Create users in different containers of a resource
I have three resources A ( LDAP ), B ( LDAP ) and C ( Active Directory ). When new objects are created on resources B or C, they are created on resource A but always in the same container. Is it possible to select the container in resource A where I want to create the users according to the resources B and C?
Example: All users created on B should be created on container "ou=RE_B" and users created on C should be created on container "ou=RE_C".
I'm using Active Sync.
Do all your logic in your input form and assign form in active sync wizard.
See this link
http://forum.java.sun.com/thread.jspa?threadID=5205782&messageID=9861750#9861750
Similar Messages
-
Create user successful but the resource is still in provisioning status
Hi Friends,
I have installed AD cnnector in OIM 11g successfully. And tried to provision it.
Create user was successful and there are no errors in the log. But still the resource status is showing as provisioning instead of provisioned. Please let me know, how to resolve this issue.Go to Create User task in AD Process Definition and then go to Task to Object Status Mapping tab, set the status as Provisioned for Completed (C as Status) and try again.
-
How to create User and Database in different Table spaces
How to create User and Database in different Table spaces using oracle 10g
Regards
dayaI am sorry but your question does not seem to make much sense.
Can you please rephrase your question? -
How can I see the Query view created for a different user
Hi All,
How can a user see the View of a query created for a different user??
I would like some info about how to give access ( if it is a access problem) or tell me the steps to do that.
Regards, FedericoHi all,
Maybe I didn't explain me as i should or maybe you dont know what is a Query View. Lets try again, showing you the steps to open a "Query view".
This way is from Bex Analyzer (Excel)
I open the Bex Analyzer and connect to the system -> Open query -> Under "Type" choose "Query View"...this is just a different view of the original query (more or least columns/rows).
This way is from Bex Web:
Once you open/execute the query, you have a ComboBox to choose the view (previously saved)
The problem that we have is that the views created for a user, can NOT be found by other user. The only user who can is the owner.
Could it be an authorization problem? or is ther any configuration possible to see it?
Thanks in advance, Federico -
OIM 11gR2 - Different "Create User" UI?
Hello,
is it possible to create three different "Create User" interfaces for administrators?
I have three types of administrators in different ogranization, which should see three different types of "create users" interfaces?
For example:
Admin1 can see: First Name, Last Name, Mail, UID, Custom Attribute1
Admin2 can see: First Name, Last Name, Mail, UID, Custom Attribute1, Custom Attribute2
Admin3 can see: First Name, Last Name, Mail, UID, Custom Attribute2, Custom Attribute3, Custom Attribute4
Is that possible? If yes, how?
In R1 i could create different request templates, but how can i do this i R2?Thanks for the fast answer. I will look at these expressions.
Is it possible to use a "dropdown list" or "select box" for new "create user" interfaces?
For instance: If clicking on "Create User" i got a dropdown list or select box, which type of user i would create? After selecting the specified create user form will be opened.
Create Admin --> Admin create user form will be opened
Create Manager --> Manager create user form will be opened
Create User --> User create user form will be opened
This functionality was in Sun IDM. Is this possible in R2? -
Hi,
I am getting some problems with the Lotus Notes Connector. The resource is provisioned but the Create User task is rejected. In the Lotus Notes server log, there is no problem and the account was created successfully.
Below is the response OIM has set to the task:
Respuesta: ERROR_UNID_SET
Descripción de Respuesta: User created successfully. Error while updating user unique attribute in the process form.
