Deprovisioning RACF through OIM

We need to deprovision the user automatically from OIM to RACF. We have RACF connector installed and configured, however where do we provide the 'master RACF account' to disable the user during reconcilation process.
Thanks,

Disable user during RECONCILIATION ?

Similar Messages

  • Connecting RACF through OIM

    I tried connecting RACF through the IT Resource PArameters and used the below code to connect
    IdfLdapOperations racfLdapOps;
    racfLdapOps =new IdfLdapOperations (idfServerHost, idfServerPort, idfRootContext, idfPrincipalDn, idfPrincipalPassword)
    racfLdapOps.setLdapConnection()
    While connecting , I am getting the below error
    com.identityforge.util.IdfInvalidConnectionException: IdfLdapOperations -> Null Arguments passed for connection variables
    at com.identityforge.util.IdfLdapOperations.setLdapConnection(IdfLdapOperations.java:298)
    Does it need idfContainerContext to be passed in ?
    If so, How do I get the idfContainerContext in order to connect
    Please advice ASAP

    All IT Resource Parameters are printing. The problem is with setLdapConnection() method.
    [COM.IDENTITYFORGE.UTIL.IDFLDAPOPERATIONS] IdfLdapOperations -> ~~~~~~~~~~Entering setLdapConnection(s)~~~~~~~~~~
    [COM.IDENTITYFORGE.UTIL.IDFLDAPOPERATIONS] IdfLdapOperations -> Parameter Variables passed are: pContainerContext = []
    COM.IDENTITYFORGE.UTIL.IDFLDAPOPERATIONS] IdfLdapOperations -> Null Arguments passed for connection variables
    It is expecting idfContainerContext to be passed as argument
    I dont know how to get that idfContainerContext parameter
    Please help

  • UNIX script invocation by passing parameters through  OIM

    According to our requirement, we need to pass parameters (say userid) through OIM 11g R2 to a script and then execute the script for user deprovisioning/deletion in a target m/c
    Please let us know how much feasible is it to use UNIX OOTB connectors to pass parameters and execute the scripts ?
    Any idea is appreciated.
    Thanks

    Yes, you put a line in the script that looks like this:java classname parameter1 parameter2 parameter3 ...Then the JVM will call the static main(String[] args) method of "classname" and put those parameters into the "args" array.
    If you are asking how to generate such a script, or how to call it from your COBOL program, sorry, I don't know how to do that.

  • Enabling a User through OIM API

    Hi I am trying to enable a user through OIM API, However the end date is already passed for that user, I am setting up a new end date through the Program (showm below). However the update user is not working (i am not sure).
    Map usermap = new HashMap();
    usermap.put("Users.User ID", User_id );
    Map grpmap = new HashMap();
    grpmap.put("Groups.Group Name", Group_Name);
    tcResultSet ts = userClient.findUsers(usermap); //find all users
    String existing_end_date = ts.getStringValue("Users.End Date");
    tcResultSet tg = groupClient.findGroups(grpmap); //find requireq group
    long ukey = ts.getLongValue("Users.Key");
    long gkey = tg.getLongValue("Groups.Key"); //find group key
    // ENABLE THE USER
    java.util.Date new_end_date = new java.util.Date(111,1,1);
    Calendar cal = Calendar.getInstance();
    cal.setTime(new_end_date);
    DateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss");
    String Str1 = dateFormat.format(cal.getTime());
    String Str2 = existing_end_date + " 12:00:00";
    System.out.println(User_id+" OLD End Date:" + Str2 + " New End Date: " + Str1);
    Map usermap2 = new HashMap();
    usermap2.put("Users.User ID", User_id );
    usermap2.put("Users.End Date", Str1);
    userClient.updateUser(ts,usermap2);
    userClient.enableUser(ukey);
    I am getting the following error:
    U0000018 OLD End Date:2009-09-30 12:00:00 New End Date: 2011-02-01 12:00:00
    2/12/2010 15:02:53 oracle.j2ee.rmi.RMIMessages EXCEPTION_ORIGINATES_FROM_THE_REMOTE_SERVER
    WARNING: Exception returned by remote server: {0}
    Thor.API.Exceptions.tcAPIException: The user cannot be enabled because the end date is passed.
    Not sure why it is happening. It looks like the Updateuser is not working, or something else?
    Please advise. Thanks in advance.

