardTag.java:469)
       at com.sun.web.ui.taglib.common.CCTagBase.doEndTag(CCTagBase.java:114)
       at jsps.com_sun_web_ui._jsp._wizard._WizardWindow_jsp._jspService(_WizardWindow_jsp.java:260)
       at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:107)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
       at com.iplanet.ias.web.jsp.JspServlet$JspServletWrapper.service(JspServlet.java:687)
       at com.iplanet.ias.web.jsp.JspServlet.serviceJspFile(JspServlet.java:459)
       at com.iplanet.ias.web.jsp.JspServlet.service(JspServlet.java:375)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
       at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:772)
       at org.apache.catalina.co
  [04/Feb/2006:11:55:26] failure (12015): for host 192.168.182.130 trying to POST /da/wizard/WizardWindow, service-j2ee reports: StandardWrapperValve[WizardWinServlet]: WEB2792: Servlet.service() for servlet WizardWinServlet threw exception
  javax.servlet.ServletException: Uncaught exception
       at com.iplanet.jato.ApplicationServletBase.onUncaughtException(ApplicationServletBase.java:1415)
       at com.sun.comm.da.WizardWinServlet.onUncaughtException(WizardWinServlet.java:98)
       at com.iplanet.jato.ApplicationServletBase.fireUncaughtException(ApplicationServletBase.java:1164)
       at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:639)
       at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
       at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
       at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:280)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:209)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:509)
       at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:161)
       at com.iplanet.ias.web.WebContainer.service(WebContainer.java:580)
  ----- Root Cause -----
  com.iplanet.jato.NavigationException: Exception encountered during forward
  Root cause = [javax.servlet.jsp.JspException]
       at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:380)
       at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
       at com.sun.web.ui.view.wizard.CCWizard.handleNextButtonRequest(CCWizard.java:730)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at com.iplanet.jato.view.command.DefaultRequestHandlingCommand.execute(DefaultRequestHandlingCommand.java:183)
       at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
       at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
       at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
       at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:760)
       at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandler(ViewBeanBase.java:571)
       at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:957)
       at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
       at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:807)
       at com.sun.comm.da.WizardWinServlet.service(WizardWinServlet.java:111)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:908)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
       at com.sun.comm.da.LoginFilter.doFilter(LoginFilter.java:128)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain

  Now i want to update the Delegated Administrator with the 119778-09.jar patch, but the error show:
  Unable to open keystore </var/sadm/security/patchadd/trustore> for reading.
  Signature invalid on signed patch <119778-09>.

• Creating users with supplier, buyer, job code info.

  I am writing a java app to create users in oracle apps.I am using apps api package fnd_user_pkg to create users,update users,add responsibilities.
  I need to add some extra attributes e.g. supplier, buyer, planner, job code info while creating a user.Is there any api package like fnd_user_pkg which can be used to update tables with above info? or should i update the tables directly?

  Thanks for the reply.  I was actually hoping the I-Chain/EDirectory variables would be available as CGI variables.  Here are some of the CGI variables I tried to retrieve from the header.  As you can see, only two contained values.  There must be some other way to obtain these.  I'd played around with CFLDAP, CFHTTP, etc.  No such luck.  But as mentioned, the IS dept says the values I'm looking for (UserID, Name, Location, etc.) are all being sent in every header (every response from the server).  Am just not sure which CF tags/tools to use to capture them.  Maybe it requires some special script.  I tried a few of those found in the CF7 on-line help, but no luck in getting the scripts to run.  If any other thoughts or suggestions, they would be much appreciated.  Thanks again, Gary1.
  <CFSET ValidSource1 = CGI.QUERY_STRING>
  <CFSET ValidSource2 = CGI.HTTP_REFERER>
  <CFSET ValidSource3 = CGI.REMOTE_USER>
  <CFSET ValidSource4 = CGI.REMOTE_ADDR>
  <CFSET ValidSource5 = CGI.AUTH_USER>
  <CFSET ValidSource6 = CGI.REMOTE_USER>
  <CFSET ValidSource7 = CGI.SERVER_NAME>
  ValidSource1 =
  ValidSource2 =
  ValidSource3 =
  ValidSource4 = 57.14.131.12
  ValidSource5 =
  ValidSource6 =
  ValidSource7 = aometrics.xxx.com

• How to create users with i18n characters in SunONE directory server?