Notas:
As you can see below, there was no error when the adapter was executed:
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvisionsetPropertyEntered method
INFO [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::loadAttributeMapping: START
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision: :loadAttributeMapping : Attribute Mapping file : C:\oracle\oim9101\xellerate/XLIntegrations/LotusNotes/config/attributemapping_prov.properties
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvisiongetParsedPropertiesEntered method
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvisiongetParsedProperties---- END
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : CreateMailDb true
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : ShortName
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : SecurityType 1
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : MailSystem 0
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : Storeaddbook true
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : SynchInternetPwd true
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : InternetAddress
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : CertifierIDFile C:\Lotus\Domino\Data\cert.id
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : Registrationlog
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : MailOwnerAccess 0
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : MinPwdlen 8
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : Addbook true
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : RegistrationServer win2k3base/oimdev
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : OrgUnit during create -- oimdev
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : OrgUnit oimdev
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : MailQuotaWarning 40
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : Received null values for ExpirationDate:
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::getDefaultDate : Setting Default date
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : IdType 173
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : MailTemplateName
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : MailQuotaLimit 50
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : LastName : Gerente
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : IdFilePath : C:\Lotus\Domino\id
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : MailServer : win2k3base/oimdev
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : FirstName : Teste
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : Comment :
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : MiddleName :
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : Location :
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : MailDBPath : mail\
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : ForwardDomain : oimdev
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvisioncheckUserExistsEntered method
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::getUserName: Org Unit: oimdev
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::getUserName: Final UserName --- CN=Teste Gerente/OU=oimdev/oimdev
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvisioncheckUserExistsExiting method
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::getUserName: Org Unit: oimdev
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::getUserName: Final UserName --- CN=Teste Gerente/OU=oimdev/oimdev
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : User Name: CN=Teste Gerente/OU=oimdev/oimdev
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : Full Name: CN=Teste Gerente/O=oimdev
INFO [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::createUser : User Created Successfully
INFO [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::triggerAdminP : Invoking trigger AdminP
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::triggerAdminP : MailServer : win2k3base/oimdev
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::loadAdminpProperties : AdminP properties file : C:\oracle\oim9101\xellerate/XLIntegrations/LotusNotes/config/adminP.properties
DEBUG [ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' ADAPTER.LOTUSNOTES - LotusNotesProvision::triggerAdminP : AdminPCommand : tell adminp process all
I've retried the Create User task and got the Lotus Console messages below. There is no error:
10/20/2009 02:02:56 AM Admin Process: Checking for all requests to perform
10/20/2009 02:03:30 AM DIIOP Server: 192.168.200.6 connected
10/20/2009 02:03:36 AM Opened session for win2k3base/oimdev (Release 6.5.6)
10/20/2009 02:03:36 AM Closed session for win2k3base/oimdev Databases accessed: 2 Documents read: 0 Documents written: 0
10/20/2009 02:03:37 AM Certifying Teste Gerente/oimdev
10/20/2009 02:03:48 AM Opened session for win2k3base/oimdev (Release 6.5.6)
tell adminp process all >C:\DOCUME~1\ADMINI~1.WIN\LOCALS~1\Temp\rem22706.con
10/20/2009 02:03:49 AM Admin Process: Checking for all requests to perform
10/20/2009 02:03:49 AM Remote console command issued by win2k3base/oimdev: tell adminp process all
10/20/2009 02:03:49 AM Closed session for win2k3base/oimdev Databases accessed: 0 Documents read: 0 Documents written: 0
10/20/2009 02:03:49 AM DIIOP Server: 192.168.200.6 disconnected
Any suggestion?
Edited by: Renato.Guimaraes on 19/10/2009 21:04Sunny,
I figured out the problem... Wrong configurations. See what I did:
a) Reviewed the explanation below about the paramater certifierOU of Lotus Notes ITRes, so I set it to empty.
certifierOU Specifies the OU of the certifier to be used when creating user accounts If you use a certifier on the target system, then you must specify the certifier OU value. If
you do not have a certifier on the target system, then leave this parameter field empty.
If there are multiple certifiers on the target system, then you must create one IT resource (of the Lotus Notes IT resource type) for each certifier. Refer to Oracle Identity Manager
Design Console Guide for information about creating IT resources. If you specify a value for the certifierOU parameter, then the user OU value that you specify on the process form is ignored during the creation of a DN for a new user account.
