Help required in OIM 11g

Similar Messages

• Help needed for OIM 11g

  Hi All,
  I have a requirement to develop SPML webservices for Create User, Modify user, Password Set, Forgotten Password on OIM11g.
  These WebServices will be called from some portal.
  Can anyone guide me how to start with it?
  I am new to WebServices on OIM so I need some guide or documentation available on net.
  Regads,
  J
  Edited by: J_IDM on Mar 17, 2011 3:08 AM

  *10G*
  SPML in OIM by default would give you everything that you require. I don't know you have seen this document or not:
  http://download.oracle.com/docs/cd/E14049_01/doc.9101/e14067/spml.htm#sthref97
  Refer section *12 SPML Web Service* and also *12.7 Developing the Client for the SPML Web Service*
  The former section talks about the sample wsdl and sample http requests format which are supposed to be generated from your client and the latter talks about the actual client. Find related java code and sample files in Xellerate\SPMLWS folder. Everything would be there.
  To start with, try your hands on this sample data and see if you can get SPML working. Once through bundle this sample client code to your actual
  *11G*
  The older version of OIM 10G was a little more detailed in this regard and the integration with SPML appeared a little easy. Although the features in 11G looks mroe exhaustive but unluckily the documentation also looks like limited.
  By the the operations which might cover your requirements could be:
  - addRequest for Create User
  - modifyRequest for Modify user, Password Set, Forgotten Password
  I would do 'Password Set & Forgotten Password' to behave in the same way.
  To start with I would use a tool like soapUI to point to the existing 11G wsdl and see what I can do with it:
  http://HOST_NAME:PORT/spml-xsd/SPMLService?WSDL
  Once clear, create another hosted SPML webservice and assign an end-point URL.

• Help required in OIM - user proxy

  Hi,
  I have set up an approval workflow for provisioning users into OID.
  Here I am trying to delegate the approval task to another user in the absence of the approver.
  For this, I have defined the proxy user for the approver.
  But, once the request has been raised for approval, it is still with the approver, its not reflecting under pending actions for the proxy user.
  Am I missing something ??
  Any help is appreciated...
  Thanks in advance.

  The proxy concept in OIM is not entirely well implemented or well defined and in many cases it turns out that you have to supplement with custom functionality and/or replace it entirely.
  The easiest way to implement your desired functionality is likely to write a scheduled task that moves the approval between the approvers as needed.
  Best regards
  /Martin

• Help needed in OIM 11g with respect to Target Recon

  Hi Experts,
  I have OIM 11.1.1.5.0 installed with AD Connector configured. We have 3 AD instances, so we have cloned the full AD Connector to "A_AD_RO User", "B_AD_RO User" and "C_AD_RO User" resourced with separate-separate Process defn, scheduled task, lookups and IT resource
  When I am doing target recon based on "emailID" as key from respective ID, the reconciliation events gets generated and I can see the event in Recon Manager with "No Match Found", even though the user with valid email id is present in the OIM.
  Once I do re-evaluate of reconciled user, the user target gets linked with the correct user.
  Problem: Everytime, I need to go to Recon Manager, and manually click on "Reevaluate Event", then only the target AD is getting linked to user.
  How to set it automatically?
  Has anyone faced this kind of issue?
  Any suggestion which I can apply to skip "Reevaluate Event" manually to link user with target.
  Regards,
  J
  Edited by: J_IDM on Mar 19, 2012 6:35 AM

  A few things to check.
  On the resource object, reconciliation tab. Check the recon action rules. The Entity Match is the one that matches a user to the target data if the user does not have an instance on their profile.
  Check your reconciliation rules. Make sure that you have a rule for each resource, and that it is in an active state. Also make sure the rule is a valid matching rule.
  For each resource workflow, there are configuration lookups. You must be VERY careful when cloning a resource to go through every lookup that is duplicated and make sure the values are all for the new resources.
  It sounds like you used the same adapters for every instance. This will cause a problem because there are hard coded form values in the adapter, so you will need to change those to have an input so you can specify the value for each instance. Otherwise, every provisioning task will look for the objectguid from the original workflow.
  There are lots of updates you must perform to make sure they work correctly during a clone.
  Once you have done all these, try and run your recons again, and make sure you wait till the recon completes so it processes the events in the correct bulk amounts.
  -Kevin

• Help required in OIM-OID LDap Synch and GTC flat file connector

  Hi Experts,
  I am using OIM 11.1.1.5 with OID LDap Synch enabled. I have OIM protected with OAM 11.1.1.5.0 and almost all normal things are working.
  Once I am doing TRUSTED FLAT FILE GTC recon to OIM, the users are getting created in OIM without any password and due to that my users are not getting created in OID(Ldap Synch is enabled);
  The following exception is getting thrown:
  <Nov 13, 2011 9:48:21 AM CET> <Warning> <XELLERATE.GC.PROVIDER.RECONCILIATIONTRANSPORT> <BEA-000000> <FILE SUCCESSFULLY ARCHIVED : /home/oracle/OAM_ProtoTyping/TestCSV/Scheduled.csv>
  <Nov 13, 2011 9:48:21 AM CET> <Warning> <oracle.iam.callbacks.common> <IAM-2030146> <[CALLBACKMSG] Are applicable policies present for this async eventhandler ? : false>
  <Nov 13, 2011 9:48:22 AM CET> <Error> <oracle.iam.ldapsync.impl.eventhandlers.user> <IAM-3010021> <An error occurred while creating the user in LDAP.
  oracle.iam.platform.entitymgr.MissingRequiredAttributeException: [usr_password]
  at oracle.iam.platform.entitymgr.impl.EntityManagerImpl.checkRequired(EntityManagerImpl.java:1450)
  at oracle.iam.platform.entitymgr.impl.EntityManagerImpl.createEntity(EntityManagerImpl.java:263)
  at oracle.iam.ldapsync.impl.eventhandlers.user.UserCreateLDAPPostProcessHandler.createUser(UserCreateLDAPPostProcessHandler.java:261)
  at oracle.iam.ldapsync.impl.eventhandlers.user.UserCreateLDAPHandler.execute(UserCreateLDAPHandler.java:123)
  at oracle.iam.platform.kernel.impl.OrchProcessData.runPostProcessEvents(OrchProcessData.java:1166)
  at oracle.iam.platform.kernel.impl.OrchProcessData.runEvents(OrchProcessData.java:710)
  at oracle.iam.platform.kernel.impl.OrchProcessData.executeEvents(OrchProcessData.java:227)
  at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:675)
  at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:705)
  at oracle.iam.platform.kernel.impl.OrhestrationAsyncTask.execute(OrhestrationAsyncTask.java:108)
  at oracle.iam.platform.async.impl.TaskExecutor.executeUnmanagedTask(TaskExecutor.java:100)
  at oracle.iam.platform.async.impl.TaskExecutor.execute(TaskExecutor.java:70)
  at oracle.iam.platform.async.messaging.MessageReceiver.onMessage(MessageReceiver.java:68)
  at sun.reflect.GeneratedMethodAccessor1821.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
  at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
  at $Proxy335.onMessage(Unknown Source)
  at weblogic.ejb.container.internal.MDListener.execute(MDListener.java:574)
  at weblogic.ejb.container.internal.MDListener.transactionalOnMessage(MDListener.java:477)
  at weblogic.ejb.container.internal.MDListener.onMessage(MDListener.java:380)
  at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:4659)
  at weblogic.jms.client.JMSSession.execute(JMSSession.java:4345)
  at weblogic.jms.client.JMSSession.executeMessage(JMSSession.java:3822)
  at weblogic.jms.client.JMSSession.access$000(JMSSession.java:115)
  at weblogic.jms.client.JMSSession$UseForRunnable.run(JMSSession.java:5170)
  at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  >
  Has any body faced similar kind of issue.
  I tried to use post process event handler on create but while updating password its saying the user state is not in synch with OID.
  So I am unable to use post process event handlers as well.
  Regards,
  J

