AutoProvisioning in AE 5.2

Hi,
We are implementing Access Enforcer and everything is fine except autoprovisionning.
Initiator, Stages and Path are ok. Clicking on the approve button make the following error appear:
Error in Provisioning your request, Request no: 12 error details :
E25-TEST3-USER CREATE- Invalid Central system.
We probably miss something to configure. I was looking for a "how to" but did not find anything.
Thank you in advance for your help,
Julien

If I configure CUA in AE does the AE Connector name for a Child system under CUA have to be the same as the child system name indicated in the CUA?
If I make the AE Connector name the same as the Child System name in CUA, I am unable to perform Risk analysis by connecting to CC (error= Invalid System) as the Connector in the CC has the SID and not the Child System name.
Also is there a Job that will help synch up the Child System (User-Role assignment details) to the CUA; I am able to provision directly into the Child system without the CUA by using the Connector name as the SID but will have to reconcile the access in CUA.
Any information is greatly appreciated.
-Thanks

Similar Messages

  • How to do autoprovisioning to a custom connector based on jobcodes?

    Hi,
    I have developed a custom connector which has 50 job codes. Based on the job codes we need to do autoprovisioning. How this is possible? do we need to create rule for each job? Thanks in advance

    It means, when your provisioning happens, you have the "Create User" task. This is actually just a non-conditional task which runs after the process form saves. You can trigger a new task on the response code for a completed user which then performs logic associated with your job code and do any other additional provisioning.
    For your logic, you can store information like "Job Code ABC=Target Role XYZ" and place these into a lookup and reference them.
    -Kevin

  • IDM autoprovisioning does not execute searchRequest befor addRequest

    In the CUP interface, under Configuration->Workflow->Auto Provisioning->By System, one configures the autoprovisioning for the IDM system.
    There is an option labeled "Create If User Does Not Exist". When this option is set to "Yes" and I approve a user account modification request, GRC does not send the searchRequest, it simply sends an addRequest for the already-existing user (which fails in eDirectory, since the user does exist).
    When the option is set to "No" GRC does send the searchRequest (malformed). 
    Perhaps the UI wording is incorrect, or perhaps I misunderstand what this option is supposed to control, but it seems to me that the boolean sense of the option is reversed. I would expect "Yes" to cause the searchRequest to be sent. (It doesn't seem to be a problem in translation...auf Deutsch: "Anlegen, falls Benutzer nich vorliegt"
    Is there somebody who can explain that to me?
    - Holger

    Harleen,
    'search_criteria' is the right track. We meanwhile figured out, that we missed the SEARCH:_CRITERIA in the IDM connector definition. After adding it, the soap request does look much better.
    We used the 'GRC-AC-IDM Web Service.pdf' document for the configuration. But this document does miss some parameters, as they are described in https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/b0da2dba-0480-2b10-a7ae-f055ab6e9355.
    Some of the parameters described their are specific to NetWeaver IDM integration, but some aren't described very well.
    Do you have a better source for the parameter description?
    Thanks
    Holger

  • CUP 5.3 Autoprovisioning from Custom Field

    Experts,
    I have a situation where we are connecting LDAP for authentication but the LDAP system does not contain User ID. Therefore, the access request will need to be accepted by Security prior to auto-provisioning to ensure naming convention standards are followed.
    Since the User ID field becomes unmodifiable once the request is submitted, is there an option to autoprovision off a custom field since these are modifiable after a request is submitted?
    Thanks so much,
    Grace Rae

    If you do not have HR then you may not consider automatic HR triggers for role provisioning as part of your scope.
    However, I would pay attention to the validity dates which you assign to the roles as these will be transferred to the backend system.
    I understand that statement to say that it is possible to have a delimit period that can be used to allow for roles to be automatically delimited.

  • Exchange in WAITING mode during autoprovisioning

    I've read Re: exchange and ad autoprovisioning
    Applied the BP01 patch for OIM, we are at 9.1.0.2 BP05 and exchange is still in waiting mode when auto provisioned.
    Any other updates I need to apply?

    im having this same problem now.. did you ever end up resolving yours?

  • OIM - Autoprovisioning (Access policy/User grp)

    Hi Guys
    I have configured auto provisioning in OIM via access policies and user groups.
    Is there some way that when I remove a user from a group, he should not get deprovisioned from the corresponding resources.
    I know this looks wierd but I have this requirement. Please let me know how this can be implemented. Final object is to achieve auto-provisioning but disable auto-deprovisioning.
    Thanks

    There is a setting in the AP that makes the AP not revoke the resource when the AP no longer applies. It is called "Revoke If No Longer Applies"
    http://download.oracle.com/docs/cd/E10391_01/doc.910/e10360/accesspolicies.htm
    Best regards
    /Martin