If you do not specify a value for the certifierOU parameter, then the user OU value that you specify on the process form is used in the DN. This feature ensures that only one OU value
is included in the DN.
If you specify a value for the certifierOU IT resource parameter, then user records for which the certifier OU value in the DN does not match the certifierOU parameter value are not
reconciled. This is because the user DN is used to match records in the target system and Oracle Identity Manager, and a difference in the certifier OU value would lead to a
mismatch in DN values. The following example illustrates this type of scenario:
Suppose a user account on Lotus Notes has the following DN:
CN=John Doe/OU=testcertou/O=test/C=US
If testcertou has not been assigned as the value of the certifierOU parameter for any of the IT resources created on this Oracle Identity Manager installation, then the records of this
user cannot be reconciled into Oracle Identity Manager.
Sample value: NY
b) The MailServer paramater was win2k3base/oimdev and I've changed it to CN=win2k3base/O=oimdev.
c) As the certifierOU is clear now, so I have to inform the Orgnation Unit field in the process form.
Thanks.
Edited by: Renato.Guimaraes on 24/10/2009 23:19
Edited by: Renato.Guimaraes on 24/10/2009 23:27 -
Event Handler Error while Creating User
Hi,
I am not able to create users in OIM 11gR1 - " Event handler DemoNotificationEventResolver implemented using class/plug-in nrma.DemoNotificationEventResolver could not be loaded."
I have deleted this plugin from the "plugins" table in the database. What else am I supposed to do?Hi,
I have deleted it from the MDS Schema. Now I am getting a different error.
<Dec 20, 2012 5:24:57 PM EST> <Error> <oracle.iam.identity.usermgmt.impl> <IAM-3050030> <An exception occurred while performing the operation.
java.util.MissingResourceException: Can't find resource for bundle java.util.PropertyResourceBundle, key IAM-301094
at java.util.ResourceBundle.getObject(ResourceBundle.java:374)
at java.util.ResourceBundle.getObject(ResourceBundle.java:371)
at java.util.ResourceBundle.getObject(ResourceBundle.java:371)
at java.util.ResourceBundle.getObject(ResourceBundle.java:371)
at java.util.ResourceBundle.getString(ResourceBundle.java:334)
at oracle.iam.ldapsync.impl.util.LDAPSyncUtil.createValidationFailedException(LDAPSyncUtil.java:700)
at oracle.iam.ldapsync.impl.util.LDAPSyncUtil.generateAndValidateRDN(LDAPSyncUtil.java:824)
at oracle.iam.ldapsync.impl.eventhandlers.user.RDNPreProcessHandler.execute(RDNPreProcessHandler.java:68)
at oracle.iam.platform.kernel.impl.OrchProcessData.runPreProcessEvents(OrchProcessData.java:898)
at oracle.iam.platform.kernel.impl.OrchProcessData.runEvents(OrchProcessData.java:634)
at oracle.iam.platform.kernel.impl.OrchProcessData.executeEvents(OrchProcessData.java:227)
at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:664)
at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.process(OrchestrationEngineImpl.java:435)
at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.orchestrate(OrchestrationEngineImpl.java:381)
at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.orchestrate(OrchestrationEngineImpl.java:334)
at oracle.iam.identity.usermgmt.impl.UserManagerImpl.create(UserManagerImpl.java:653)
at oracle.iam.identity.usermgmt.api.UserManagerEJB.createx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310) -
Invalid Naming Error while creating user in OIM and provisioning to OID
Hi,
I am trying to create users in OIM. As per the access policy, the users will directly provisioned to OID. When I am creating users in OIM, its showing provisioning for OID user resource. The create user task is rejected with error as
"Response: Invalid Naming Error
Response Description: Naming exception encountered"
If anybody is getting these error, then please suggest a solution.
Thanks.logs ???