    Hi Suren,
    thanks for the note.
    I found that as soon as I enable the user, I am getting the followimg messages in the opmn logs:
    INFO,06 Dec 2010 10:55:41,841,[XELLERATE.JAVACLIENT],System Event Handler: Validating Organization for an User.
    INFO,06 Dec 2010 10:55:41,944,[XELLERATE.JAVACLIENT],System Event Handler: Triggering Processes related to User.
    INFO,06 Dec 2010 10:55:42,402,[XELLERATE.JAVACLIENT],System Event Handler: Enabling the User
    INFO,06 Dec 2010 10:55:42,421,[XELLERATE.JAVACLIENT],System Event Handler: Validating Organization for an User.
    INFO,06 Dec 2010 10:55:42,427,[XELLERATE.JAVACLIENT],System Event Handler: Triggering Processes related to User.
    INFO,06 Dec 2010 10:55:42,439,[XELLERATE.JAVACLIENT],System Event Handler: Changing application data based on Organization change.
    INFO,06 Dec 2010 10:55:42,442,[XELLERATE.JAVACLIENT],System Event Handler: Auto-Group Membership Event.
    INFO,06 Dec 2010 10:55:43,715,[XELLERATE.JAVACLIENT],System Event Handler: Evaluating User Policies
    So, the access policies are getting evaluated, triggering provisioning processes.
    What I am planning to do is, to disable the access policies and try to run the Program.
    Because of this issue, my Program is throwing an error (until I looked into the opmn logs, it doesn't make sense).
    6/12/2010 10:55:50 oracle.j2ee.rmi.RMIMessages EXCEPTION_ORIGINATES_FROM_THE_REMOTE_SERVER
    WARNING: Exception returned by remote server: {0}
    Thor.API.Exceptions.tcAPIException: Error occurred enabling Xellerate User instance.
    Regards
    Vijay Chinnasamy

  • How to lock the AD Account through OIM

    Hi.
    I am provisioning AD through OIM 11g using the AD Connector. I have done the create user, modified user provisioning through OIM in AD successfully without any issue.
    I would like to lock the OIM account and also lock the respective target accounts when OIM account is locked.
    I have done the following task to lock the account in OIM and also in AD through OIM. They are
    Process Definition Task
    I have created the Change Account Status task in process definition.
    This task will populate the OIM Account lock status value to the AD Account is Locked out field in the ADUSER form using the OIM API. The same API is working for all First Name, Last Name etc modification without any issue.
    Lookup Definition
    I have added the following entry in the Lookup.USR_PROCESS_TRIGGERS Lookup Definition
    Code Key : USR_LOCKED and Decode : Change Account Status
    OIM Admin Console
    I have logged into the OIM admin Console as a Administrator and I have search the user and click the Lock Account button. The OIM Account is locked , but target resource account was not locked and also Change Account Status task was not triggered by OIM.
    Do i need to do any special configuration for account lock for the target resource.
    Help is greatly appreciated.

    In your System Configuration variables, find the value for "XLUserResource.ProvisionMode". Make sure this is set to Java and not DB.
    >
    This property determines whether provisioning of the Xellerate User resource to the user's organization occurs in the database layer through stored procedure, or in the Java layer via Event Handlers.
    Note: See Oracle Fusion Middleware Developer's Guide for Oracle Identity Manager for information about Event Handlers.
    This property has the following allowed values:
    DB: Provisioning of the Xellerate User resource to the user's organization occurs in the database layer through stored procedure. This in turn does not trigger any further process. Therefore, custom tasks associated with the Xellerate User provisioning process that is associated with the Xellerate User resource does take place.
    Java: Provisioning of the Xellerate User resource to the user's organization occurs in the database layer via Event Handlers. Custom tasks associated with the Xellerate User provisioning process that is associated with the Xellerate User resource takes place. This is applicable to the upgrade scenario, where you have your own tasks associated with provisioning processes in earlier releases of Oracle Identity Manager, and you want them to run even after 11g upgrade. In such scenario, set the value of this property value to JAVA.
    >
    -Kevin

  • Not able to create Organizations & Groups through OIM in OID.

