Iplanet process form issue in OIM 11g
Hi,
When I try to provision a user to iPlanet. It throws below error in OIM Admin console itself in OIM 11g
This resource is not configured correctly. Contact your System Administrator.
Form does not have any fields defined.
I'm not able to see my process form when I try to provision, eventhough I have fields over there. I'm assumption is there is some problem with Process Definition and Process form linkage for iPlanet resource. I don't think OIM will allow to attach new process form in current process defiintion. Correct me If I'm worng.
Is there any way to check this linkage from backend. any queries available to check from OIM DB?
Pls help me to fix this?
Hi,
When I try to provision a user to iPlanet. It throws below error in OIM Admin console itself in OIM 11g
This resource is not configured correctly. Contact your System Administrator.
Form does not have any fields defined.
I'm not able to see my process form when I try to provision, eventhough I have fields over there. I'm assumption is there is some problem with Process Definition and Process form linkage for iPlanet resource. I don't think OIM will allow to attach new process form in current process defiintion. Correct me If I'm worng.
Is there any way to check this linkage from backend. any queries available to check from OIM DB?
Pls help me to fix this?
Similar Messages
-
IPlanet Target Recon issue in OIM 11g
Hi,
I have a user in OIM and iPlanet. Normally we used to link the user from iPlanet to OIM while running iPlanet Target Recon scheduler. It was working before, suddenly we are getting the below error.
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5010000> <Generic Information: EnterpriseDirectory from cache>
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5012124> <Failed to load profile from MDS /db/EnterpriseDirectory. Error is oracle.mds.core.MetadataNotFoundException: MDS-00013: no metadata found for metadata object "/db/EnterpriseDirectory".>
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5012124> <*Failed to load profile from MDS /db/EnterpriseDirectory_backup. Error is oracle.mds.core.MetadataNotFoundException: MDS-00013: no metadata found for metadata object* "/db/EnterpriseDirectory_backup".>
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5012122> <Reading configurations from the database for object name EnterpriseDirectory>
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5010000> <Generic Information: tos not null>
<Error> <oracle.iam.reconciliation.impl> <IAM-5010000> <Generic Information: {0}
oracle.iam.reconciliation.exception.ConfigException: java.lang.NullPointerException
at oracle.iam.reconciliation.impl.config.ProfileManager.lookupProfile(ProfileManager.java:174)
at oracle.iam.reconciliation.impl.ReconOperationsServiceImpl.getProfile(ReconOperationsServiceImpl.java:2013)
at oracle.iam.reconciliation.impl.ReconOperationsServiceImpl.ignoreEvent(ReconOperationsServiceImpl.java:367)
at oracle.iam.reconciliation.impl.ReconOperationsServiceImpl.ignoreEvent(ReconOperationsServiceImpl.java:355)
at Thor.API.Operations.tcReconciliationOperationsIntfEJB.ignoreEventx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy572.ignoreEventx(Unknown Source)
at Thor.API.Operations.tcReconciliationOperationsIntfEJB_troehf_tcReconciliationOperationsIntfRemoteImpl.__WL_invoke(Unknown Source)
at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
We haven't deploy any patches recently and no major changes in that environment.