  • CUP and autoprovisioning

    Hello!
    I have two questions:
    1)
    If user created request in CUP with a number of roles, and after this I delete requested roles. Will theese roles be assigned during auto-provisioning at the end of request? Other words, will theese roles be assigned in my back-end system?
    2)
    How could I restrict CUP radio button to restrict synchronization mechanism? I mean options - All Roles/Groups, All Roles except SAP Predefined Roles, Selected Roles, From File. I would like to leave only "Selected Roles" point.
    Regards,
    Artem
    Edited by: Artem Ivashkin on Nov 8, 2010 3:41 PM

    Thank you for answers!
    Excuse me for unclear questions. Let me describe my issue. Users created request, later I was in clouds and selected wrong points for Import roles in CUP from ERM, but I've switched to another menu quickly. May be my actions brought me to wrong synchronizations of roles. When user request has been completed I saw that no roles were assigned.
    If you try to delete the roles from CUP database after the request creation, it won't allow you to delete the roles.
    Yes, I agree with this point. But what will happened if I delete system assignment from the role? For example: role has DEV150 system, after deletion (or deassign DEV150) role has no system.
    Has assignment to be made in this case?
    Regards,
    Artem Ivashkin

  • How to autoprovision user to AD

    My requirement is i want to provision a user to specific AD group based on organization.
    Ex. if organization=abc then provision user to "cn=ADgroup ou=testOU"
    if organization=xyz then don't do anything

    Craete a grouop GROUP A.
    Create a rule *(General)* in the Rule Designer in Design Console that if Org is equal to ADgroup.
    Go to Manager Group Tab in web console and search form Group A and select membership rule there.
    Select your rule which you have created.
    It will work
    http://download.oracle.com/docs/cd/E10391_01/doc.910/e10360/accesspolicies.htm
    Steps for Creating an Access policy :
    1. Acces policy name : XX
    Descrpn : XX
    Provison : If you dont want it to get approved by Manager or some one, jsut choose without approval.
    Click on Retrofit Access Polcy
    2.resources to be provisoned by access policy :Add the resource to which you want to provison
    In process form, if you dont want any value which will be same for all users, jsut leave it blank and go to next step
    3.resource to be denied by access policy.
    If you want to deny any resource, add it or just go to next step
    4. Group for Access Policy :
    If you have groups.add it or click " Group A"
    5.Click on update Access Policy ,You are done!!
    make sure you have adapters for all the fields you want to insert in process form
    If you have any questions,let me know
    Modify Accordingly

  • OneDrive OneDrive for business - URL autodiscover failing

    Using Office 2013 SP1 with the latest updates I'm struggling with the autoprovisioning of the OneDrive URL.
    When a user starts OneDrive for business the OneDrive application should automatically enter URL for the users OneDrive location, e.g.
    https://companycom-my.sharepoint.com/personal/username_company_com/Documents
    This doesn't happen for all users.
    Sometimes the issue is resolved by:
    - restarting the OneDrive application
    - rebooting the computer
    - logging into the OneDrive webportal and closing it
    - Configuring outlook with the exchange online credentials
    but for some users, the steps above don't help at all.
    Sometimes when the application starts you see a small Window "connecting to server, please wait" for a few seconds. After this happens the URL wil always be pre-populated
    I've done some digging into the registry and it looks like the data is stored in:
    HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\ServicesManagerCache\Identities\5f2d5867fc7fd025_OrgId\O365_SHAREPOINT_5f2d5867fc7fd025\ConnectionURL
    My question is twofold:
    Is there a way to force the "connecting to server, please wait" dialog so the data is pre-populated?
    Is there another way to force the registry key to be pre-populated before OneDriveis started?
    Any help is greatly appreciated.

    Hi,
    I'm marking the reply as answer as there has been no update for a couple of days.
    If you come back to find it doesn't work for you, please reply to us and unmark the answer.
    Regards,
    Melon Chen
    Forum Support
    Come back and mark the replies as answers if they help and unmark them if they provide no help.
    If you have any feedback on our support, please click
    here

  • Queries regarding Single Sign On

    Hi Experts,
    I am new to Single Sign On and have few doubts
    1)For OAM to implement single sign on across multiple applications , is it mandatory that the identity store of OAM and the application to be the same.Is it possible that the applications have their own identity store and OAM has its own and users in both the identity stores are in sync?This scenario comes into picture where for some applications the identity store is database
    2)If the first point is correct then for protecting OIM using OAM 11gR2 why do we need to enable ldap sync? can we have database as the user store for OIM and for OAM have a LDAP server for exmaple AD and then use AD connector to make sure that any users getting created in OIM is autoprovisioned to AD
    Request you to please clarify my below doubts

    Hi,
    1) No, It is not necessarily to be same identity store for OAM 11g and the applications that need to be protected. It can be different. This is the feature in OAM11g, where you can have multiple Identity stores mapped to your authentication modules.
    Yes, it is possible to have own identity store for the applications.
    Oracle provides inbuilt authentication modules only for LDAP, Kerberos and X.509. If you want OAM to authenticate against Database then you need write your own Database Authentication Module.
    Clients will always prefer Out of the box functionalities as there might not be support provided if any issues faced. If client want to built in their own mechanism then oracle will not support.
    That's why most of them goes for Ldap Sync which is inbuilt functionality.
    2) You can build your own Authentication module for OIM. Again it is time consuming process to decide on the Error Handling and the logic to build the module. It is better to go LDAP Sync.
    Hope this clarifies.