    Hi,
    I am trying to create organizations and groups in OID through OIM. The steps are:
    1. Organizations-->create-->name=test, parentorg=null,type=company-->create organization.
    2. Drop down-->resource profile-->provision new resource-->OID organisation unit-->continue-->IT Serve=OID IT Resource-->continue
    3. The create ou task is getting rejected with error as "Response: Invalid Naming Error
    Response Description: Naming exception encountered "
    Please help.

    See the process form what it displayed. I think values are not getting populated properly in process form.

  • Managing 100s UNIX servers through OIM using LDAP,

    Hi Experts,
    I have requirement where as 100s UNIX servers need to manage through OIM using LDAP,
    Pls guide me how to implementing this through LDAP is best solution,
    Thanks.

    Take a look at:
    http://www.oracle.com/technology/products/oid/oracleauthenticationservices.html
    Oracle Authentication Services for Operating Systems

  • Ldap Sync: User is not able to create in Active Directory through OIM

    Hi ,
    I have enabled the ldap sync between OIM and Active Directory.
    Option 1: with password
    While creating the new user in OIM , I am getting the below error .
    80eeb34d89d5ed80:18bc05bb:1403be9d7e6:-8000-000000000008f710,0] [APP: oim#11.1.2.0.0] Could not modify entry.[[
    javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A120C, problem 5003 (WILL_NOT_PERFORM), data 0
    remaining name 'cn=ADTESTLDAp10F ADTESTLDAp10LL,cn=Users,dc=cgtest,dc=adtest,dc=com'
      at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3140)
      at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013)
      at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820)
      at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1458)
      at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:255)
      at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:172)
      at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:153)
      at oracle.ods.virtualization.engine.backend.jndi.ConnectionHandle.modify(ConnectionHandle.java:301)
      at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.modify(BackendJNDI.java:781)
    [2013-08-04T17:06:58.840-07:00] [oim_server1] [ERROR] [OVD-60600] [oracle.ods.virtualization.engine.util.ADUtilities] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 80eeb34d89d5ed80:18bc05bb:1403be9d7e6:-8000-000000000008f710,0] [APP: oim#11.1.2.0.0] Cannot set password : LDAP Error 53 : [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A120C, problem 5003 (WILL_NOT_PERFORM), data 0[[
    Looks like password is not able to set properly. But I am able to create the same user in AD using the same password.
    Option 1: without password
    Another testing, I have also tried to create user without password.  There is no error coming to log file. and I am able to see the below message in log file
    oracle.iam.ldapsync.impl.eventhandlers.user.UserCreateLDAPPreProcessHandler] [APP: oim#11.1.2.0.0] [SRC_METHOD: createUser] User created in LDAP with GUID 9dc8f6f4b8564216a5d75d86f7cad0a2
    But user is not created in AD . this is another issue.
    Thanks,
    Amit

    Thanks for your reply.
    I have seen sample xml and my target looks the same
    <wlserver dir="${weblogic.domain.dir}"
                             port="${weblogic.domain.admin.server.port}"
                             servername="${weblogic.domain.admin.server.name}"
                             username="${weblogic.domain.admin.user}"
                             domainname="${weblogic.domain.name}"
                             password="${weblogic.domain.admin.password}"
                             configFile="config.xml"
                             generateConfig="true"
                             action="start"
                             beahome="${env.BEA_HOME}"/>
    my requirement is to use ant task.. otherwise I am able to create through configuration wizard
    Thanks

