Creation of users in OIM from OID, where OID is target resource

Hi,
I am new to OIM. We have a scenario where we have OIM and OID. The users are being created in OID. Now we need to get these users to the OIM system to use the Change Password, Forgot Password functionalities of OIM. Can we have OID as the target resource for OIM and have a reconciliation done to get all the users from OID and have them created in OIM.
Or this possible only when OID is the Trusted Source?
Thanks in advance,

Re: OIM's Trusted Source

Similar Messages

  • Invalid Naming Error while creating user in OIM and provisioning to OID

    Hi,
    I am trying to create users in OIM. As per the access policy, the users will directly provisioned to OID. When I am creating users in OIM, its showing provisioning for OID user resource. The create user task is rejected with error as
    "Response: Invalid Naming Error
    Response Description: Naming exception encountered"
    If anybody is getting these error, then please suggest a solution.
    Thanks.

    logs ???
    Are you provisioning any custom attributes of different object classes . Make sure you include those object classes as well , go to connector documentation for adding the object classes .., may be some configuration look up ....i guess
    Thanks
    Suren
    Edited by: Suren on Jul 6, 2010 7:41 PM

  • Search users in OIM from Admin Console

    Hi,
    I am trying to search for users logging into admin console as a end user. But my search didnot result any users though there are many users in OIM. I have given all the permissions available to the group in which this user is present and Manage User menu item to that group.
    Can anyone one please let me know, if the end-user will ever be able to search for other users in OIM ?
    PS: If I add the end user group as sub-group to sysadm group, then everythin works fine, But this is not the solution for me!!
    Thanks in Advance

    Permissions to view users are done at the organization level. If you want a specific group of users to be able to search for other users, create a group. then go to manage organizations and select administrative groups from the drop down. Add that group with at least read permissions. Usually if i know requests and such will need to be submitted for other users, i give all users read access to the main organization.
    -Kevin

  • Disable OIM users AND ENABLE THEM MANUALLY IN OID.......

    Hi,
    I've OIM connected to OID.
    When i disable a user in OIM, the orclisenabled attribute for that user is set to DISABLED
    Now when i manually change DISABLED to ENABLED in OID, and run the target recon task, the user in OIM remains disabled and when i check resource profile, the OID user resource is ENABLED.
    This should not happen. I want the case, when I manually ENABLE the disabled user in OID,and run recon task, the user should again get disabled in OID
    Is it possible to realise this condition?