  • While updating user Details I am gettingsome error

    Hi ,
    While updating the user details from OIM server(OIM 9102 BP12) I am getting following error.Same is working properly on BP02.Can anybody help me to find out what is the root cause of this problem?
    - I am trying to ceare a user through PSFT test utility, and getting following error.Same error is coming when we are creating user from
    OIM server console.
    Running GETROGUEACCOUNTSAMACCOUNTNAME
    Target Class = com.thortech.xl.utilities.rogueAccountDetect
    $$$ Rogue Account Detect $$$
    The reconType query is: select obj_name from obj where obj_key=(select obj_key from rce where rce_key=38784)
    $$$ Recon Object is: Xellerate User
    $$$ wrong recon type for rogue account detect
    tcDeptCodeChanged Running
    Nr Name Value
    0) Lookup Name Department SiteCode Mapping
    1) From Field USR_UDF_DEPARTMENT_ID
    2) To Field USR_UDF_SITECODE
    3) Debug YES
    4) SMTP Server 10.53.12.18
    5) Email To [email protected]
    6) Email From [email protected]
    7) Trigger Field USR_UDF_SITECODE
    8) Disable Resource RACF,RACF IMS_TMCC (AutoProvision)
    9) ID Field UD_RACF_ID,UD_IMSB_ID
    10) Resource Object RACF IMS_TMCC (AutoProvision)
    11) RO Form UD_RACFUSRO
    12) Field 01 Name UD_RACFUSRO_CREATE_IND
    13) Field 01 Value RACF_CREATE
    14) Field 02 Name UD_RACFUSRO_USER_TYPE
    15) Field 02 Value IMS_TMCC
    16) Translate Email Def Department Code Lookup Error
    17) RBAC Job Codes List RBAC Job Codes
    18) RBAC Departments List RBAC Departments
    19) Job Code Field USR_UDF_JOB_CODE
    SMTP Server : 10.53.12.18
    Email To : [email protected]
    Email From : [email protected]
    Lookup Name : Department SiteCode Mapping
    From Field : USR_UDF_DEPARTMENT_ID
    Translate Email Def : Department Code Lookup Error
    To Field : USR_UDF_SITECODE
    t c D e p t C o d e C h a n g e d
    User: ()
    Old Department Code:
    New Department Code: 064010
    G E T U S E R R E S O U R C E
    This is a create
    More than one User Record Found, most likely a create
    Number of Users: 12843
    G E T L O O K U P D E F I N I T I O N S
    Lookup rows: 210
    Nr Name Value
    E V A L U A T E F I E L D D A T A
    *ACT:  :
    *OLD:  :
    *NEW: 064010 : 014
    OLD VALUE NOT FOUND IN LOOKUP!
    U P D A T E S I T E C O D E F I E L D
    Running MANAGERSEARCHCONDITIONS
    Target Class = com.thortech.xl.util.adapters.tcUtilHashTableOperations
    Running FINDMANAGER
    Running GETMANAGERCOUNT
    Running GETMANAGERKEY
    Running GENUNIQID
    Target Class = com.thortech.xl.utils.tcUserData
    <TMS 101> Flag:<Both> Checking for user in AD: khanz at server: <10.49.61.101>
    <TFS 185> Flag :<Both> Checking for user in AD: khanz at server:<10.49.61.101>
    Running CREATEGETUSERMAP
    Target Class = com.thortech.xl.util.adapters.tcUtilHashTableOperations
    Running GETUSER
    Running Create Update User Map
    Running Update Update User Map
    Running UPDATEUSER
    tcDeptCodeChanged Running
    Nr Name Value
    0) Lookup Name Department SiteCode Mapping
    1) From Field USR_UDF_DEPARTMENT_ID
    2) To Field USR_UDF_SITECODE
    3) Debug YES
    4) SMTP Server 10.53.12.18
    5) Email To [email protected]
    6) Email From [email protected]
    7) Trigger Field USR_UDF_SITECODE
    8) Disable Resource RACF,RACF IMS_TMCC (AutoProvision)
    9) ID Field UD_RACF_ID,UD_IMSB_ID
    10) Resource Object RACF IMS_TMCC (AutoProvision)
    11) RO Form UD_RACFUSRO
    12) Field 01 Name UD_RACFUSRO_CREATE_IND
    13) Field 01 Value RACF_CREATE
    14) Field 02 Name UD_RACFUSRO_USER_TYPE
    15) Field 02 Value IMS_TMCC
    16) Translate Email Def Department Code Lookup Error
    17) RBAC Job Codes List RBAC Job Codes
    18) RBAC Departments List RBAC Departments
    19) Job Code Field USR_UDF_JOB_CODE
    SMTP Server : 10.53.12.18
    Email To : [email protected]
    Email From : [email protected]
    Lookup Name : Department SiteCode Mapping
    From Field : USR_UDF_DEPARTMENT_ID
    Translate Email Def : Department Code Lookup Error
    To Field : USR_UDF_SITECODE
    tcDeptCodeChanged: new and old field value is same, returning
    tcJobCodeStatusChanged Running
    0) Trigger Field USR_UDF_JOB_CODE
    1) Debug YES
    2) Request Key Resource AD User
    3) Request Key Field UD_ADUSER_REVOKE_REQ_KEY
    4) RACF B User ID Field UD_ADUSER_B_USERID
    5) RACF T User ID Field UD_ADUSER_T_USERID
    6) RACF I User ID Field UD_ADUSER_I_USERID
    7) RACF B Resources RACF IMS_TMCC (AutoProvision)
    8) RACF I Resources RACF IMS_TMIS (AutoProvision)