  Thanks Sunny,
  But the post process event handler with reset/update password is not working on CREATE;
  the following error message is being thrown:
  oracle.iam.platform.kernel.EventFailedException: Password reset failed because user JSMITH151 is not synchronized to the LDAP directory.
  at oracle.iam.ldapsync.impl.eventhandlers.user.util.LDAPUserHandlerUtil.resetPassword(LDAPUserHandlerUtil.java:203)
  at oracle.iam.ldapsync.impl.eventhandlers.user.UserResetPasswordLDAPHandler.execute(UserResetPasswordLDAPHandler.java:167)
  at oracle.iam.platform.kernel.impl.OrchProcessData.runPreProcessEvents(OrchProcessData.java:898)
  at oracle.iam.platform.kernel.impl.OrchProcessData.runEvents(OrchProcessData.java:634)
  at oracle.iam.platform.kernel.impl.OrchProcessData.executeEvents(OrchProcessData.java:227)
  at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:665)
  In 11.1.1.3 OIM, I found the password was available for mapping in GTC connector, but in OIM 11.1.1.5, oracle has removed the password mapping attribute.
  Can you please suggest?
  I checked with Oracle Support, They are saying in OIM 11.1.1.5 they have introduced a new post process event handler which should generate the password on every trusted reconcilication event.
  But in my environment its not behaving like that.
  Regards,
  J

• OIM 11g to provision a web services based application , how ?

  Hi All,
  I'm trying to provision using GTC connector in OIM but the problem is i know how to write a webservice but i'm newbie to OIM 11g so i am not able to integrate my webservice to the OIM GTC connector.
  Highly appreciate if any one give me the background or steps to follow how to execute the provisioning using custom web service in OIM 11g.
  Thanks

  Hi,
  -Just trying to help-
  Based on OIM 11G requirements:
  If your target system is a Web service that can accept and parse SPML-based provisioning requests packaged in SOAP messages, you can use the SPML provisioning format provider and Web Services provisioning transport provider.
  You need not create custom provisioning providers.
  1-SPML provisioning format provider
  TargetOperation value object that is created by the SPML provisioning format provider and used as an input for the Web Services provisioning transport provider:
  com.thortech.xl.gc.impl.prov.WSTransportTargetOperation
  2-15.4 Web Services Provisioning Transport Provider
  http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14309/prdfnd_prov.htm#CHDJBFAI
  I hope this helps,
  Thiago Leoncio Guimaraes

• How to search any user while raising a request in OIM 11g

  Hello,
  In OIM 11g request access screen, How to search any user while trying to raise a request for access ?
  Currently when I login to OIM 11g with my id then I can search only my subordinates not all the users present in OIM.
  I know this comes by default with OIM 9.1.0.2, not sure any configuration changes required for OIM 11g ?
  Pls help me if you have any information on that.
  Thanks!!

  Thanks Rajiv, I did as you told .
  I created new Authorization Policy name called "Test Policy"
  Entity Name: User Management
  Permission Name: Search User
  Data Constraints: All Users
  Assign By Role: ALL USERS
  After that when I login as a end user and click search, It does not serach for any users.
  Could you pls pls let me know if i am missing anything or anything wrong?
  Thansk again.

• Help required related with OIM 11g Email Notification

  Experts,
  I have a requirement where I have to pass the User's Password through autogenerated email.
  But I have a scenario where I dont have to provision any target resource for users..so i dont have access to Notification Tab for such kind of users.
  I thought of writing a custom Event Handler to send email using custom code.
  But IN OIM 11g , I found that Inside, Advanced->Notification Template-> Create User Self Service Notification … is getting triggered with UserID: $userLoginId<br> and its woking fine.
  But once I added Password: $password<br> In the same template, its not providing me the password.
  So I think the Parameters associated with this Event "Self register user" does not have $password.
  Is there any way to check which all parameters can be accessed in these Events?
  Also, what is the best way to send password to users who does not any target resources associated?
  Thanks,
  Regards,
  J

  Hi I am trying to get the Create User Self Service Notification template working but for some reason I get an error in the log saying unexpected error occured while sending notification. and I am not recieving any mails..I have done the following steps
  created an IT resource with the name same as the value of Email Server property
  have made the value of RequestNotification property 1
  is there anything else I need to do..
  Can you also give some details as to how you have created the IT Resource...is the authentication true/false if true does any username and password do..
  Thank you