    i have pasted the code above in notepad and saved it with extnsion .jar and copied it to the location oim/xellerate/javatasks/
    when i add task to the adapter and select the jar file it as API source, it gives and error:
    09:26:18,244 ERROR [ADAPTERS] Class/Method: tcRemoteFileDiscovery/getClasses enc
    ounter some problems: error in opening zip file
    java.util.zip.ZipException: error in opening zip file
    at java.util.zip.ZipFile.open(Native Method)
    at java.util.zip.ZipFile.<init>(ZipFile.java:114)
    at java.util.jar.JarFile.<init>(JarFile.java:133)
    at java.util.jar.JarFile.<init>(JarFile.java:70)
    at com.thortech.xl.dataobj.util.tcRemoteFileDiscovery.getClasses(Unknown
    Source)
    at com.thortech.xl.dataobj.tcADP.getClasses(Unknown Source)
    at com.thortech.xl.ejb.databeansimpl.tcADPBean.getClasses(Unknown Source
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
    java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
    sorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.jboss.invocation.Invocation.performCall(Invocation.java:359)
    at org.jboss.ejb.StatefulSessionContainer$ContainerInterceptor.invoke(St
    atefulSessionContainer.java:598)
    at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.
    java:168)
    at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invo
    ke(CachedConnectionInterceptor.java:158)
    at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invoke(State
    fulSessionInstanceInterceptor.java:333)
    at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidation
    Interceptor.java:63)
    at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInte
    rceptor.java:121)
    at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxIntercep
    torCMT.java:350)
    at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:1
    81)
    at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
    at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFacto
    ryFinderInterceptor.java:138)
    at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:6
    48)
    at org.jboss.ejb.Container.invoke(Container.java:960)
    at sun.reflect.GeneratedMethodAccessor128.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
    sorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatch
    er.java:155)
    at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
    at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
    at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.
    java:264)
    at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
    at org.jboss.invocation.unified.server.UnifiedInvoker.invoke(UnifiedInvo
    ker.java:231)
    at sun.reflect.GeneratedMethodAccessor137.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
    sorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatch
    er.java:155)
    at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
    at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
    at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.
    java:264)
    at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
    at javax.management.MBeanServerInvocationHandler.invoke(MBeanServerInvoc
    ationHandler.java:288)
    at $Proxy14.invoke(Unknown Source)
    at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:809)
    at org.jboss.remoting.transport.socket.ServerThread.processInvocation(Se
    rverThread.java:608)
    at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.j
    ava:420)
    at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.jav
    a:173)
    09:26:18,260 ERROR [ADAPTERS] Class/Method: tcADP/getClasses encounter some prob
    lems: {1}
    java.lang.NullPointerException
    at com.thortech.xl.dataobj.util.tcSortUtil.sortAscending(Unknown Source)
    at com.thortech.xl.dataobj.util.tcRemoteFileDiscovery.getClasses(Unknown
    Source)
    at com.thortech.xl.dataobj.tcADP.getClasses(Unknown Source)
    at com.thortech.xl.ejb.databeansimpl.tcADPBean.getClasses(Unknown Source
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
    java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
    sorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.jboss.invocation.Invocation.performCall(Invocation.java:359)
    at org.jboss.ejb.StatefulSessionContainer$ContainerInterceptor.invoke(St
    atefulSessionContainer.java:598)
    at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.
    java:168)
    at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invo
    ke(CachedConnectionInterceptor.java:158)
    at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invoke(State
    fulSessionInstanceInterceptor.java:333)
    at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidation
    Interceptor.java:63)
    at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInte
    rceptor.java:121)
    at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxIntercep
    torCMT.java:350)
    at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:1
    81)
    at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
    at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFacto
    ryFinderInterceptor.java:138)
    at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:6
    48)
    at org.jboss.ejb.Container.invoke(Container.java:960)
    at sun.reflect.GeneratedMethodAccessor128.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
    sorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatch
    er.java:155)
    at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
    at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
    at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.
    java:264)
    at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
    at org.jboss.invocation.unified.server.UnifiedInvoker.invoke(UnifiedInvo
    ker.java:231)
    at sun.reflect.GeneratedMethodAccessor137.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
    sorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatch
    er.java:155)
    at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
    at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
    at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.
    java:264)
    at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
    at javax.management.MBeanServerInvocationHandler.invoke(MBeanServerInvoc
    ationHandler.java:288)
    at $Proxy14.invoke(Unknown Source)
    at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:809)
    at org.jboss.remoting.transport.socket.ServerThread.processInvocation(Se
    rverThread.java:608)
    at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.j
    ava:420)
    at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.jav
    a:173)
    what could be the reason. do i need to make some adjustments in package or class name or it could be anything. i did as exactly above.

  • Delete user's groups from OID

    Hello,
    I did have a problem when I did delete user from OIM, this user didn't get deleted from OID. I solved this by adding this to the undo task for Create User in OID User PD. However, one additional problem remains - users group memberships doesn't get removed when user is deleted from OIM. From the log file I can see:
    DEBUG,19 Jun 2009 13:10:01,405,[XL_INTG.OID],OID:tcUtilLDAPOperations -> Parameter Variables passed are: pSearchBase = [cn=external,cn=users,dc=def,dc=star,dc=co,dc=us], pFilterExpression = [cn=cn=GROUPNAME,cn=XX,cn=Groups], pIsRelative = [false], pAttrNames = [null]
    DEBUG,19 Jun 2009 13:10:01,408,[XL_INTG.OID],tcUtilOIDUserOperations -> Returning with code:USER_DOESNOT_EXIST
    I think the problem is with pSearchBase -field values. Groups are not located in that LDAP-path and that's why it's returning USER_DOESNOT_EXIST. How I can tell to OIM where to look?
    Thanks!
    Or, maybe the problem is with "cn=cn=GROUPNAME". If so, where that extra "cn=" is coming from...?
    Edited by: Jakru on Jun 19, 2009 1:52 PM