  • Problem with provisioning to particular OU in OID through OIM

    Hi,
    Please go through the following issue and suggest.
    I have integrated OIM with OID for provisioning purpose through OID connector.Iam prepopulating OU structure in the "Container DN" field in the process form of OID through an adapter.
    For example : "ou=BG,o=shipper,dc=xoserve,dc=com" is the Container DN iam prepopulating in OID process form and the user is getting provisioned to OID within the same structure(That structure already exists in OID).
    But when I dont have an "ou" in OID, suppose if i want to provision the user to something like "o=Network,dc=xoserve,dc=com"(note this one dont have ou),iam prepopulating "o=Network,dc=xoserve,dc=com" in the process form but iam not able to provision the user.In the console iam seeing the error like
    *"ERROR,18 Feb 2010 10:58:15,343,[XL_INTG.OID],com.thortech.xl.integration.OID.tcU*
    *tilOIDUserOperationscom.thortech.xl.integration.OID.util.tcUtilLDAPOperations: N*
    *amingException :Unable to search LDAP. Check the following values and try again:*
    *Base Search detail: ou=Network,dc=xoserve,dc=com, filter expression is cn=H*
    *ELLO567"*
    My "o=Network" is being sent as "ou=Network"(overwtitten) from process form to OID and as a result it is not able to find that structure in OID.
    Plzzzz help....

    Hi Chavi / OIMLearner,
    I have tried that and it works fine. But all my DNs are not of same structure. Some are like "cn=userid,ou=abc,o=cde,dc=fgh,dc=com" and some are like "cn=userid,o=cde,dc=fgh,dc=com" and there comes the problem.The value of ldapOrgDNprefix is overwriting my DN which is generated perfectly through my adapter.
    I dont want that Lookup.OID.Configuration to overwrite my DN.Pls suggest...

  • Expire password in OID through OIM.

    I have password policy set in OIM which has one clause that after 28 days password will expire. I have integrated OID with OIM.
    I want that as soon as password expires in OIM, password for that user will automaticaly expire in OID also [without seting any password policy at OID].
    Plz reply soon.

    Create an entity adapter and attach it on update to the USR form.
    In the adapter check what update it is and if a "expire password" fire of a task that goes out to the OID and sets the "password expire" flag.
    It was a couple of years since I worked with the OID connector but I quickly checked the task list in the docs and it looks like you have to build your own JNDI based connector. I have some code that could easily be adapted for this purpose. Contact me through LinkedIn if you want it.
    Hope this helps
    /Martin

  • AD Task rejected during Provisioning in AD through OIM 11g

    Hi,
    While provisioning a OIM user into AD, AD ID got created but there was one task called "Get Object GUID Created" was rejected. Below is the error message we are receiving.
    "cn=i696801Doesn't Exist:[LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_O" does not correspond to a known Response Code. Using "UNKNOWN".
    Do you have any idea on this.
    Thanks                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           

    This question is now been fixed.
    Instead of explicitly stating 636 for SSL,
    Use the same port 389 for ssl and also configured oim port to be 140001 which is the ssl port for oim in the configuration of OIM Password Sync.
    Export Certificates from AD to java security keystore and to weblogic keystore
    Export .pem certificate created on OIM host machine to AD.
    Restart weblogic, oim and AD
    Everything would work fine.
    For all the other information, refer to doc.
    Thanks