    9) RACF T Resources RACF TSO_TMCC_NP (AutoProvision),RACF TSO_TMIS_NP (AutoProvision)
    10) Common Resources Lotus Notes,LAN,Internet,Stars,Focus
    11) Exclusion List Lookup.Object Exclusion List
    12) Other Delete Resources Lookup.Other Delete Resources
    13) RBAC Job Codes List RBAC Job Codes
    14) RBAC Departments List RBAC Departments
    Trigger Field : USR_UDF_JOB_CODE
    newFieldValue 99O109 oldFieldValue 99O109
    terminationFlag 0 oldTerminationFlag 0
    processFlag N
    tcJobCodeStatusChanged: new and old field value is same, returning
    ERROR,28 Dec 2010 05:49:05,199,[XELLERATE.SERVER],Class/Method: tcDataObj/eventPostUpdate encounter some problems: com.thortech.xl.dataobj.util.tcProvPolicyUtils
    java.lang.InstantiationError: com.thortech.xl.dataobj.util.tcProvPolicyUtils
    at com.thortech.xl.client.events.tcUSRevaluatePolicies.evaluatePolicies(Unknown Source)
    at com.thortech.xl.client.events.tcUSRevaluatePolicies.implementation(Unknown Source)
    at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.eventPostUpdate(Unknown Source)
    at com.thortech.xl.dataobj.tcUSR.eventPostUpdate(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.update(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
    at com.thortech.xl.ejb.beansimpl.tcUserOperationsBean.updateUserData(Unknown Source)
    at com.thortech.xl.ejb.beansimpl.tcUserOperationsBean.updateUser(Unknown Source)
    at com.thortech.xl.ejb.beans.tcUserOperationsSession.updateUser(Unknown Source)
    at com.thortech.xl.ejb.beans.tcUserOperations_voj9p2_EOImpl.updateUser(tcUserOperations_voj9p2_EOImpl.java:1995)
    at Thor.API.Operations.tcUserOperationsClient.updateUser(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(Unknown Source)
    at weblogic.security.Security.runAs(Security.java:41)
    at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(Unknown Source)
    at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
    at $Proxy61.updateUser(Unknown Source)
    at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpSETBOOLEANVALUES.UPDATEUSER(adpSETBOOLEANVALUES.java:271)
    at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpSETBOOLEANVALUES.implementation(adpSETBOOLEANVALUES.java:89)
    at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
    at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(Unknown Source)
    at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcORC.insertNonConditionalMilestones(Unknown Source)
    at com.thortech.xl.dataobj.tcORC.completeSystemValidationMilestone(Unknown Source)
    at com.thortech.xl.dataobj.tcORC.postInsertSysVal(Unknown Source)
    at com.thortech.xl.dataobj.tcORC.eventPostInsert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.util.tcOrderPackages.createProcessORC(Unknown Source)
    at com.thortech.xl.dataobj.util.tcOrderPackages.createOrder(Unknown Source)
    at com.thortech.xl.dataobj.util.tcOrderPackages.createOrder(Unknown Source)
    at com.thortech.xl.dataobj.util.tcOrderPackages.orderPackageForOrganization(Unknown Source)
    at com.thortech.xl.dataobj.tcOIO.provision(Unknown Source)
    at com.thortech.xl.dataobj.tcOIO.eventPostInsert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcOrgProvisionObject.insertImplementation(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcUSR.orderUserProcess(Unknown Source)
    at com.thortech.xl.dataobj.tcUSR.eventPostInsert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcRCE.createUserRecord(Unknown Source)
    at com.thortech.xl.dataobj.tcRCE.applyActionRules(Unknown Source)
    at com.thortech.xl.dataobj.tcRCE.checkDataSorted(Unknown Source)
    at com.thortech.xl.dataobj.tcRCE.eventPostUpdate(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.update(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcRCE.finishDataReceived(Unknown Source)
    at com.thortech.xl.schedule.jms.reconOffline.ProcessOfflineReconMessages.finishReconciliationEvent(Unknown Source)
    at com.thortech.xl.schedule.jms.reconOffline.ProcessOfflineReconMessages.execute(Unknown Source)
    at com.thortech.xl.schedule.jms.messagehandler.MessageProcessUtil.processMessage(Unknown Source)
    at com.thortech.xl.schedule.jms.messagehandler.ReconMessageHandlerMDB.onMessage(Unknown Source)
    at weblogic.ejb.container.internal.MDListener.execute(MDListener.java:466)
    at weblogic.ejb.container.internal.MDListener.transactionalOnMessage(MDListener.java:371)
    at weblogic.ejb.container.internal.MDListener.onMessage(MDListener.java:327)
    at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:4547)
    at weblogic.jms.client.JMSSession.execute(JMSSession.java:4233)