    EDIT: didn't realize this was for CR.. my post was for boe.
    Hey Bernard,
    Here's what I do:
    select SI_NAME, SI_USERGROUPS from CI_SYSTEMOBJECTS where SI_NAME = 'xyz' and SI_PROGID = 'CrystalEnterprise.User'
    This will bring back the group ID's that user xyz is a member of.  The groups are in a nested property of SI_USERGROUPS, which I don't think you can query directly.  Once you have the ID's, however,  you can run another query to find out what the group names are.  Say the first query brought back three results, 123, 456 and 789.  Then you'd run:
    select SI_NAME from CI_SYSTEMOBJECTS where SI_ID = '123' or SI_ID = '456' or SI_ID = '789'
    Perhaps you could write some logic to parse the group ID's out of the first query and put them into the second query's where clause.
    HTH,
    Murray
    Edited by: Murray Hachey on Jul 18, 2008 3:17 PM

  • User provisioning problem from OIM 10g to Siebel CRM

    Hi Team,
    I am facing User provisioning problem from OIM 10g to Siebel CRM.Please find the log details.
    Running Get Attribute Mapping
    Running Siebel Create User
    <com.siebel.common.common.CSSException>
    <Error><ErrorCode>8716601</ErrorCode> <ErrMsg>Socket had incorrect word size: 0.(SBL-JCA-00313)</ErrMsg></Error>
    </com.siebel.common.common.CSSException>
            at com.siebel.om.conmgr.Connection.readPacket(Connection.java:550)
            at com.siebel.om.conmgr.Connection.run(Connection.java:286)
            at java.lang.Thread.run(Thread.java:619)
    [CMGR FATAL] Error: <com.siebel.common.common.CSSException>
    <Error><ErrorCode>8716601</ErrorCode> <ErrMsg>Socket had incorrect word size: 0.(SBL-JCA-00313)</ErrMsg></Error>
    </com.siebel.common.common.CSSException> connection:1
    <com.siebel.common.common.CSSException>
    <Error><ErrorCode>8716601</ErrorCode> <ErrMsg>Socket had incorrect word size: 0.(SBL-JCA-00313)</ErrMsg></Error>
    </com.siebel.common.common.CSSException>
            at com.siebel.om.conmgr.Connection.readPacket(Connection.java:550)
            at com.siebel.om.conmgr.Connection.run(Connection.java:286)
            at java.lang.Thread.run(Thread.java:619)
    [CMGR FATAL] Error: <com.siebel.common.common.CSSException>
    <Error><ErrorCode>8716601</ErrorCode> <ErrMsg>Socket had incorrect word size: 0.(SBL-JCA-00313)</ErrMsg></Error>
    </com.siebel.common.common.CSSException> connection:1ERROR,22 Aug 2013 12:58:27,689,[XL_INTG.SIEBEL],====================================================
    ERROR,22 Aug 2013 12:58:27,689,[XL_INTG.SIEBEL],com.thortech.xl.integration.siebel.utils.SiebelConnection : createSiebelConnection() :  Siebel Connection Exception:Could not open a session in 4 attempts. {1}(SBL-JCA-00200)
    ERROR,22 Aug 2013 12:58:27,689,[XL_INTG.SIEBEL],====================================================
    ERROR,22 Aug 2013 12:58:27,689,[XL_INTG.SIEBEL],====================================================
    ERROR,22 Aug 2013 12:58:27,689,[XL_INTG.SIEBEL],com.thortech.xl.integration.siebel.proxy.SiebelProxyEmployeeProvisionManager : createSiebelConnection() : BaseException: Siebel Connection JDB Exception: Could not open a session in 4 attempts. {1}(SBL-JCA-00200)
    ERROR,22 Aug 2013 12:58:27,689,[XL_INTG.SIEBEL],====================================================
    ERROR,22 Aug 2013 12:58:27,689,[XL_INTG.SIEBEL],====================================================
    ERROR,22 Aug 2013 12:58:27,689,[XL_INTG.SIEBEL],com.thortech.xl.integration.siebel.provision.SiebelUtilEmployeeProvisionManager : createEmployee() : BaseException: Siebel Connection JDB Exception: Could not open a session in 4 attempts. {1}(SBL-JCA-00200)
    ERROR,22 Aug 2013 12:58:27,689,[XL_INTG.SIEBEL],====================================================
    Regards,
    Ravi.