• OIM 11g high availability - is LDAP required for Weblogic credential store

  Hi all,
  Trying to understand whether we need an LDAP in an HA architecture with [OIM/SOA] - [OIM/SOA/Admin]?
  The HA guide: http://docs.oracle.com/cd/E14571_01/core.1111/e10106/imha.htm#CDEFECJF
  Does not mention this requirement, in fact it specifically says you only need an LDAP if: "only for LDAPSync-enabled Oracle Identity Manager installations and for Oracle Identity Manager installations that integrate with Oracle Access Manager. "
  However I have seen mention of issues with viewing tasks in SOA from OIM:
  How To : ORABPEL-30504: After Oim 11g Installation, Approval Tasks Cannot Be Read Through OIM Console
  Stating then when using OIM, SOA and an isolated Admin server, you need to switch to a proper LDAP as a credential and policy store:
  http://docs.oracle.com/cd/E17904_01/core.1111/e12036/net.htm#CIHIDJCC
  "2.4 LDAP as Credential and Policy Store
  With Oracle Fusion Middleware, you can use different types of credential and policy stores in a WebLogic domain. Domains can use stores based on XML files or on different types of LDAP providers. When a domain uses an LDAP store, all policy and credential data is kept and maintained in a centralized store. However, when using XML policy stores, the changes made on managed servers are not propagated to the Administration Server unless they use the same domain home.
  An Oracle Fusion Middleware SOA Suite Enterprise Deployment Topology uses different domain homes for the Administration Server and the managed server as described in the Section 2.3, "Shared Storage and Recommended Directory Structure." Derived from this, and for integrity and consistency purposes, Oracle requires the use of an LDAP as policy and credential store in context of Oracle Fusion Middleware SOA Suite Enterprise Deployment Topology. To configure the Oracle Fusion Middleware SOA Suite Enterprise Deployment Topology with an LDAP as Credential and Policy store, follow the steps in Section 11.1, "Credential and Policy Store Configuration."
  So which is it does anyone know?
  Thanks,
  Wayne.
  Edited by: wblacklock on May 17, 2012 6:12 AM

  Note that you can use the internal LDAP that comes with WebLogic, for your users and groups if you want.
  When you have multiple domains, you have a problem with this set-up as the internal LDAP is coupled to
  a specific domain. This means that users you created in one domain are not visible in the other. When using
  a separate LDAP that contains the users. You can configure in each domain an authenticator that points
  to the LDAP. In this way you can share to user accross multiple domains.
  When you are planning to use one domain you can stick with the internal LDAP if you want.
  An example set-up (that uses access manager not identity manager) can be found here: http://middlewaremagic.com/weblogic/?p=7819,
  which might help you in how to proceed.