    at weblogic.jms.client.JMSSession.executeMessage(JMSSession.java:3709)
    at weblogic.jms.client.JMSSession.access$000(JMSSession.java:114)
    at weblogic.jms.client.JMSSession$UseForRunnable.run(JMSSession.java:5058)
    at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:516)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    ERROR,28 Dec 2010 05:49:05,207,[XELLERATE.SERVER],Class/Method: tcDataObj/save Error :Data Update Failed
    ERROR,28 Dec 2010 05:49:05,210,[XELLERATE.DATABASE],Class/Method: tcDataBase/rollbackTransaction encounter some problems: Rollback Executed From
    java.lang.Exception: Rollback Executed From
    at com.thortech.xl.dataaccess.tcDataBase.rollbackTransaction(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.rollback(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.doRollback(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
    at com.thortech.xl.ejb.beansimpl.tcUserOperationsBean.updateUserData(Unknown Source)
    at com.thortech.xl.ejb.beansimpl.tcUserOperationsBean.updateUser(Unknown Source)
    at com.thortech.xl.ejb.beans.tcUserOperationsSession.updateUser(Unknown Source)
    at com.thortech.xl.ejb.beans.tcUserOperations_voj9p2_EOImpl.updateUser(tcUserOperations_voj9p2_EOImpl.java:1995)
    at Thor.API.Operations.tcUserOperationsClient.updateUser(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(Unknown Source)
    at weblogic.security.Security.runAs(Security.java:41)
    at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(Unknown Source)
    at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
    at $Proxy61.updateUser(Unknown Source)
    at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpSETBOOLEANVALUES.UPDATEUSER(adpSETBOOLEANVALUES.java:271)
    at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpSETBOOLEANVALUES.implementation(adpSETBOOLEANVALUES.java:89)
    at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
    at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(Unknown Source)
    at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcORC.insertNonConditionalMilestones(Unknown Source)
    at com.thortech.xl.dataobj.tcORC.completeSystemValidationMilestone(Unknown Source)
    at com.thortech.xl.dataobj.tcORC.postInsertSysVal(Unknown Source)
    at com.thortech.xl.dataobj.tcORC.eventPostInsert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.util.tcOrderPackages.createProcessORC(Unknown Source)
    at com.thortech.xl.dataobj.util.tcOrderPackages.createOrder(Unknown Source)
    at com.thortech.xl.dataobj.util.tcOrderPackages.createOrder(Unknown Source)
    at com.thortech.xl.dataobj.util.tcOrderPackages.orderPackageForOrganization(Unknown Source)
    at com.thortech.xl.dataobj.tcOIO.provision(Unknown Source)
    at com.thortech.xl.dataobj.tcOIO.eventPostInsert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcOrgProvisionObject.insertImplementation(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcUSR.orderUserProcess(Unknown Source)
    at com.thortech.xl.dataobj.tcUSR.eventPostInsert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcRCE.createUserRecord(Unknown Source)
    at com.thortech.xl.dataobj.tcRCE.applyActionRules(Unknown Source)
    at com.thortech.xl.dataobj.tcRCE.checkDataSorted(Unknown Source)
    at com.thortech.xl.dataobj.tcRCE.eventPostUpdate(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.update(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcRCE.finishDataReceived(Unknown Source)
    at com.thortech.xl.schedule.jms.reconOffline.ProcessOfflineReconMessages.finishReconciliationEvent(Unknown Source)
    at com.thortech.xl.schedule.jms.reconOffline.ProcessOfflineReconMessages.execute(Unknown Source)
    at com.thortech.xl.schedule.jms.messagehandler.MessageProcessUtil.processMessage(Unknown Source)
    at com.thortech.xl.schedule.jms.messagehandler.ReconMessageHandlerMDB.onMessage(Unknown Source)
    at weblogic.ejb.container.internal.MDListener.execute(MDListener.java:466)
    at weblogic.ejb.container.internal.MDListener.transactionalOnMessage(MDListener.java:371)
    at weblogic.ejb.container.internal.MDListener.onMessage(MDListener.java:327)
    at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:4547)
    at weblogic.jms.client.JMSSession.execute(JMSSession.java:4233)
    at weblogic.jms.client.JMSSession.executeMessage(JMSSession.java:3709)
    at weblogic.jms.client.JMSSession.access$000(JMSSession.java:114)
    at weblogic.jms.client.JMSSession$UseForRunnable.run(JMSSession.java:5058)
    at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:516)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)