    Hi
    I facing the same error message as yours, using OIM 11g R2
    Are you able solve it ?
    Please share
    Many Thanks !!!

  • Problem in setting user end date from oim to account expiry date in AD process form

    Hi all,
    i am updating the user end date from oim to user account expiry date in ad process form using oim api.
    i am able to get the end date value from oim but when i am setting it using api it through exception but all other attribute i am able to update in process form.
    i am facing the problem only with end date field because of different date format in OIM and  AD .
    so please suggest me what are date format in Active Directory and how can i change the oim date format to Active directory time format in in my java code.

    Thanks for the reply.
    But all iplanet users need not contain end date attribute, and its an update on existing user.
    Can you please ellaborate more on Transformation class..?? example should be helpful.

  • Migrate users from FND_USER to OID

    We are planning to authenticate Oracle apps users against OID and have installed a 9iAS Portal 1.0.2.2.2 environment with 11.5.7 and OID for this purpose.
    We need to migrate user information (username and password as a minimum) from FND_USER to OID. Is there a recommended way of doing this? Can the encrypted password in FND_USER be moved directly across to OID?
    Any help much appreciated.

    If your source and target servers can have access to each other use dipassistant utility to migrate all users with passwords to new server.
    Use this article for details.
    http://www.oracle.com/technology/obe/obe_as_10g/im/ads_import/import.htm

  • How to hide users' (and roles and organization) list from a user in OIM

    Hi,
    Admin (xelsysadm) has created a user in OIM. Now if that user is logged in to OIM Self Service (http://<url>/identity), he can see other user in his organization, along with list of roles, role categories, organizations etc. I have requirement to hide all the administration links from end user. Right now, he only has "All Users" role, and doesn't have any admin role, but can see all these administration links. What do I need to do to hide these links from end user? Do need to remove "All Users" role, or assign any other role, or do something in entitlement or in access policy ??
    Thanks.

    Thanks Karthik for you reply. It helped a lot.
    Steps, just for reference...
    1). Create SandBox
    2). Activate
    3). Customze and view by source
    4). Select your link which you want to hide
    5). Edit Visible properties and use #{oimcontext.currentUser.roles['SYSTEM ADMINISTRATORS'] != null}
    6). Save
    7). Publish
    8). Test
    Edited by: 966405 on Feb 20, 2013 3:50 PM

  • How to call OID delete user process task from AD process definition

    Hi All,
    I wanted to call OID delete user process task from AD process def. I have created a process task in AD Process def which will be integrated with OID Delete User adapter. How can i map OID related attributes to the adapter api?
    Expected inputs for OID delete api :
    root DN
    orgDN
    admin pwd
    server
    attr lookupcode
    XLOrgFlag
    sProcessInsKey
    UserID
    PDataOrg
    port
    AdminID
    SSLFlag
    here i cannot map some like : sProcessInsKey
    any pointers would be appreciated.
    Regards,
    Ashok

    OID delete user process task from AD process defWhy don't use call Revoke Resource API ?
    http://otndnld.oracle.co.jp/document/products/id_mgmt/idm_904/doc_cd/javadocs/operations/Thor/API/Operations/tcUserOperationsIntf.html#revokeObject%28long,%20long%29
    Use getObject API
    Iterate through resultset.
    If RONAME == OID User then call revokeObject