• Assistance required for deploying a validation handler in OIM 11g

  Hi All,
  I wanted to deploy a validation handler in OIM 11g so that I can check that the telephone number that is entered by the user has length of ten and all of them are digits.
  I created a new eclipse workspace called TelephoneValidationHandler on the OIM Host machine. I created a new Java project in the workspace with the name TelephoneValidationHandler. I created a class called TelephoneValidationHandler in this project. Put in the following code in this java file -
  /* TelephoneValidationHandler.java */
  package com.custom;
  import java.io.Serializable;
  import java.util.HashMap;
  import oracle.iam.platform.kernel.ValidationException;
  import oracle.iam.platform.kernel.ValidationFailedException;
  import oracle.iam.platform.kernel.spi.ValidationHandler;
  import oracle.iam.platform.kernel.vo.BulkOrchestration;
  import oracle.iam.platform.kernel.vo.Orchestration;
  public class TelephoneValidationHandler implements ValidationHandler{
            @Override
            public void initialize(HashMap<String, String> arg0) {
            // TODO initialization
            System.out.println("***********************************************************************************");
            System.out.println("************************** Init validate event handler ****************************");
            System.out.println("***********************************************************************************");
            @Override
            public void validate(long processId, long eventId, Orchestration orchestration)
            throws ValidationException, ValidationFailedException {
            System.out.println("************************** Beginning of validation *************************");
            HashMap<String, Serializable> parameters = orchestration.getParameters();
            String telephone = (String) parameters.get("Telephone Number");     
            //String regex="[0-9]{10}";
                 if (telephone.length()==10)
                      for(int i=0; i<10; i++)
                           if (Character.isDigit(telephone.charAt(i))){
                                continue;
                           else
                                throw new ValidationFailedException();
                      System.out.println("****************** Validated *********************");
            else
                 System.out.println("*************EXCEPTION OCCURRED*******************");
            throw new ValidationFailedException();
            System.out.println("************************** End of validation *************************");
            @Override
            public void validate(long processId, long eventId, BulkOrchestration arg2)
                      throws ValidationException, ValidationFailedException {
            // TODO - N/A
                 System.out.println("************************** INSIDE BULK VALIDATE ***************************");
  I included the files in reference libraries as - right click on the project, click on Build Path -> Configure Build Path -> Add External JARs. In this I selected the jars that were needed to compile the code successfully and i selected them from the place where they exist in the OIM host for eg. C:\Oracle\Middleware\server\platform\iam-platform-kernel.jar path for iam-platform-kernel.jar.
  Now i created a jar file out of this compiled project by right clicking on the project name and clicking Export -> Java -> JAR File. Selected the .classpath and .project files to export as well. Selected first option 1. Export generated class files and resources option. Other three existing options apart from this one which i selected were: 2. Export all output folders for checked projects. 3. Export Java source files and resources 4. Export refactorings for checked projects. So with the 1st option selected, I clicked next and then selected Generate New Manifest file in the final screen and clicked on Finish. Exported this by the name TelephoneValidationHandler.jar to desktop. If I open this jar by changing extension to zip, I see the following folder structure inside it :
  com -> custom -> TelephoneValidationHandler.class
  META-INF -> MANIFEST.INF
  .classpath
  .project
  I created a folder called lib and placed this jar file inside this lib folder. Then outside this lib folder, i placed the plugin.xml file created for this as follows:
  plugin.xml ->
  <?xml version="1.0" encoding="UTF-8"?>
  <oimplugins xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <plugins pluginpoint="oracle.iam.platform.kernel.spi.ValidationHandler">
  <plugin class="com.custom.TelephoneValidationHandler" version="1.0" name="TelephoneValidationHandler">
  </plugin>
  </plugins>
  </oimplugins>
  Now I selected the lib folder and plugin.xml and created a new zip file by the name TelephoneValidationHandler.zip which will be used for plugin registration. The zip folder directly inside it has the structure - plugin.xml file and lib folder having the jar file inside it.
  lib -> TelephoneValidationHandler.jar
  plugin.xml
  Now I went to the directory C:\Oracle\Middleware\server\plugin_utility and opened the ant.properties file in that and put in the values as:
  ant.properties ->
  # The installation directory for WLS
  wls.home=C:\\Oracle\\Middleware\\wlserver_10.3
  # The home directory for OIM. In case of shiphome its same as install directory
  oim.home=C:\\Oracle\\Middleware\\Oracle_IDM1\\server
  #login file name with path.
  login.config=C:\\Oracle\\Middleware\\Oracle_IDM1\\server\\config\\authwl.conf
  Now I opened a cmd prompt, traversed to C:\Oracle\Middleware\server\plugin_utility directory and typed in "ant -f pluginregistration.xml register" and executed this command.
  It asked for oim userid - xelsysadm, oim password: Password, server url: t3://oimhost:14000, name of plugin file with path: C:\\temp\\TelephoneValidationHandler.zip
  I got these errors in the redirector.out file in C:\Oracle\Middleware\server\plugin_utility :
  Error in registering the plugin. null
  Error occured during the use of plugin registering utility.
  And this is the detailed description in the redirector.err in C:\Oracle\Middleware\server\plugin_utility :
  Jul 17, 2012 6:05:58 PM PluginUtility main
  SEVERE: Exception occured {0}
  java.lang.NullPointerException
       at java.util.regex.Matcher.getTextLength(Matcher.java:1140)
       at java.util.regex.Matcher.reset(Matcher.java:291)
       at java.util.regex.Matcher.<init>(Matcher.java:211)
       at java.util.regex.Pattern.matcher(Pattern.java:888)
       at weblogic.utils.classloaders.FilteringClassLoader.matchesClassFilterList(FilteringClassLoader.java:213)
       at weblogic.utils.classloaders.FilteringClassLoader.findClass(FilteringClassLoader.java:97)
       at weblogic.utils.classloaders.FilteringClassLoader.loadClass(FilteringClassLoader.java:86)
       at java.lang.ClassLoader.loadClass(ClassLoader.java:294)
       at java.lang.ClassLoader.loadClass(ClassLoader.java:294)
       at java.lang.ClassLoader.loadClass(ClassLoader.java:246)
       at oracle.iam.platform.pluginframework.PluginReader.validateInstance(PluginReader.java:303)
       at oracle.iam.platform.pluginframework.PluginReader.validatePluginsFromFile(PluginReader.java:363)
       at oracle.iam.platform.pluginframework.PluginReader.readPluginsFromZIP(PluginReader.java:147)
       at oracle.iam.platform.pluginframework.PluginReader.readPlugins(PluginReader.java:66)
       at oracle.iam.platform.pluginframework.PluginManagerImpl.registerPlugin(PluginManagerImpl.java:74)
       at oracle.iam.platformservice.impl.PlatformServiceImpl.registerPlugin(PlatformServiceImpl.java:129)
       at oracle.iam.platformservice.api.PlatformServiceEJB.registerPluginx(Unknown Source)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
       at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
       at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
       at $Proxy528.registerPluginx(Unknown Source)
       at oracle.iam.platformservice.api.PlatformService_ott20t_PlatformServiceRemoteImpl.__WL_invoke(Unknown Source)
       at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
       at oracle.iam.platformservice.api.PlatformService_ott20t_PlatformServiceRemoteImpl.registerPluginx(Unknown Source)
       at oracle.iam.platformservice.api.PlatformService_ott20t_PlatformServiceRemoteImpl_WLSkel.invoke(Unknown Source)
       at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:667)
       at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
       at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:522)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
       at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:518)
       at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  Jul 17, 2012 6:05:58 PM PluginUtility main
  SEVERE: Exception occured {0}
  java.lang.NullPointerException
       at java.util.regex.Matcher.getTextLength(Matcher.java:1140)
       at java.util.regex.Matcher.reset(Matcher.java:291)
       at java.util.regex.Matcher.<init>(Matcher.java:211)
       at java.util.regex.Pattern.matcher(Pattern.java:888)
       at weblogic.utils.classloaders.FilteringClassLoader.matchesClassFilterList(FilteringClassLoader.java:213)
       at weblogic.utils.classloaders.FilteringClassLoader.findClass(FilteringClassLoader.java:97)
       at weblogic.utils.classloaders.FilteringClassLoader.loadClass(FilteringClassLoader.java:86)
       at java.lang.ClassLoader.loadClass(ClassLoader.java:294)
       at java.lang.ClassLoader.loadClass(ClassLoader.java:294)
       at java.lang.ClassLoader.loadClass(ClassLoader.java:246)
       at oracle.iam.platform.pluginframework.PluginReader.validateInstance(PluginReader.java:303)
       at oracle.iam.platform.pluginframework.PluginReader.validatePluginsFromFile(PluginReader.java:363)
       at oracle.iam.platform.pluginframework.PluginReader.readPluginsFromZIP(PluginReader.java:147)
       at oracle.iam.platform.pluginframework.PluginReader.readPlugins(PluginReader.java:66)
       at oracle.iam.platform.pluginframework.PluginManagerImpl.registerPlugin(PluginManagerImpl.java:74)
       at oracle.iam.platformservice.impl.PlatformServiceImpl.registerPlugin(PlatformServiceImpl.java:129)
       at oracle.iam.platformservice.api.PlatformServiceEJB.registerPluginx(Unknown Source)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
       at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
       at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
       at $Proxy528.registerPluginx(Unknown Source)
       at oracle.iam.platformservice.api.PlatformService_ott20t_PlatformServiceRemoteImpl.__WL_invoke(Unknown Source)
       at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
       at oracle.iam.platformservice.api.PlatformService_ott20t_PlatformServiceRemoteImpl.registerPluginx(Unknown Source)
       at oracle.iam.platformservice.api.PlatformService_ott20t_PlatformServiceRemoteImpl_WLSkel.invoke(Unknown Source)
       at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:667)
       at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
       at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:522)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
       at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:518)
       at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  Exception in thread "Main Thread" java.lang.NullPointerException
       at java.util.regex.Matcher.getTextLength(Matcher.java:1140)
       at java.util.regex.Matcher.reset(Matcher.java:291)
       at java.util.regex.Matcher.<init>(Matcher.java:211)
       at java.util.regex.Pattern.matcher(Pattern.java:888)
       at weblogic.utils.classloaders.FilteringClassLoader.matchesClassFilterList(FilteringClassLoader.java:213)
       at weblogic.utils.classloaders.FilteringClassLoader.findClass(FilteringClassLoader.java:97)
       at weblogic.utils.classloaders.FilteringClassLoader.loadClass(FilteringClassLoader.java:86)
       at java.lang.ClassLoader.loadClass(ClassLoader.java:294)
       at java.lang.ClassLoader.loadClass(ClassLoader.java:294)
       at java.lang.ClassLoader.loadClass(ClassLoader.java:246)
       at oracle.iam.platform.pluginframework.PluginReader.validateInstance(PluginReader.java:303)
       at oracle.iam.platform.pluginframework.PluginReader.validatePluginsFromFile(PluginReader.java:363)
       at oracle.iam.platform.pluginframework.PluginReader.readPluginsFromZIP(PluginReader.java:147)
       at oracle.iam.platform.pluginframework.PluginReader.readPlugins(PluginReader.java:66)
       at oracle.iam.platform.pluginframework.PluginManagerImpl.registerPlugin(PluginManagerImpl.java:74)
       at oracle.iam.platformservice.impl.PlatformServiceImpl.registerPlugin(PlatformServiceImpl.java:129)
       at oracle.iam.platformservice.api.PlatformServiceEJB.registerPluginx(Unknown Source)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
       at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
       at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
       at $Proxy528.registerPluginx(Unknown Source)
       at oracle.iam.platformservice.api.PlatformService_ott20t_PlatformServiceRemoteImpl.__WL_invoke(Unknown Source)
       at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
       at oracle.iam.platformservice.api.PlatformService_ott20t_PlatformServiceRemoteImpl.registerPluginx(Unknown Source)
       at oracle.iam.platformservice.api.PlatformService_ott20t_PlatformServiceRemoteImpl_WLSkel.invoke(Unknown Source)
       at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:667)
       at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
       at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:522)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
       at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:518)
       at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  But in the end of this run it still does show - BUILD SUCCESSFUL message but it obviously doesn't work properly because after this registration is done, I go to the MDS through command prompt and import the new EventHandlers.xml which I create as shown below:
  EventHandlers.xml ->
  <?xml version='1.0' encoding='UTF-8'?>
  <eventhandlers xmlns="http://www.oracle.com/schema/oim/platform/kernel" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.oracle.com/schema/oim/platform/kernel orchestration-handlers.xsd">
  <validation-handler class="com.custom.TelephoneValidationHandler" name="TelephoneValidationHandler" entity-type="User" operation="ANY" order="1002" />
  </eventhandlers>
  This import of EventHandlers.xml is done to the path - /metadata/user/custom
  But after all this, whenever I try creating a new user, I don't even get to see the create user page. Instead I get a NullPointer exception thrown at me.
  Can someone please go through these above steps and tell me if there is any particular step I might be doing wrong??? Maybe the ant.properties is not set properly or maybe the ValidationHandler java code is not implemented properly. However as far as I see I think these steps are correct. I have checked with other posts in this category and followed them. However this error still exists. Please help me.
  Thanks,
  $id
  Edited by: $id on Jul 17, 2012 6:36 PM