Are you provisioning any custom attributes of different object classes . Make sure you include those object classes as well , go to connector documentation for adding the object classes .., may be some configuration look up ....i guess
Thanks
Suren
Edited by: Suren on Jul 6, 2010 7:41 PM -
Hi
I want to create a new user with exactly same roles and priveleges with a user which is created before.
How can I do that in Oracle 9i ? There is no enterprise managerOrionNet wrote:
Hello,
YOu can genric script like in this example and create different users with the same privs and grants. It will prompt you to enter username and tablespace name, you can also do same for the password
CREATE USER &username
IDENTIFIED BY "password"
DEFAULT TABLESPACE &tsname
TEMPORARY TABLESPACE TEMP
PROFILE DEFAULT
ACCOUNT UNLOCK;
GRANT IMP_FULL_DATABASE TO &username;
GRANT RESOURCE TO &username;
GRANT EXP_FULL_DATABASE TO &username;
GRANT CONNECT TO &username;
ALTER USER &username DEFAULT ROLE NONE;
GRANT CREATE SESSION TO &username;
GRANT ALTER SYSTEM TO &username;
BEGIN
Not sure that the script is going to work foolproof. For example, I don't think that there is a need to give explicit create session when already user is getting connect role in 10g . Also resource role comes with an unlimited tablespace priv , a big NO IMO to be given just to anyone. A much better option than this can be to make stand alone user-created roles for all the different types of users and grant them to the users when they are created. By this, all one would need to do is to issue a create user and couple of grant role commands and he is done.
Cheers
Aman.... -
Is there a way to create user logins or some other way to ...
Is there a way to create user logins or some other grouping for a set of applications to use (memory) resources optimally -- for example only mail and Safari and Word in one grouping and another for Safari and an audio recording application, etc.?
It is possible to use Parenal Controls to limit which applications can be used be a particular user account.
But it's not really necessary as far as managing memory.
Matt -
Is it possible to allow the user to revoke its own it resource?
Is it possible to allow the end-user to somehow revoke its own resource?
What would be the correct approach if he decides that he doesn't need access to a specific system and decides to terminate his account ?
Thanks for any insight.
Adriano.One way by creating dummy resource, he will raise a request but no approval will be triggered (if you want then you can modify).
In the provisioning workflow call the OIM APIs.
Second approach I have to look into it. -
OIM 11g error while creating users on screen
Hi All,
while creating the users in OIM on screen following error is thrown in the web console.
An error occurred while performing create user operation. An error occurred while executing the kernel event handler.
please find the OIM server logs below.
<Connection for pool "oimOperationsDB" closed.>
####<Sep 5, 2012 11:22:30 AM IST> <Info> <Health> <blr-idm-app01.wipro.com> <oim_server1> <weblogic.GCMonitor> <<anonymous>> <> <4c00c82b0a97856d:-1e040449:1399130671f:-8000-000000000000008f> <1346824350538> <BEA-310002> <16% of the total memory in the server is free>
<Connection for pool "mds-oim" closed.>
<Connection for pool "mds-owsm" closed.>
<Connection for pool "oimJMSStoreDS" closed.>
<Created "1" resources for pool "mds-owsm", out of which "1" are available and "0" are unavailable.>
<Created "1" resources for pool "mds-oim", out of which "1" are available and "0" are unavailable.>
Thanks,
Power.You can increase the connection pool size for data source "oimOperationsDB" through Web-logic Admin console.
See if you still get error then the issue is not with connection pool . -
Password Violation error while creating users from Admin interface
Guys,
The Sun Identity Manager system throws policy violation error while creating users from Sun Identity Manager Admin interface.
Current System:
1. I have configured TAM Pass-Thru authentication for End User Login Application.
2. I have an admin user 'testsjimadmin1' who has admin capabilities. testsjimadmin1 user has default SJIM password policy.