    Search on metalink for the following error to see lots of documents related to this error and the specific solution.
    [XELLERATE.SERVER],Class/Method: tcDataObj/eventPostUpdate encounter some problems: com.thortech.xl.dataobj.util.tcProvPolicyUtils
    java.lang.InstantiationError: com.thortech.xl.dataobj.util.tcProvPolicyUtils

  • Error processing your request, Request no: 230 in stage : ROLE_OWNER_ROLE.

    Hi,
    When approver try to approve request,get this message.
    System log:2011-02-02 03:26:00,545 [SAPEngine_Application_Thread[impl:3]_36] ERROR Exception during EJB call, Ignoring and trying Webservice Call
    com.virsa.ae.service.ServiceException: Exception in getting the results from the EJB service : loader constraints violated when linking com/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO class
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:295)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1161)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:381)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:118)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by: java.lang.LinkageError: loader constraints violated when linking com/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO class
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)
         ... 28 more
    2011-02-02 03:26:59,202 [SAPEngine_Application_Thread[impl:3]_25] ERROR Field LOGONDATAX not a member of INPUT
    com.sap.mw.jco.JCO$Exception: (127) JCO_ERROR_FIELD_NOT_FOUND: Field LOGONDATAX not a member of INPUT
         at com.sap.mw.jco.JCO$MetaData.indexOf(JCO.java:9566)
         at com.sap.mw.jco.JCO$Record.getStructure(JCO.java:14294)
         at com.virsa.ae.service.sap.SAPProvisionDAO.intializeWithCUACreateUserInputParameters(SAPProvisionDAO.java:1228)
         at com.virsa.ae.service.sap.SAPProvisionDAO.createUserInCUA(SAPProvisionDAO.java:1995)
         at com.virsa.ae.service.sap.ProvisionSAPUserDAO.createUserInCUA(ProvisionSAPUserDAO.java:1614)
         at com.virsa.ae.service.sap.ProvisionSAPUserDAO.createUser(ProvisionSAPUserDAO.java:329)
         at com.virsa.ae.service.sap.ProvisionSAPUserDAO.provisionUser(ProvisionSAPUserDAO.java:110)
         at com.virsa.ae.accessrequests.bo.ProvisioningBO.autoProvision(ProvisioningBO.java:217)
         at com.virsa.ae.accessrequests.bo.RequestBO.autoProvisioningForApprove(RequestBO.java:6124)
         at com.virsa.ae.accessrequests.bo.RequestBO.callAEExitService(RequestBO.java:7223)
         at com.virsa.ae.accessrequests.bo.RequestBO.callExitService(RequestBO.java:6997)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:6849)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:6642)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.confirmRequestApproval(RequestViewAction.java:991)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.execute(RequestViewAction.java:106)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    After getting this error message.Approver when tried again to approve they get this messsage
    Invalid state for request no : 230 at stage : ROLE_OWNER_ROLE has been updated by another approver. Get updated request
    system log:2011-02-02 03:30:37,532 [SAPEngine_Application_Thread[impl:3]_22] ERROR Conflict while approving request when compared with the database
    javax.transaction.InvalidTransactionException: Other approver approved this request, please get the details details of this request
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:6574)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.confirmRequestApproval(RequestViewAction.java:991)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.execute(RequestViewAction.java:106)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    what could be the cause and what is the solution for it.
    Thanks
    Mushu.

    Hi,
    Thanks. I changed to correct URL'S but still facing same issue and also i changed in stage configuration for Risk analysis mandatory option to " No", but still facing same issue.This is trace log
    2011-02-03 18:41:06,276 [SAPEngine_Application_Thread[impl:3]_7] ERROR Field LOGONDATAX not a member of INPUT
    com.sap.mw.jco.JCO$Exception: (127) JCO_ERROR_FIELD_NOT_FOUND: Field LOGONDATAX not a member of INPUT
         at com.sap.mw.jco.JCO$MetaData.indexOf(JCO.java:9566)
         at com.sap.mw.jco.JCO$Record.getStructure(JCO.java:14294)
         at com.virsa.ae.service.sap.SAPProvisionDAO.intializeWithCUACreateUserInputParameters(SAPProvisionDAO.java:1228)
         at com.virsa.ae.service.sap.SAPProvisionDAO.createUserInCUA(SAPProvisionDAO.java:1995)
         at com.virsa.ae.service.sap.ProvisionSAPUserDAO.createUserInCUA(ProvisionSAPUserDAO.java:1614)
         at com.virsa.ae.service.sap.ProvisionSAPUserDAO.createUser(ProvisionSAPUserDAO.java:329)
         at com.virsa.ae.service.sap.ProvisionSAPUserDAO.provisionUser(ProvisionSAPUserDAO.java:110)
         at com.virsa.ae.accessrequests.bo.ProvisioningBO.autoProvision(ProvisioningBO.java:217)
         at com.virsa.ae.accessrequests.bo.RequestBO.autoProvisioningForApprove(RequestBO.java:6124)
         at com.virsa.ae.accessrequests.bo.RequestBO.callAEExitService(RequestBO.java:7223)
         at com.virsa.ae.accessrequests.bo.RequestBO.callExitService(RequestBO.java:6997)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:6849)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:6642)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.confirmRequestApproval(RequestViewAction.java:991)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.execute(RequestViewAction.java:106)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    2011-02-03 18:41:30,686 [SAPEngine_Application_Thread[impl:3]_24] ERROR Conflict while approving request when compared with the database
    javax.transaction.InvalidTransactionException: Other approver approved this request, please get the details details of this request
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:6574)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.confirmRequestApproval(RequestViewAction.java:991)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.execute(RequestViewAction.java:106)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)