  Hey You were right. I changed the plugin.xml file so that the plugin xml tag changed to <plugin pluginclass="..." ..> and now when I ran the ant utility to register the plugin, it did not give any errors. Instead I got a message saying Plugin registered successfully. Also then I went to the dev_oim schema and in that the plugins table and checked it. This time the plugin entry was present in the database in this table.
  Now I imported the EventHandlers.xml file using MDS utility as follows:
  Placed the EventHandlers.xml file in C:/temp/metadata/user/custom/EventHandlers.xml
  The EventHandlers.xml file is as mentioned earlier as follows:
  <?xml version='1.0' encoding='UTF-8'?>
  <eventhandlers xmlns="http://www.oracle.com/schema/oim/platform/kernel" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.oracle.com/schema/oim/platform/kernel orchestration-handlers.xsd">
  <validation-handler class="com.custom.TelephoneValidationHandler" name="TelephoneValidationHandler" entity-type="User" operation="ANY" order="1002"/>
  </eventhandlers>
  Now I changed the weblogic.properties file under C:/Oracle/Middleware/Oracle_IDM1/server/bin file to have the entry as follows:
  metadata_from_loc=C:\ \tempThen went to the cmd prompt and navigated to this same folder. Then executed the command: weblogicImportMetadata.bat. It asked the user name : weblogic, password: password and then the url: t3://oimhost:7001
  There were no errors after this executed. I only got End of Import Metadata Script as the message.
  I then executed the "PurgeCache all" command while in the same directory.
  And gave the oimusername: xelsysadm, oimpassword: password and the oim server url: t3://oimhost:14000.
  I got the message :
  PurgeCache Login Success...
  Purging the cache categories:[all] is successful
  After this I logged in to the OIM console and tried to create a user and provided proper telephone number in the field. But when i clicked on Save after giving in these details, I got the following error on the OIM console:
  A system error occurred.
  When i go the oim server logs i see the following lines in it whenever I click on save for a new user:
  [2012-07-18T11:15:22.799+05:30] [oim_server1] [NOTIFICATION] [IAM-0080013] [oracle.iam.platform.kernel.impl] [tid: [ACTIVE].ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [APP: oim#11.1.1.3.0] Kernel executing default validation with process id, event id, entity and operation 1,796.0.User.CREATE
  [2012-07-18T11:15:23.111+05:30] [oim_server1] [NOTIFICATION] [IAM-3050013] [oracle.iam.identity.usermgmt.impl] [tid: [ACTIVE].ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm][APP: oim#11.1.1.3.0] Searching for users with the specified criteria.
  [2012-07-18T11:15:23.688+05:30] [oim_server1] [WARNING] [IAM-0080002] [oracle.iam.platform.kernel.impl] [tid: [ACTIVE].ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm][APP: oim#11.1.1.3.0] Orchestration validation failed on the event handler - Event handler TelephoneValidationHandler implemented using class/plug-in com.custom.TelephoneValidationHandler could not be loaded.
  [2012-07-18T11:15:23.938+05:30] [oim_server1] [ERROR] [IAM-3050029] [oracle.iam.identity.usermgmt.impl] [tid: [ACTIVE].ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm][APP: oim#11.1.1.3.0] The user cannot be created due to validation errors.[[
  oracle.iam.platform.kernel.ValidationFailedException: Event handler TelephoneValidationHandler implemented using class/plug-in com.custom.TelephoneValidationHandler could not be loaded.
  After this error occurred I logged into the database and queried the database with following queries:
  SELECT * FROM dev_oim.orchprocess ORDER BY ID DESC; -> Got the latest entry of process id for operation CREATE and stage as validation-handler but the status of this entry was FAILED.
  Then executed another query as follows to get the event details for the latest process id i got from above query results:
  select * from dev_oim.orchevents WHERE processid=1797 ORDER BY orchorder;The output of this query was:
  "ID"     "NAME"     "STATUS"     "PROCESSID"     "STAGE"     "ORCHORDER"     "RETRY" "CONTEXTID"     "RESULT"
  "7544"     "CreateUserValidationHandler"     "COMPLETED"     "1797"     "validation-handler"     "1"     "0"     "0"     "(BLOB)"
  "7543"     "TelephoneValidationHandler"     "FAILED"     "1797"     "validation-handler"     "2"     "0"     "0"     "(BLOB)"
  I already have pasted my java code initially above. Please guide me if anything wrong in the code or with the EventHandlers.xml file. After importing, I checked again by exporting the EventHandlers.xml file from the location where I had imported it and it did exist in that path.
  Thanks,
  $id
  Edited by: $id on Jul 18, 2012 11:25 AM
  Edited by: $id on Jul 18, 2012 11:34 AM