  • Reconciliation of users from RACF throgh OIM 9.1

    Getting the following error while trying to execute the run_initial_recon_provisioning.bat for reconcile the users from RACF.
    Using JAVA_HOME: "D:\java\jdk1.6.0_14"
    ECHO is off.
    D:\ldapgateway\dist\idfserver.jar;./racf-adv-initial-recon.jar;"D:\oracle\xellerate\9101\xellerate"\ext\commons-logging.jar;"D:\orac
    le\xellerate\9101\xellerate"\ext\javagroups-all.jar;"D:\oracle\xellerate\9101\xellerate"\ext\oscache.jar;"D:\oimclient\xlclient"\ext
    \log4j.jar;"D:\oimclient\xlclient"\lib\wlXLSecurityProviders.jar;"D:\oimclient\xlclient"\lib\xlAdapterUtilities.jar;"D:\oimclient\xl
    client"\lib\xlAPI.jar;"D:\oimclient\xlclient"\lib\xlAuditor.jar;"D:\oimclient\xlclient"\lib\xlAuthentication.jar;"D:\oimclient\xlcli
    ent"\lib\xlCache.jar;"D:\oimclient\xlclient"\lib\xlCrypto.jar;"D:\oimclient\xlclient"\lib\xlDataObjectBeans.jar;"D:\oimclient\xlclie
    nt"\lib\xlDataObjects.jar;"D:\oimclient\xlclient"\lib\xlLogger.jar;"D:\oimclient\xlclient"\lib\xlUtils.jar;"D:\oimclient\xlclient"\l
    ib\xlVO.jar;"D:\jboss\jboss-4.2.3.GA"\server\default\lib\jboss-j2ee.jar;"D:\jboss\jboss-4.2.3.GA"\server\default\lib\jbosssx.jar;"D:
    \jboss\jboss-4.2.3.GA"\lib\getopt.jar;"D:\jboss\jboss-4.2.3.GA"\lib\gnu-regexp.jar;"D:\jboss\jboss-4.2.3.GA"\client\jts.jar;"D:\jbos
    s\jboss-4.2.3.GA"\client\jbossall-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\concurrent.jar;"D:\jboss\jboss-4.2.3.GA"\client\jacorb
    .jar;"D:\jboss\jboss-4.2.3.GA"\client\jboss-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\jboss-common-client.jar;"D:\jboss\jboss-4.2.
    3.GA"\client\jbosscx-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\jbossha-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\jboss-iiop-clie
    nt.jar;"D:\jboss\jboss-4.2.3.GA"\client\jbossjmx-ant.jar;"D:\jboss\jboss-4.2.3.GA"\client\jboss-jsr77-client.jar;"D:\jboss\jboss-4.2
    .3.GA"\client\jbosssx-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\jboss-system-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\jboss-tra
    nsaction-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\jmx-invoker-adapter-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\jnp-client.jar
    java.lang.NullPointerException
    at java.util.Hashtable.put(Hashtable.java:394)
    at com.thortech.xl.racf.initial.recon.RacfAdvInitialReconAdapterImpl.init(RacfAdvInitialReconAdapterImpl.java:276)
    at com.thortech.xl.racf.initial.recon.RacfAdvInitialReconAdapterImpl.main(RacfAdvInitialReconAdapterImpl.java:77)
    Apr 6, 2011 5:09:42 AM com.thortech.xl.racf.initial.recon.RacfAdvInitialLogger error
    SEVERE: Unexpected Error!java.lang.NullPointerException
    Press any key to continue
    The following is the log info from 'racf-adv-initial-recon.log.0' log file
    Apr 6, 2011 5:16:15 AM RacfAdvInitialReconAdapterImpl main(String[])
    FINER: ENTRY
    Apr 6, 2011 5:16:15 AM RacfAdvInitialReconAdapterImpl init()
    FINER: ENTRY
    Apr 6, 2011 5:16:15 AM RacfAgentXLFactory init()
    FINER: ENTRY
    Apr 6, 2011 5:16:16 AM com.thortech.xl.racf.initial.recon.RacfAdvInitialLogger fine
    FINE: Utility Factory: Thor.API.tcUtilityFactory@a9ae05
    Apr 6, 2011 5:16:16 AM RacfAgentXLFactory init()
    FINER: RETURN
    Apr 6, 2011 5:16:16 AM com.thortech.xl.racf.initial.recon.RacfAdvInitialLogger error
    SEVERE: Unexpected Error!java.lang.NullPointerException
    Please help me to soleve this error.
    Thanks in Advance