  • Error: Creation of a new user in CUP

    Dear all,
    During the creation of a new user in CUP, is generated the following error message:
    Error in the provisioning request. The error occurred in the system(s). Details of error: USER CREATE-Length password is not enough (minimum length: 8 characters).
    Thanks all for any suggestions!
    Liliana!

    Hi,
    Thanks for your answers!
    My version is SAP GRC AC 5.3 and Support Package: 16.
    This is the complete error when I try to create a new user in CUP:
    iniu2011-07-04 07:59:19,520 [SAPEngine_Application_Thread[impl:3]_8] ERROR com.virsa.ae.service.ServiceException: Longitud clave acceso insuficiente (     )
    com.virsa.ae.service.ServiceException: Longitud clave acceso insuficiente (longitud mínima: 8 caracteres)
         at com.virsa.ae.service.sap.SAPProvisionDAO.createUser(SAPProvisionDAO.java:324)
         at com.virsa.ae.service.sap.ProvisionSAPUserDAO.createUserInNonCUA(ProvisionSAPUserDAO.java:1784)
         at com.virsa.ae.service.sap.ProvisionSAPUserDAO.createUser(ProvisionSAPUserDAO.java:352)
         at com.virsa.ae.service.sap.ProvisionSAPUserDAO.provisionUser(ProvisionSAPUserDAO.java:120)
         at com.virsa.ae.accessrequests.bo.ProvisioningBO.autoProvision(ProvisioningBO.java:219)
         at com.virsa.ae.accessrequests.bo.RequestBO.autoProvisioningForApprove(RequestBO.java:6164)
         at com.virsa.ae.accessrequests.bo.RequestBO.callAEExitService(RequestBO.java:7263)
         at com.virsa.ae.accessrequests.bo.RequestBO.callExitService(RequestBO.java:7037)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:6889)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:6682)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.confirmRequestApproval(RequestViewAction.java:1022)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.execute(RequestViewAction.java:106)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    Thanks all for any suggestions!
    Liliana!

  • Bitlocker with TPM and PIN testing?

    Good day all,
    We are about to deploy 10 Surface Pro 3's running Windows 8.1 Enterprise x64. We have enabled the TPM, enabled "Allow Enhanced PINS for Startup", "Pre-boot Keyboard" and turned on Bitlocker through the gui which recommended setting
    a PIN which I did.
    Everything seems to work as it should, how can I be convinced TPM and PIN are working together? I seem to be able to punch into Bitlocker many bad passwords without warning or asking me to reboot which is does for all other laptops without tpm.
    1. How many bad password attempts do I get with TPM by default before lockout?
    2. Where is my *.tpm recovery key?
    3. Why when the TPM locks out can I still gain entry by typing in the Bitlocker PIN (not recovery password)
    4. I want TPM to lockout after 5 incorrect attempts.
    To test the TPM working I disabled the TPM in the BIOS and on next reboot Bitlocker asked for the Recovery Password which to me proves Bitlocker private encryption keys are safely held in the TPM. Is this safe to presume TPM is working?
    here is the output from manage-bde and get-tpm status
       Size:                 59.11 GB
        BitLocker Version:    2.0
        Conversion Status:    Fully Encrypted
        Percentage Encrypted: 100.0%
        Encryption Method:    AES 128
        Protection Status:    Protection On
        Lock Status:          Unlocked
        Identification Field: Unknown
        Key Protectors:
            TPM And PIN
            Numerical Password
    TpmPresent          : True
    TpmReady            : True
    ManufacturerId      : 1229346816
    ManufacturerVersion : 5.0
    ManagedAuthLevel    : Full
    OwnerAuth           : u2uAKH0Sr+d98s+oGXLLU8DHUuc=
    OwnerClearDisabled  : True
    AutoProvisioning    : Enabled
    LockedOut           : False
    SelfTest            : {}