  Was trying to create users and groups with i18n characters in SunONE directory server
  1. Started LDAP console using -l option
  2. Chaged the Locale to Japanese
  3. Entered few japanese character as username (meaning internationalization user name)
  4. However, I could not able to type the password using the "soft keyboard" that comes with Japanese Locale
  5. to overcome with #4, for now, I typed english chars as the password
  6. Click OK to save the above username/pwd
  7. It says "netscape.ldap.LDAPException: error result (19); value of attribute "uid" contains extended (8-bit) characters"
  Has anyone ever created i18n user names in SunONE Directory Provider? Please help...

  Hi LostLad,
  Soryy for my ignorance...Could you please be elaborate on how to remove "uid attribute from 7-bit ASCII plugin?
  Thanks in advance..

• Creating user with -S mail also gives him cal

  Hi,
  Using J ES 2005Q4 unpatched.
  Creating a user with commadmin and flags -S mail also gives him access to the Calendar Tab in UWC !
  1. Is their a default for commadmin command that enables -S cal even when it is not on the command line ?
  2. How to modify a user to remove his calendar capability with commadmin or modifying directly ldap or DA or ?
  Thanks
  Fran�ois

  Hello,
  Actually looking at the bug in more detail, can I confirm that UWC doesn't actually log the user into the calendar server. In other words, clicking on the Calendar tab in Comms Express fails for a user that has never been provisioned with the calendar service?
  If this is the case and they can never access the calendar via UWC, then the calendar server should not have auto provisioned that calendar. FYI: Auto provisioning is enable by default in ics.conf:
  local.autoprovision = "yes"
  If enable, when a user logs into the calendar server for the first time, a calendar will be created in the calendar servers database and they will also be added the calendar associated attributes in LDAP. You may wantt to disable autoprovisioning if you want to strictly control who can access the calendar server.
  To correct the UWC problem. You should:
  1. First apply patch 118540-24 or above.
  2. Any users that can still see the calendar tab after applying the patch have probably been autoprovisioned and you will need to remove the calendar and calendar ldap attributes from such users.
  Hope this makes sense, please let me know if you have any further questions.

• Performer Search & Users with Identical Names

  Is there a way to distinguish between service performers with identical first and last names?
  We have a few cases where people have identical first and last names.  When searching for performers in ServiceManager, we can not distinguish between these users.
  We are using LDAP/Active Directory to populate users in RequestCenter and PeopleSoft populates Active Directory.  Since PeopleSoft and AD are used as the "definitive" source for user information, we use a person's legal first and last name for the attributes.
  Can anyone suggest a workaround to distinguish between two different users with the same name?
  Thank you - Brian
  Version 2008.3 SP5 - SQL DB

  That is correct, but that identifier isn't visible in Service Manager.  You just see something like this:
  John Jones
  John Smith
  John Smith
  John Smith
  John Tucker
  And if you need to assign a task to one of them, for example, there is no way to tell one John Smith from another.

• EBS 11.5.1 - Problem creating user with NO APPS user

  Hi everybody.
  I am working on an EBS enviroment on demand that we are trying to set up for a Colombian customer. We are trying to set up the connector between Oracle IDentity Manager and EBS and it is not working.
  After some test cases we figured out that the main issues are related with the privileges that has the user that is going to interact with the EBS DB Procedures. In fact, we are trying to call this procedure:
  declare
  user1 varchar2(50);
  owner varchar2(50);
  begin
  user1 := 'USERNAME';
  owner := '-23432';
  fnd_user_pkg.CreateUser(user1,owner);
  end;
  IF WE RUN THIS SENTENCE OVER APPS USER (THE EBS ADMIN USER) IT WORKS. HOWEVER when we try to use the OIM user it throws the following error:
  Unable to create user USERNAME due to the following reason(s):
  Oracle error -1031: ORA-01031: insufficient privileges has been detected in FND_WEB_SEC.VALIDATE_PASSWORD..
  ORA-06512: at "APPS.APP_EXCEPTION", line 72
  ORA-06512: at "APPS.FND_USER_PKG", line 869
  ORA-06512: at "APPS.FND_USER_PKG", line 915
  ORA-06512: at "APPS.FND_USER_PKG", line 1034
  ORA-06512: at line 1
  We already checked the FND_WEB_SEC Package (that has the VALIDATE_PASSWORD function) and it looks like the problem is when it calls the function VALIDATE_PASSWORD_JAVA wich tries to validate the password with a Java task. It looks like the OIM user doesn't have privileges to access this remote java function.
  Anyone knows wich is the real problem and how can i solve it??
  Many thanks for the help