    Getting the following error while trying to execute the run_initial_recon_provisioning.bat for reconcile the users from RACF.
    Using JAVA_HOME: "D:\java\jdk1.6.0_14"
    ECHO is off.
    D:\ldapgateway\dist\idfserver.jar;./racf-adv-initial-recon.jar;"D:\oracle\xellerate\9101\xellerate"\ext\commons-logging.jar;"D:\orac
    le\xellerate\9101\xellerate"\ext\javagroups-all.jar;"D:\oracle\xellerate\9101\xellerate"\ext\oscache.jar;"D:\oimclient\xlclient"\ext
    \log4j.jar;"D:\oimclient\xlclient"\lib\wlXLSecurityProviders.jar;"D:\oimclient\xlclient"\lib\xlAdapterUtilities.jar;"D:\oimclient\xl
    client"\lib\xlAPI.jar;"D:\oimclient\xlclient"\lib\xlAuditor.jar;"D:\oimclient\xlclient"\lib\xlAuthentication.jar;"D:\oimclient\xlcli
    ent"\lib\xlCache.jar;"D:\oimclient\xlclient"\lib\xlCrypto.jar;"D:\oimclient\xlclient"\lib\xlDataObjectBeans.jar;"D:\oimclient\xlclie
    nt"\lib\xlDataObjects.jar;"D:\oimclient\xlclient"\lib\xlLogger.jar;"D:\oimclient\xlclient"\lib\xlUtils.jar;"D:\oimclient\xlclient"\l
    ib\xlVO.jar;"D:\jboss\jboss-4.2.3.GA"\server\default\lib\jboss-j2ee.jar;"D:\jboss\jboss-4.2.3.GA"\server\default\lib\jbosssx.jar;"D:
    \jboss\jboss-4.2.3.GA"\lib\getopt.jar;"D:\jboss\jboss-4.2.3.GA"\lib\gnu-regexp.jar;"D:\jboss\jboss-4.2.3.GA"\client\jts.jar;"D:\jbos
    s\jboss-4.2.3.GA"\client\jbossall-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\concurrent.jar;"D:\jboss\jboss-4.2.3.GA"\client\jacorb
    .jar;"D:\jboss\jboss-4.2.3.GA"\client\jboss-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\jboss-common-client.jar;"D:\jboss\jboss-4.2.
    3.GA"\client\jbosscx-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\jbossha-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\jboss-iiop-clie
    nt.jar;"D:\jboss\jboss-4.2.3.GA"\client\jbossjmx-ant.jar;"D:\jboss\jboss-4.2.3.GA"\client\jboss-jsr77-client.jar;"D:\jboss\jboss-4.2
    .3.GA"\client\jbosssx-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\jboss-system-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\jboss-tra
    nsaction-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\jmx-invoker-adapter-client.jar;"D:\jboss\jboss-4.2.3.GA"\client\jnp-client.jar
    java.lang.NullPointerException
    at java.util.Hashtable.put(Hashtable.java:394)
    at com.thortech.xl.racf.initial.recon.RacfAdvInitialReconAdapterImpl.init(RacfAdvInitialReconAdapterImpl.java:276)
    at com.thortech.xl.racf.initial.recon.RacfAdvInitialReconAdapterImpl.main(RacfAdvInitialReconAdapterImpl.java:77)
    Apr 6, 2011 5:09:42 AM com.thortech.xl.racf.initial.recon.RacfAdvInitialLogger error
    SEVERE: Unexpected Error!java.lang.NullPointerException
    Press any key to continue
    The following is the log info from 'racf-adv-initial-recon.log.0' log file
    Apr 6, 2011 5:16:15 AM RacfAdvInitialReconAdapterImpl main(String[])
    FINER: ENTRY
    Apr 6, 2011 5:16:15 AM RacfAdvInitialReconAdapterImpl init()
    FINER: ENTRY
    Apr 6, 2011 5:16:15 AM RacfAgentXLFactory init()
    FINER: ENTRY
    Apr 6, 2011 5:16:16 AM com.thortech.xl.racf.initial.recon.RacfAdvInitialLogger fine
    FINE: Utility Factory: Thor.API.tcUtilityFactory@a9ae05
    Apr 6, 2011 5:16:16 AM RacfAgentXLFactory init()
    FINER: RETURN
    Apr 6, 2011 5:16:16 AM com.thortech.xl.racf.initial.recon.RacfAdvInitialLogger error
    SEVERE: Unexpected Error!java.lang.NullPointerException
    Please help me to soleve this error.
    Thanks in Advance