  • Unlocking OID User Through OIM

    Hi all,
    I am testing an OID User Process task in OIM which can be run on a user's OIM account and unlock a locked user in OID
    However, I am getting the following error after executing the task:
    ERROR 11:54:51,375, RMICallHandler-113 XL_INTG.OID - ====================================================
    ERROR 11:54:51,376, RMICallHandler-113 XL_INTG.OID - ERROR in OID:com.thortech.xl.integration.OID.util.tcUtilLDAPOperations:modifyAttributesReplace(S,A) NamingExceptionUnable to add attributes of the object
    ERROR 11:54:51,376, RMICallHandler-113 XL_INTG.OID - ====================================================
    ERROR 11:54:51,376, RMICallHandler-113 XL_INTG.OID - ====================================================
    ERROR 11:54:51,376, RMICallHandler-113 XL_INTG.OID - [LDAP: error code 53 - Account Policy Error :9051: GSL_ACCOUNTUNLOCK_EXCP : Only Modify-add allowed on orclpwdaccountunlock attribute. Modify-delete and Modify-replace are not allowed.
    ERROR 11:54:51,376, RMICallHandler-113 XL_INTG.OID - ====================================================
    ERROR 11:54:51,377, RMICallHandler-113 XL_INTG.OID - ====================================================
    ERROR 11:54:51,377, RMICallHandler-113 XL_INTG.OID - ERROR in com.thortech.xl.integration.OID.tcUtilOIDUserOperations:modifyUser(S,S,S,S) NamingExceptionError while connecting to target
    ERROR 11:54:51,377, RMICallHandler-113 XL_INTG.OID - ====================================================
    ERROR 11:54:51,377, RMICallHandler-113 XL_INTG.OID - ====================================================
    ERROR 11:54:51,377, RMICallHandler-113 XL_INTG.OID - com.thortech.xl.integration.OID.util.tcUtilLDAPOperationsNamingException[LDAP: error code 53 - Account Policy Error :9051: GSL_ACCOUNTUNLOCK_EXCP : Only Modify-add allowed on orclpwdaccountunlock attribute. Modify-delete and Modify-replace are not allowed.
    ERROR 11:54:51,378, RMICallHandler-113 XL_INTG.OID - ====================================================
    ERROR 11:54:51,378, RMICallHandler-113 XL_INTG.OID - ====================================================
    ERROR 11:54:51,378, RMICallHandler-113 XL_INTG.OID - com.thortech.xl.integration.OID.util.tcUtilLDAPOperationsNamingException[LDAP: error code 53 - Account Policy Error :9051: GSL_ACCOUNTUNLOCK_EXCP : Only Modify-add allowed on orclpwdaccountunlock attribute. Modify-delete and Modify-replace are not allowed.
    ERROR 11:54:51,378, RMICallHandler-113 XL_INTG.OID - ====================================================
    DEBUG 11:54:51,378, RMICallHandler-113 XL_INTG.OID - com.thortech.xl.integration.OID.tcUtilOIDUserOperations:modifyUser(S,S,S,S) Returning with code: INVALID_NAMING_ERROR
    I am using the adapter adpOIDMODIFYUSER to update the orclpwdaccountunlock attribute to 1.
    Not sure if this is a correct method. Any ideas would be appreciated :)

    Bbagaria: OIDDAS is not enabled in our environment. However, I can unlock the user in OID using ldapmodify
    ldapmodify -p 636 -h **** -D "cn=orcladmin" -w *** -v -f /home/oracle/unlock.ldif
    dn: cn=JENZO,ou=***,dc=***,dc=***,dc=***
    changetype: modify
    add: orclpwdaccountunlock
    orclpwdaccountunlock: 1
    Rajiv: I did try that. Same results unfortunately.

  • Select user from dual with oid + oss ?

    Implementing a solution for global user administration, authentication and application schema mapping, will it break the simple but efficient possibility to do a 'select user from dual' ?
    If it is possible which value will we get, a global user identifier from the directory or something else ?
    Thanks in advance for your help

    Actually we authenticate user using internal database users. Each user depending on his enterprise role will have a set of synonyms deployed to map the application schema. It is complex to handle a large set of users schema. With OSS it seem to be possible to authenticate user using an external LDAP directory (OID) and to map this user to an application schema switch user's enterprise role.
    But I want to evaluate the impact of deployeing such solution, because our application use some 'select user from dual' single query to track user activity in some manner (this can be done using triggers or pl/sql api that do this job). If it is possible to have an unique user identifier in the database session context, even using external authentication and schema mapping of OSS we'll have less impact on the application. Else we'll have to change some API signatures to handle this user identifier.
    Context is :
    - use LDAP external functionalities provided with OSS to increase user management at an enterprise level ... single sign-on is our goal ,-)
    - use schema mapping to reduce our complexity of schema management. One schema foreach role rather than one schema per user.
    So, will we be able to individually know which user have the session in the database, rather than the shared schema name. If it is possible, the impact on our application will be really minor ...
    Thanks in advance for your help. If someone who read this lines have such system deployed and can try the 'select user from dual', I'll be glad on the answer that the database will give ,-)