3. I have custom password policies configured for different orgainizatoions
Problem:
1. The Sun Identity Manager throws a password policy violation error when 'testsjimadmin1' tries to create an user with valid or invalid password from Sun Identity Manager Admin interface.
2. If TAM Pass-thru authentication is removed for 'End User Login Application' and Sun Identity Manager default authentication is configured for 'End User Login Application' then testsjimadmin1 was able to create user successfully without any errors.
Please let me know if any configurations are required to be made on Sun Identity Manager for TAM Pass-Thru authentication so that admin users can create users successfully from admin interface.
Appreciate your help!!!
Thanks
VijayGuys,
The Sun Identity Manager system throws policy violation error while creating users from Sun Identity Manager Admin interface.
Current System:
1. I have configured TAM Pass-Thru authentication for End User Login Application.
2. I have an admin user 'testsjimadmin1' who has admin capabilities. testsjimadmin1 user has default SJIM password policy.
3. I have custom password policies configured for different orgainizatoions
Problem:
1. The Sun Identity Manager throws a password policy violation error when 'testsjimadmin1' tries to create an user with valid or invalid password from Sun Identity Manager Admin interface.
2. If TAM Pass-thru authentication is removed for 'End User Login Application' and Sun Identity Manager default authentication is configured for 'End User Login Application' then testsjimadmin1 was able to create user successfully without any errors.
Please let me know if any configurations are required to be made on Sun Identity Manager for TAM Pass-Thru authentication so that admin users can create users successfully from admin interface.
Appreciate your help!!!
Thanks
Vijay -
How to create user in UME,
HI gurus,
In requeriment for project, the customer request is about a aplication to create user in the UME automaticall after fill a survey with questions of security, my questions are;
1. Exist a way for create users automatically ??, a RFC ? a Web Service ? or this step is strictly done for a human
(UME isn´t integrated with abap data source).
2. ¿ In KM exist a application that permit show a questionary, and questions and answers were filled from information hosted in tables z in R3 ?
THanks in advanceHi Pacheco Mauricio,
1. Exist a way for create users automatically ??, a RFC ? a Web Service ? or this step is strictly done for a human
(UME isn´t integrated with abap data source).
It is already answered by Erhan
1- There isnt a standart way to create user in portal. You can code a web service to create user using portal apis
using API's only you can create Application which help to create Users in Portal UME.
2. ¿ In KM exist a application that permit show a questionary, and questions and answers were filled from information hosted in tables z in R3 ?
2- And also there isnt a standart way to create a poll using ecc tables. But there is a way to create poll in portal.
SAP had provided a Poll Facility in Portal what Erhan suggested, but problem is you can at a time put only one question in a poll, but if you want some more functionality along with polls, you can go for Sweetlets which is third party tool.
But if you want to develop a Survey kind of application where you want different type of questions along with different answer options than you have to build application from scratch like how we develop Custom Web Dynpro Java Applications.
Regards,
Tushar Shinde. -
OIM 9.1.0.1 :- Create User Operation with Approval.
Guru/Experts,
I am currently using OIM 9.1.0.1 , and i want create user functionality to be work with approval. Whenvr a user Or xelsysadm tries to create user then its should ask for approve/Rejact then only it will create or reject the operation.
Thanks,
Hemant.user8995781,
Thanks for your reply , but i am not able to create a user. I am getting illegalArgumentException. My Approval process is triggering properly but i am not able to see provision process triggering properly.
Please find below log :-
13:24:07,457 INFO [PropertyMessageResources] Initializing, config='org.apache.struts.taglib.html.LocalStrings', returnNull=true
13:24:07,478 INFO [PropertyMessageResources] Initializing, config='org.apache.struts.taglib.html.LocalStrings', returnNull=true
13:24:07,481 INFO [PropertyMessageResources] Initializing, config='org.apache.struts.taglib.html.LocalStrings', returnNull=true
13:24:07,616 INFO [PropertyMessageResources] Initializing, config='org.apache.struts.taglib.html.LocalStrings', returnNull=true
13:24:09,285 INFO [PropertyMessageResources] Initializing, config='org.apache.struts.taglib.html.LocalStrings', returnNull=true
13:26:09,387 ERROR [REQUESTS] Class/Method: tcRequestOperationsBean/getRequestDetail encounter some problems: Error while executing query to get request information.