  • Unable to remove manager field in AD through OIM 9.1

    Hi,
    I am trying to remove the manager of a user in the AD Profile without changing the Manager ID in the OIM Profile. I am getting the below error when I try to modify the attribute manager by replacing it with a null string.
    LDAP: error code 21 - 00000057: LdapErr: DSID-OC090B8A, comment: Error in attribute conversion operation, data 0, v1db1)
    I am getting the same error even if I am trying to change the manager field in AD without changing the manager field in OIM.
    I am trying with the below code;
    BasicAttributes at = new BasicAttributes();
    at.put("manager","");
    context.modifyAttribute(UserDN,2,at);
    What could possibly be the reason for this error? Please help guys.
    Edited by: User_OIM on Dec 27, 2012 7:06 PM

    Check if below works for you
    +// Specify the changes to make+
    ModificationItem[] mods = new ModificationItem[1];
    +// Remove the "manager" attribute+
    mods[2] = new ModificationItem(DirContext.REMOVE_ATTRIBUTE,
    new BasicAttribute("manager"));
    +// Perform the requested modifications on the named object+
    context.modifyAttributes(UserDN, mods);

  • How to create a Connection to UDB Database through OIM APIs.?

    Hi,
    In our OIM (9.1.0.2) implementation, there is a need to connect to a UDB database to execute some select queries and get the data. Is there any way in which I can do this?
    I tried creating an ITResource to have all static database related information, but I was not able to use that ITResource and create an actual database connection in the java code.
    As far as possible, I don't want to use any JDBC code to create the connection but want to know if there are any inbuilt OIM APIs which can help me in creating a database connection to point to the UDB database.
    (We don't have the DBUM connector deployed.)
    Please get back with your views/info on this.
    Thanks,
    Kulesh...

    Here is a constructor code for connecting to a database:
         public DatabaseConnection(String hostname, String port, String driver, String sid, String admin, String password) throws ClassNotFoundException, SQLException{
              log.info(CLASS_NAME + " -----> inputs=hostname[" + hostname +
                        "]port[" + port +
                        "]driver[" + driver +
                        "]sid[" + sid +
                        "]admin[" + admin +
                        "]password[********]");
              Properties connectionProps=new Properties();
         connectionProps.setProperty("user", admin);
         connectionProps.setProperty("password", password);     
         String url = "jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=" + hostname +
              ")(PORT=" + port +
              "))(CONNECT_DATA=(SID=" + sid + ")))";
         Class.forName(driver);
              con = null;     
         con = DriverManager.getConnection(url, connectionProps);
    If you want to use SSL, you will want to configure tcps for jdbc connection to the database, or any other form of connection and update your URL string for it.
    -Kevin

  • How to create a home dirve through OIM

    How to create a sharedfolder at the time of user provisioned to AD.pls let me know any one done this.Its very argent...I am new to this.
    Thanks in advance.
    Edited by: 790561 on 8/08/2011 15:44

    Most likely you'd need to use powershell to create the home directory, which also means using java to initialize a vb script like the current terminal services functionality. You'll need to setup a remote manager to run the code on a windows box if you installed on a linux box.
    So to sum it up, you'll write your code to run the vbscript that runs the powershell. Deploy to target machine and oim and use a remote manager to run the code. Attach your adapter to a new process task that is triggered when you complete the AD provisionng.
    -Kevin

Maybe you are looking for

  • Select a range of files to delete

    How can I select a range of files to delete?  I have ten files I want to delete.  Do I have to select each one individually?

  • Waas: problems with peers identification

    good days all. we have got a problems with peers' identification in waas solution. topology: 1 central-manager and 2 nme-502, both nme located in different location and subnets, and both see each other (pings are available from nme to nme). Version o

  • OAS 4.0.8.1 on Windows NT

    Hello All! I have some problems with JServlet Cartrige confuguration. When I am trying to edit MyApplication->Configuration->Web Parameters I get an error: "Error encountered while executing processor oracle.OAS.Services.ServerApp.Display". I have al

  • 550 Sender address is missing a domain

    I am getting this error while sending message through java mail. com.sun.mail.smtp.SMTPSendFailedException: 550 Sender address is missing a domain I searched the net, Javamail FAQ and forum. Dint find any solution. I would appreciate a lot if any one

  • Adobe shockware player 11.6

    je n'arrive pas a telecharger adobe shockware player 11.6. il se place comme programme sur l'ordi mais il est vide ... est ce qu'il y a une manipulation a faire en plus?