• OIM 11g R2 PS1 - Bugs fixed info required

  Hi ,
  I have OIM 11g R2 with BP 06 installed on my system and want upgrade to latest version so that majority of bug fixes are incorporated. As both BP07 and PS1 are in market.
  While checking for BP7 fixes we noticed that there are certain fixes that we really require in our application like:
  Bug:16315001 : GTC mapping image on migration to other environment is not displayed.
  Bug:16506870 : De-provisioning of user accounts via the Set User De-provisioned Date scheduled job fails.
  Bug:16347855 : Users are able to submit a request for modify account although nothing is modified on the form fields.
  But while checking for release notes of PS1 (11.1.2.1) i did not notice any such fixes, rather there were some certification exception fixes ,new menu called "Certification" in Sysadmin Console and Introduced new menu called "Inbox" in Identity/Self Service Console
  So my question is that to apply above fixes we need install the BP7 patch separately, considering PS1 is not a cumulative one and then install PS1
  Thanks,
  Puneet

  Hi,
  Check out: http://www.iamidm.com/2013/05/oim-11g-r2-ps1-certification-tab-in.html
  Regards,
  Chinni

• OIM 11g: How to remove rule requiring unique user email addresses

  Use the OIM 11g Administrative and User Console to update a user's email address to be the same as another user's address and on save you get error message:
  "The user with the attribute Email and value [email protected] already exists"
  In OIM 9.1 we used to be allowed duplicate email addresses.
  OIM 11g wants them to be unique (refer OIM 11g User Guide table 11-2 in section "11.2 User Entity Definition" which shows the email attribute properties with unique:yes).
  How do you change this to "unique:no"?
  The OIM 11g Admin Guide section "14 Configuring User Attributes" describes the User.xml file in MDS but doesn't mention unique properties.
  The System Properties accessed via System Management->System Configuration doesn't show anything that looks like an option to enforce email address uniqueness.
  Thanks

  OIM 11g does not allow duplicate email addresses. We asked Oracle about this and they responded that the feature (duplicate email addresses) was "removed from OIM 11g due to sending mail notifications, security and other related
  concerns". We think we can live with this restriction and did not make an enhancement request.
  The user guide does show that email address is unique:
  http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14316/usr_mangmnt.htm#BGBDCDCH
  but there's no way to override the rule.

• Creation of a Request in OIM 11G using API's

  Hi Friends,
  I am trying to create a request using OIM 11g API's.
  I am trying to do this for EBS Responsibility resource and this resource has a request dataset has EBS-IT-Resource-Instance, application name, responsibility name, start date and security group. Please note application name, responsibility name, start date and security group are in child form.
  I am trying to populate the request dataset using the below code.
  List<RequestBeneficiaryEntityAttribute> entityAttrList;
  RequestBeneficiaryEntity entity = null;
  entityAttrList = new ArrayList<RequestBeneficiaryEntityAttribute>();
  entity = new RequestBeneficiaryEntity();
  tcITResourceInstanceOperationsIntf tcITResourceIntf = Platform.getService(tcITResourceInstanceOperationsIntf.class);
  HashMap searchcriteria = new HashMap<String, String>();
  searchcriteria.put("IT Resources.Name", "EBSHF-APPS12");
  tcResultSet resultSet = tcITResourceIntf.findITResourceInstances(searchcriteria);
  long itResourceKey=resultSet.getLongValue("IT Resources.Key");
  entityAttrList.add(this.getAttrLong("eBusiness Suite Instance Name",itResourceKey));
  entityAttrList.add(this.getAttr("Application Name","3~300"));
  entityAttrList.add(this.getAttr("Responsibility Name", "3~300~52281"));
  entityAttrList.add(this.getAttr("Security Group", "3~0"));
  entity.setEntityKey(getResourceKey("Oracle eBusiness Responsibility"));
  entity.setEntityType(RequestConstants.RESOURCE);
  entity.setEntitySubType("Oracle eBusiness Responsibility");
  entity.setEntityData(entityAttrList);
  private RequestBeneficiaryEntityAttribute getAttr(String name, String value)
  RequestBeneficiaryEntityAttribute attr = null;
  attr = new RequestBeneficiaryEntityAttribute(name, value, RequestBeneficiaryEntityAttribute.TYPE.String);
  return attr;
  private RequestBeneficiaryEntityAttribute getAttrLong(String name, long value)
  RequestBeneficiaryEntityAttribute attr = null;
  attr = new RequestBeneficiaryEntityAttribute(name, value, RequestBeneficiaryEntityAttribute.TYPE.Long);
  return attr;
  My code is working fine and a request is getting created. But when I try to open the request dataset(object form) for the newly created request, I am getting null exceptions.
  If I did not populate the fields that are in the child form application name, responsibility name and security group which are highlighted above, then I am able to view the form with the correct IT-Resource-Instance name after request creation.
  So, I am thinking I am doing something wrong while populating child form data in the request dataset.
  Can you please provide me some code snippet to populate the child using 11G API'S?