  Hi everybody.
  I am working on an EBS enviroment on demand that we are trying to set up for a Colombian customer. We are trying to set up the connector between Oracle IDentity Manager and EBS and it is not working.
  After some test cases we figured out that the main issues are related with the privileges that has the user that is going to interact with the EBS DB Procedures. In fact, we are trying to call this procedure:
  declare
  user1 varchar2(50);
  owner varchar2(50);
  begin
  user1 := 'USERNAME';
  owner := '-23432';
  fnd_user_pkg.CreateUser(user1,owner);
  end;
  IF WE RUN THIS SENTENCE OVER APPS USER (THE EBS ADMIN USER) IT WORKS. HOWEVER when we try to use the OIM user it throws the following error:
  Unable to create user USERNAME due to the following reason(s):
  Oracle error -1031: ORA-01031: insufficient privileges has been detected in FND_WEB_SEC.VALIDATE_PASSWORD..
  ORA-06512: at "APPS.APP_EXCEPTION", line 72
  ORA-06512: at "APPS.FND_USER_PKG", line 869
  ORA-06512: at "APPS.FND_USER_PKG", line 915
  ORA-06512: at "APPS.FND_USER_PKG", line 1034
  ORA-06512: at line 1
  We already checked the FND_WEB_SEC Package (that has the VALIDATE_PASSWORD function) and it looks like the problem is when it calls the function VALIDATE_PASSWORD_JAVA wich tries to validate the password with a Java task. It looks like the OIM user doesn't have privileges to access this remote java function.
  Anyone knows wich is the real problem and how can i solve it??
  Many thanks for the help

• ACS 5.5 External User with Internal Attribute

  Hi Guys,
  i'm wondering, if i using LDAP for external authentication, can i use the internal identity attribute?
  for example :
  i create an user X , his password type is LDAP, but the identity group is "Group 1"
  can i define rules
  Idenitty Group in "Group 1" permit access ?
  or i need to do group mapping first?
  Thanks,
  Regards,

  It is possible to define an internal user whose password is taken from an external store.
  In internal user definition select "Password Type" to be the LDAP database and then define the rest of the user definition, including identity groups, as desired

• Create user with special character

  Hi,
  We are getting the error while creating a user with special character in a filed. The same user is getting created in development environment but not able to create the same in Production environment.
  We tried to check if any configurations are different but couldn't find any clue. Please help in this regards.
  +Exception caught while insertng or updating the user.java.lang.RuntimeException: javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 19 - Value of attribute "uid" contains extended (8-bit) characters: americas-Isosystem_ Serviço]; remaining name 'uid=americas-Isosystem_ Serviço, ou=People'+*
  Regards,
  Abhinav

  No there are no restrictions from LDAP,
  also I am able to give 32 character password in Coreid Console,
  it seems that the web services have a restriction on password length.
  Moreover, these web services used to accept 32 characyer passwords few months ago. we lately recognized this issue happening recent times.
  I suspect some Oracle hotfix or patch would have made the difference.
  But I am clue less how to trace it,
  Any help would be appreciated

• Create user with DBA privileges with a restriction to access user data

  Hi
  I need to create a user with all DBA privileges with a restriction to access all user schemas
  Thanks,
  Balaji

  Use Database Vault - http://download.oracle.com/docs/cd/E11882_01/server.112/e16544/toc.htm
  HTH
  Srini