    Hi Paddy,
    "1. How many bad password attempts do I get with TPM by default before lockout?"
    It depends on the the TPM chips.
    "Some TPM chips may not store failed attempts over time. Other TPM chips may store every failed attempt indefinitely. Therefore, some users may experience increasingly longer delays when they mistype an authorization value that is sent to the TPM"
    "4.I want TPM to lockout after 5 incorrect attempts."
    We can set the group policy "Standard User Individual Lockout Threshold " in this path (Check the detailed information of this policy):
    Computer Configuration\Administrative Templates\System\Trusted Platform Module Services\
    Here is a link for reference("About TPM lockout" part and "Use Group Policy to manage TPM lockout settings"part ):
    Manage TPM Lockout
    https://technet.microsoft.com/en-us/library/dn466535.aspx
    "2. Where is my *.tpm recovery key?"
    When we set owner of the TPM ,we will be given a chance to save the TPM passowrd .
    And when the BitLocker recovery key is saved to a file, BitLocker also saves a TPM owner password file (.tpm) with the TPM owner password hash value.We also can save them to the AD (Check the group policy in the same path as before). Have you tried to save
    the recovery keys to a external media ?
    Here are links for reference:
    Reset the TPM Lockout (Check the first part)
    https://technet.microsoft.com/en-us/library/dd851452.aspx?f=255&MSPPError=-2147217396
    Windows Trusted Platform Module Management Step-by-Step Guide(Check "Step 2: Set ownership of the TPM" part )
    https://technet.microsoft.com/pt-pt/library/cc749022%28WS.10%29.aspx?f=255&MSPPError=-2147217396
    "3. Why when the TPM locks out can I still gain entry by typing in the Bitlocker PIN (not recovery password)"
    When the TPM is locked out, it is also possible that the user will enter the correct PIN, but the TPM will respond as if the incorrect PIN was entered for a period of time.
    Check the "When should I reset the TPM lockout" part .
    Reset the TPM Lockout
    https://technet.microsoft.com/en-us/library/dd851452.aspx?f=255&MSPPError=-2147217396
    " Is this safe to presume TPM is working?"
    From the output of the command line ,we can get the information that the TPM is working .It is not recommended to disable the TPM when the data is encrypted with TPM .
    Best regards

  • Issue in Approval workflow

    Hi,
    Currently i'm using IDM 7.0 .
    My Scenario: i have created a workflow task with approval requesting for a privilege. The privilege has been assigned an autoProvisioning task to the respective system.
    As soon as the requestor submits the request, the privilege entry gets updated for the user in IS and the autoprovisioning task is trigerred and before approval the privilege is assigned to the user in the backend system.
    But the case should be, if we have an approval task the provisioning should happen only after approval. but here as the privilege has auto provisioning task defined it provisions to the user though the request is with the approval with no action.
    We have planned to implement IDM 7.1 in production. My question is:
    1. Even in IDM 7.1 do we have the issue i.e before approval will the privilege will be provisioned to the user in the backend system.
    2. If this is the case, please help me how to stop the privilege entry in IS and push it to a staging table when a user submits the request and after approval the entry will be moved to the IS from staging and so that the autoprovisioning task get trigerred.
    Please throw some light on this.
    Thanks in Advance.
    Regards,
    Pricy

    You have to store the requested assignment at another place which will be transfered by the approval  task and which is just removed by an decline task.
    One simple option is to work with an auxiliary attribute, e.g. called REQUESTED_PRIVILEGE, which is a reference attribute for privileges. Another option works with the entry type MX_PENDING_VALUE.
    Kind regards
    Frank Buchholz

Maybe you are looking for

  • NWDS installation issue - "Please wait... completing the install"

    Hi all, I got the same "Problem" each time I update my NWDS. [Re: NWDS installation issue.|Re: NWDS installation issue.] After the installation, when I start the NWDS I get always the message: "Please wait... completing the install" If I create a new

  • Array/Structure or QueryNew

    Recently I have had to work with data that I read off a Text File. I created the required pages using both Arrays and QueryNew funtions to manipulate the data. I did find QueryNew better suited for my purpose. Speed wise I could not see any noticeabl

  • FLEX Contact Forms

    As the summary states, I have been scouring the internet high and low trying to find a WORKING contact form created in Flex 2. I have yet to see it. And the frustration of building it myself is starting to get to me. So I am asking for the help of an

  • Help - Login Names and Passwords Disappear

    I recently encountered a problem while using Safari. As I usually do, I accessed a website where I have to enter a login name and password, like this one. When I click "submit" or press "enter" both the name and password simply disappear. I retype th

  • Reinstalling iPhoto (and iLife?) on OS 10.7

    On the Apple iPhoto forum, I have established that I need to remove iPhoto from my new computer and reinstall it. With OS 10.7 this presents a new challenge as there no disks came with the computer. Do I restart holding down command + R key or do I g