  Hi Bikash,
  After referring your code, i made changes in mine. Here is my updated code.
  RequestBeneficiaryEntityAttribute parantAttr=null;
  List<RequestBeneficiaryEntityAttribute> entityAttrList;
  RequestBeneficiaryEntity entity = null;
  entity = new RequestBeneficiaryEntity();
  parantAttr=this.getAttrLong("eBusiness Suite Instance Name", itResourceKey);
  RequestBeneficiaryEntityAttribute mid1 = new RequestBeneficiaryEntityAttribute();
  List <RequestBeneficiaryEntityAttribute> childAttributesList = new ArrayList<RequestBeneficiaryEntityAttribute>();
  childAttributesList.add(this.getAttr("Application Name", "3~555"));
  childAttributesList.add(this.getAttr("Responsibility Name", "3~555~22862"));
  childAttributesList.add(this.getAttr("Security Group", "3~0"));
  mid1.setChildAttributes(childAttributesList);
  mid1.setAction(RequestBeneficiaryEntityAttribute.ACTION.Add);
  entityAttrList = new ArrayList<RequestBeneficiaryEntityAttribute>();
  entityAttrList.add(parantAttr);
  entityAttrList.add(mid1);
  But when I try to run this, it is getting failed saying "RequestServiceException: IAM-2050033:Invalid attribute name null. No corresponding reference was found in the data set ProvisionResourceOracle eBusiness Responsibility".
  Here is my request data set for your reference.
  <AttributeReference name="eBusiness Suite Instance Name" attr-ref="eBusiness Suite Instance Name" type="Long" length="50" widget="itresource-lookup" required="true" available-in-bulk="true" itresource-type="eBusiness Suite UM"/>
  <AttributeReference available-in-bulk="true" length="10" widget="text" type="String" attr-ref="UD_EBH_RSCP" name="EBS HR Foundation User Responsibilities">
  <AttributeReference name="Application Name" attr-ref="Application Name" type="String" length="256" widget="lookup-query" available-in-bulk="true" required="true">
  <lookupQuery lookup-query="select lkv_encoded as Value,lkv_decoded as Description from lkv lkv, lku lku where lkv.lku_key=lku.lku_key and lku_type_string_key='Lookup.EBS.Application' and lkv_encoded like concat('$Form data.eBusiness Suite Instance Name', '~%')" display-field="Description" save-field="Value"/>
  </AttributeReference>
  <AttributeReference name="Responsibility Name" attr-ref="Responsibility Name" type="String" length="256" widget="lookup-query" available-in-bulk="true" required="true" primary="true">
  <lookupQuery lookup-query="select lkv_encoded as Value,lkv_decoded as Description from lkv lkv,lku lku where lkv.lku_key=lku.lku_key and lku_type_string_key='Lookup.EBS.Responsibility' and lkv_encoded like concat('$Form data.Application Name','~%')" display-field="Description" save-field="Value"/>
  </AttributeReference>
  <AttributeReference name="Security Group" attr-ref="Security Group" type="String" length="256" widget="lookup-query" available-in-bulk="true" required="true">
  <lookupQuery lookup-query="select lkv_encoded as Value,lkv_decoded as Description from lkv lkv, lku lku where lkv.lku_key=lku.lku_key and lku_type_string_key='Lookup.EBS.SecurityGroup' and lkv_encoded like concat('$Form data.eBusiness Suite Instance Name', '~%')" display-field="Description" save-field="Value"/>
  </AttributeReference>
  I am not sure why it is not referencing to the attribute. In your blog, it is saying your code is to set process form. But i am trying to create a request using API's. so, I need some code snippet to populate request dataset. Do you think, this will serve both?
  Thanks for your help.

• How to generate Email in OIM 11g r1 during recocillation

  I want to generate Email id of user based on his first name and last name while creation of user.
  I am using OIM 11g R1 .
  Can anyone plz help me on this.

  1. Login to Design Console and open your GTC provisioning process definition , then Add a new task called "Notify Email".
  2. Check Required for Completion, Allow Cancel and optionally Disable Manual Insert.
  3. In the Integration tab, add tcCompleteTask
  4. In the assignment tab, add an entry with the Default rule, target type of User, and for the User field pick an existing user with a valid email address in their User Profile.
  5. In the Notification tab add an entry and check Assignee, (You can select User, Manager etc ) have the Status field set to C and for the Email field pick a Provisioning type of Notification Template that you have already created.
  N.B: 7. Make sure the IT Resource and email configuration properly otherwise you will not get the mail.
  Thanks
  Tamim Khan

• OIM 11g High Availability Deployment

  Hi Experts,
  I'm deploying OIM 11g in High Available schema, following Oracle docs: http://download.oracle.com/docs/cd/E14571_01/core.1111/e10106/imha.htm#CDEFECJF, I have succesfully installed and configured OIM & SOA in weblogic domain on 'OIMHOST1', trying to propagate the configuration from 'OIMHOST1' to 'OIMHOST2' I have packed (using pack.sh) the domain on 'OIMHOST1' and unpacked (using unpack.sh) it to 'OIMHOST2' so I have updated the NodeManager executing setNMProps.sh and finally Ihave started the NodeManager. In order to Test everything is fine and following the documentation I'm traying to perform the following steps, but I'm not succeed
  I'M MUST TO SAY THAT I'M RUNNING ON SINGLE STANDARD EDITION DB INSTANCE AND NOT RAC AS MENTIONED IN ORACLE DOCS, PLEASE CLARIFY IF RAC IS REQUIRED, FOR NOW I'M IN DEVELOPMENT ENVIRONMENT, SO I THINK RAC IS NOT REQUIRED FOR NOW, PLEASE CLARIFY
  8.9.3.8.3 Start the WLS_SOA2 and WLS_OIM2 Managed Servers on OIMHOST2
  Follow these steps to start the WLS_SOA2 and WLS_OIM2 managed servers on OIMHOST2:
  Stop the WebLogic Administration Server on OIMHOST2. Use the WebLogic Administration Console to stop the Administration Server.
  Start the WebLogic Administration Server on OIMHOST2 using the startWebLogic.sh script under the $DOMAIN_HOME/bin directory. For example:
  /u01/app/oracle/admin/OIM/bin/startWebLogic.sh > /tmp/admin.out 2>1&
  Validate that the WebLogic Administration Server started up successfully by bringing up the WebLogic Administration Console.
  Here its not possible start AdminServer on OIMHOST2, first of all, it looks like boot.properties file under WLS_OIM_DOMAIN_HOME/servers/AdminSever/security is not valid, the first time I try to execute startWeblogic.sh script, it ask for username/password, I have updated boot.properties (vi boot.properties) and manually set clear username and password, this time startWeblogic.sh script passed this stage, but fails:
  <Error> <util.install.help.BuildMasterHelpSet> <BEA-000000> <IOException ioe java.io.IOException: No such file or directory>
  <Error> <oracle.adf.share.config.ADFMDSConfig> <BEA-000000> <MDSConfigurationException encountered in parseADFConfigurationMDS-01330: unable to load MDS configuration document
  MDS-01329: unable to load element "persistence-config"
  MDS-01370: MetadataStore configuration for metadata-store-usage "writeable" is invalid.
  MDS-00503: The metadata path "/u01/app/oracle/product/Middleware/user_projects/domains/IDMDomain/sysman/mds" does not contain any valid directories.
  I have verified that this directory "mds" does not exists, as reported by the IOException, in OIMHOST2, but it exists in OIMHOST1. from here its not possible for me following Oracle's documentation, I test this starting Adminserver in OIMHOST1, and starting WLS_SOA2 and WLS_OIM2 managed servers from OIMHOST1 AdminServer console, I have tested 2 ways:
  1.- All managed servers in OIHOST1 are shutdown, for this, managed servers in OIMHOST2 works as expected
  2.- All managed servers in OIMHOST1 are RUNNING, for this, first I have started SOA2 managed server, after that, I have fired OIM2 managed server, when it finish boot process the following message appears in server's output:
  <Warning> <org.quartz.impl.jdbcjobstore.JobStoreCMT> <BEA-000000> <This scheduler instance (servername.domainname1304128390936) is still active but was recovered by another instance in the cluster. This may cause inconsistent behavior.>
  Start the WLS_SOA2 managed server using the WebLogic Administration Console.
  Start the WLS_OIM2 managed server using the WebLogic Administration Console. The WLS_OIM2 managed server must be started after the WLS_SOA2 managed server is started.
  8.9.3.9 Validate the Oracle Identity Manager Instance on OIMHOST2
  Validate the Oracle Identity Manager Server instance on OIMHOST2 by bringing up the Oracle Identity Manager Console using a web browser.
  The URL for the Oracle Identity Manager Console is:
  http://oimvhn2.mycompany.com:14000/oim
  Log in using the xelsysadm password.
  Your help is highly apprecciated
  Regards
  Juan