13:26:09,388 ERROR [REQUESTS] Class/Method: tcRequestOperationsBean/getRequestDetail encounter some problems: {1}
java.lang.IllegalArgumentException
at java.sql.Date.valueOf(Date.java:138)
at com.thortech.xl.ejb.beansimpl.tcRequestOperationsBean.getRequestDetail(Unknown Source)
at com.thortech.xl.ejb.beans.tcRequestOperationsSession.getRequestDetail(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.invocation.Invocation.performCall(Invocation.java:359)
at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionContainer.java:237)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:158)
at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstanceInterceptor.java:169)
at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:63)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:121)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:350)
at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:181)
at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:168)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:138)
at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:648)
at org.jboss.ejb.Container.invoke(Container.java:960)
at sun.reflect.GeneratedMethodAccessor134.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
at org.jboss.invocation.local.LocalInvoker$MBeanServerAction.invoke(LocalInvoker.java:169)
at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:118)
at org.jboss.invocation.InvokerInterceptor.invokeLocal(InvokerInterceptor.java:209)
at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:195)
at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:61)
at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:70)
at org.jboss.proxy.ejb.StatelessSessionInterceptor.invoke(StatelessSessionInterceptor.java:112)
at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:100)
at $Proxy767.getRequestDetail(Unknown Source)
at Thor.API.Operations.tcRequestOperationsClient.getRequestDetail(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
at Thor.API.Security.LoginHandler.jbossLoginSession.runAs(Unknown Source)
at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
at $Proxy786.getRequestDetail(Unknown Source)
at com.thortech.xl.webclient.actions.RequestAction.setPendingTask(Unknown Source)
at com.thortech.xl.webclient.actions.RequestAction.requestDetail(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:280)
at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(Unknown Source)
at com.thortech.xl.webclient.actions.tcActionBase.execute(Unknown Source)
at com.thortech.xl.webclient.actions.tcAction.execute(Unknown Source)
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.thortech.xl.webclient.security.SecurityFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
at java.lang.Thread.run(Thread.java:662)
Thanks,
Hemant.
Maybe you are looking for
-
Opening PDFs in a certain folder with Adobe and all others with Preview
I know how to right click and use "open with" and how to set the default application under Info. What I want to do is set all PDF files in a certain folder to open with Adobe's Reader when I open the file. However, I'd prefer using Preview for the ot
-
How Can I define itab for VBFA in SD_SALES_DOCUMENT_PREFETCH??
Hi Experts, Am using FM of SD_SALES_DOCUMENT_PREFETCH to pull the data, like, CALL FUNCTION 'SD_SALES_DOCUMENT_PREFETCH' EXPORTING i_sales_view = wa_view i_memory_read = 'A' TABLES i_vbak_keytab = t_vbeln fxvbak
-
How to encrypt password in serverstopper class??
Hi, I have configured the weblogic server as windows service and currently using boot identity file for username/pw to startup. To enable graceful shutdown of the server, i am using serverstopper class. But to facilitate changing of pw, i am reading
-
Viewing check number in payment document.
Hi, I have made an outgoing payments through F-53. Two document numbers: 1800000012 & 1800000013 were generated Then i issued a check through FBZ5 & FCH5 respectively. Now i went into FB03 & displayed both above mentioned document numbers. But i am u
-
ID CS3 - problem entering values in fields
Trying to type values in fields, i.e. point size, leading, indents, space before or after, and the program doesn't accept the numbers. It deletes my highlight text and inserts the value I'm trying to enter. Tried trashing preferences and it worked fo