  • Determining where a user is coming from

    I was wondering if there is anyway (through a RequestContext maybe?)
    that I can determine where a user is coming from in terms of the
    JSP/ViewBean he/she was at.
    So for example, if I'm on the Login page of my app and there's an
    associated LoginViewBean, when the user clicks 'login', he will go to
    the application's homepage (as long as he's a valid user). What I need
    to do is determine from my homepage ViewBean, where the user just
    came from. In this case I would like to obtain an object representing
    the LoginViewBean. Is there a hook into the S1AF to get this kind of
    information?
    Thanks

    Throwable t = new Throwable()
    t.fillInStackTrace();
    StackTraceElement[]      st = t.getStackTrace();
    System.out.println( st[st.length-1].getMethodName() );??

  • How can I set OIM password policy for OID Users.

    Hi,
    For me the target resourec is OID. When I create users in OIM, they get provisioned to OID. Their password also gets stored in OID.
    Now, I have a password policy in OIM. In that policy, the password exipration day is set to 28 days. After 28 days, the user's password will expire in OIM. Is there any way that password will also expire in OID too, so that user will not be able to login in OID?
    Thanks in advance.

    You need to do the following.
    1. Find the attribute in OID that determines the disable date.
    2. Add a field to your provisioning process definition form.
    3. Using a pre-populate adapter, use an input of your oim user account expiration date, and convert that to the format OID uses.
    4. Update your lookup for provisioning attributes to include this new field to map the field name to the OID attribute.
    5. Create an "Updated" task for this field so that when it gets changed, the new value is pushed to OID.
    6. Create a user form trigger value for the field that maps to the oim user account expiration field. For this trigger, add a task to your oid provisioning process that does the same tasks as your pre-populate adapter to determine the new date value and pass it to the field on the process form.
    Now when the OIM expiration date changes, this value will be passed to OID, and also when the account is first created.
    Does this work for you?
    -Kevin

  • Can I get signature for my creation as harmless flash from any where?

    I have created some flash buttons for my page. That buttons
    linked to some java script like
    “javascript:myfunction(‘xxx’);” This link
    is working only on IE6. But on browser (Firefox) it show a message
    like
    “Abode Flash Player has stopped a potentially unsafe
    operation
    The following local application on your computer or network:
    D:\myFlash.swf
    Is trying to communicate with this Internet-enabled location:
    D:\myFile.htm”
    How can I create flash button that can run
    On any PC with out this interruption on any browser?
    I know it is a security problem. But can I get signature for
    my creation as harmless flash from any where?

    no sorry

Maybe you are looking for

  • My iPod Is disable and it's said connect to iTunes but it won't let me connect . It keep saying pass code error.

    My iPod saids disable please connect to iTunes . When I plug it in it said pass code error and it won't let me go in iTunes ! Help please .

  • Is there a dvorak keyboard option rather than just a QWERTY keyboard?

    So I've been recently trying out the dvorak keyboard settings since i've heard that its faster and easier to type. I wanted to see if the itouch has it but was disappointed to see that it does not. I've also got the 3.0 software and it doesn't have i

  • Need help about portal server

    hi, i'm new to java. and i installed java enterprise server on windows xp. the installation was successful ..but i can't login to portal server using the admin console username/password ? ....how do i set the password for the portal server ? ....and

  • Stereo graphics

    I have a situation where I need to swap the right/left eyes due to the Focus stereo projector buffering during AD conversion. On the PC this is straight forward by clicking a box in the graphics driver, not sure what can be done on the Mac. Is there

  • Graph de surface 3D

    Bonjour, j'ai un tableau 2D que j'aimerais afficher : 1. sous forme de graph d'intensité : fait, facile (juste à rentrer le tableau 2D dans le VI) 2. sous forme de graph de surface 3D (et là j'ai besoin de vecteur X, vecteur Y, et matrice Z de mon ta