  Hi Vaasu,
  I have succeeded deploying OIM in HA, just now my customer and I are working on the installation of webtier. Now I have a better understand about HA concepts and the way weblogic works -really nice, but little tricky-
  All the magic about HA is configuring properly the network interfaces in each Linux boxes (our case) so, first of all you need to create 2 new floating IP's on each Linux boxes (google: how to create virtual Ip in linux, if you don't know) clone and modify your 'eth0' network script to create the virtual IPs
  Follow the procudere in the HA guide: http://download.oracle.com/docs/cd/E14571_01/core.1111/e10106/imha.htm#CDEFECJF
  create DB schemas with RCU
  install weblogic
  install SOA
  patch SOA
  install IAM
  ---if you are working on a virtual machine is good idea to take a snapshot here---
  Create and configure the weblogic domain (special attentention whe configuring the cluster), see step 13 of 8.9.3.2 Creating and Configuring the WebLogic Domain for OIM and SOA on OIMHOST1, here you need to cofigure:
  For the oim_server1 entry, change the entry to the following values:
  Name: WLS_OIM1
  Listen Address: the IP that is confured in eth0:1 of Linux box1
  Listen Port: 14000
  For the soa_server1 entry, change the entry to the following values:
  Name: WLS_SOA1
  Listen Address: the IP configure on eth0:2 of Linux box1
  Listen Port: 8001
  For the second OIM Server, click Add and supply the following information:
  Name: WLS_OIM2
  Listen Address: the IP configured on eth0:1 of Linux box2
  Listen Port: 14000
  For the second SOA Server, click Add and supply the following information:
  Name: WLS_SOA2
  Listen Address: the IP configured on eth0:2 of Linux box2
  Listen Port: 8001
  Click Next.
  On Step 16 ensure you are using the UNIX tab to configure the machines, also ensure that for machine1 you use the IP configured on the eth0 interface of Linux box1, the same for machine2
  please confirm you have performered 8.9.3.3.2 Update Node Manager on OIMHOST1
  if everything is ok you must be able to start the AdminServer as described in the guide.
  configure OIM: 8.9.3.4.2 Running the Oracle Identity Management Configuration Wizard, in my case I don't need LDAPsync, I have skipped this section, if you configure properly OIM, then you mus perform 8.9.3.5 Post-Configuration Steps for the Managed Servers
  resrtar AdminServer then from the weblogic console, start OIM and SOA if node manager is properly configured SOA and OIM must run properly, update deployment mode and coherence as described in the guide and verify that OIM run perfectly in Linux box1.
  Propagate OIM from Linux box1 to Linux box2 as described in the guide, using pack and unpack (you MUST use the same filesystem directory structure on both Linux boxes)
  Update and start NodeManager as described in the guide
  VERY IMPORTAN OBSERVATION
  the guide say:
  8.9.3.8.3 Start the WLS_SOA2 and WLS_OIM2 Managed Servers on OIMHOST2
  Follow these steps to start the WLS_SOA2 and WLS_OIM2 managed servers on OIMHOST2:
  Stop the WebLogic Administration Server on OIMHOST2. Use the WebLogic Administration Console to stop the Administration Server.
  JUAN OBSERVATION:
  IS NOT POSSIBLE TO START OR STOP ADMINSERVER ON HOST2 SINCE ADMIN SERVER WERE CONFIGURED TO LISTEN ON THE IP ADDRES OF eth0 INTERFACE ON HOST1, SO, ITS NOT POSSIBLE TO PLAY IT ON HOST2, I THINK AND ADDITIONAL PROCEDURE SHOULD BE FOLLOWED TO CONFIGURE ADMINSERVER IN HA IN A ACTIVE-PASSIVE MODE
  Start the WebLogic Administration Server on OIMHOST2 using the startWebLogic.sh script under the $DOMAIN_HOME/bin directory. For example:
  /u01/app/oracle/admin/OIM/bin/startWebLogic.sh > /tmp/admin.out 2>1& -----NOT APPLICABLE
  Validate that the WebLogic Administration Server started up successfully by bringing up the WebLogic Administration Console. -----NOT APPLICABLE
  Start the WLS_SOA2 managed server using the WebLogic Administration Console. ----START SOA2 FROM THE CONSOLE RUNNING ON HOST1, IT DOESN'T MATTER
  Start the WLS_OIM2 managed server using the WebLogic Administration Console. The WLS_OIM2 managed server must be started after the WLS_SOA2 managed server is started. ------ START OIM2 FROM THE CONSOLE RUNNING ON HOST1
  HERE YOU MUST BE ABLE TO LOGIN TO OIM2 SERVER AS DESCRIBED IN THE GUIDE, YOU DON'T NEED TO EXECUTE config.sh SCRIPT THIS SHOULD WORK AS DESCRIBED.
  Server migration should work straight-forward if you have configured the floating IPs as described, I have not configured the persistence yet since my customer does not have the skills to share a storage.
  I hope this helps, and feel free to comment or complement.
  By the way, did you know how to set up a valid SSL certificate in Windows 2003 server??? I need it to test and Exchange 2007 I'm tryin to integrate
  Regards
  Juan