Please help me to fix this issue.Kevin,
I have deleted those three files from MDS and tried to recreate reconciliation profile. It throws below same error
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5010000> <Generic Information: Unable to delete backup profile : /db/EnterpriseDirectory_backup, moving forward ...>
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5010000> <Generic Information: Unable to delete, as profile does not exist : /db/EnterpriseDirectory moving forward ...>
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5012124> <Failed to load profile from MDS /db/EnterpriseDirectory. Error is oracle.mds.core.MetadataNotFoundException: MDS-00013: no metadata found for metadata object "/db/EnterpriseDirectory".>
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5012124> <Failed to load profile from MDS /db/EnterpriseDirectory_backup. Error is oracle.mds.core.MetadataNotFoundException: MDS-00013: no metadata found for metadata object "/db/EnterpriseDirectory_backup".>
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5012122> <Reading configurations from the database for object name EnterpriseDirectory>
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5010000> <Generic Information: tos not null>
<Error> <XELLERATE.SERVER> <BEA-000000> <Error encountered during recon profile creation
oracle.iam.reconciliation.exception.ConfigException: java.lang.NullPointerException
at oracle.iam.reconciliation.impl.config.ReconPostImportConfigHandler.reconUpdate(ReconPostImportConfigHandler.java:153)
at oracle.iam.reconciliation.impl.config.ReconPostImportConfigHandler.configure(ReconPostImportConfigHandler.java:110)
at com.thortech.xl.dataobj.tcOBJ.configureReconProfile(tcOBJ.java:115)
at com.thortech.xl.ejb.databeansimpl.tcOBJBean.configureReconProfile(tcOBJBean.java:80)
It is trying to delete those files from MDS first before start creating new one. though it was not there it throws those exceptions. This is what I'm guessing.
I have added filename like EnterpriseDirectory and EnterpriseDirectory_backup under /db/..... location and tried to recreate recon profile. I got the following information in logs
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5010000> <Generic Information: Operation DELETE on MetadataObject /db/EnterpriseDirectory_backup>
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5010000> <Generic Information: Operation DELETE on MetadataObject /db/EnterpriseDirectory>
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5010000> <Generic Information: Operation CREATE on MetadataObject /db/EnterpriseDirectory_backup>
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5012124> <*Failed to load profile from MDS /db/EnterpriseDirectory*. Error is oracle.mds.core.MetadataNotFoundException: MDS-00013: no metadata found for metadata object "/db/EnterpriseDirectory".>
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5012131> <Performing XML schema validation on EnterpriseDirectory>
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5012122> <Reading configurations from the database for object name EnterpriseDirectory>
<Info> <oracle.iam.reconciliation.impl.config> <IAM-5010000> <Generic Information: tos not null>
<Error> <XELLERATE.SERVER> <BEA-000000> <Error encountered during recon profile creation
oracle.iam.reconciliation.exception.ConfigException: java.lang.NullPointerException
It is deleting the existing file and creating EnterpriseDirectory_backup file only and tried to load EnterpriseDirectory file inside /db/ location before creating the file.
Correct me if I'm wrong.
MDS repository holds the path of file name and where it needs to store but in backend in which format it is storing all xml files, any idea?
Edited by: S.K.N on Jun 4, 2012 7:02 PM -
OIM 11gR2 - unable to suppress display of iPlanet process form
OIM 11gR2 or 11.1.2
SJSDS Connector 9.0.4
I have configured the SJSDS connector, it resource, etc and am able to manually/directly provision iPlanet User to an OIM user through the identity interface.
I have configured the process form to pre-populate all necessary fields.
I have checked the Auto Save Form checkbox within the iPlanet User Process Definition.
It is my expectation that when an administrator directly assigns the resource to a user they will not be presented with the process form. However, when we directly assign the resource, the process form is displayed causing the administrator to submit the form.
I have double checked the documentation regarding Auto Save Form within the Developer's Guide for Oracle Identity Manager 11g Release 2 (11.1.2) - E27150-03 and the Oracle® Identity Manager Connector Guide for Sun Java System Directory Release 9.0.4 - E10446-12 and I believe my expectations are correct.
1) Has anyone successfully suppressed the process form while direct or manually provisioning SJSDS through the identity interface?
2) Could the Auto Save Form be only related to request-based provisioning?
Thank you in advance.These are also good questions but I'll give details :-)
1) Does that make the "Auto Save Form" checkbox useless? -
NO, If you don't do this then your Provisioning will stuck into System Validation.
2) Can you "Auto Save" the Application Instance form?
NO, as per Oracle either hide these attributes or delete these attributes but there's no clean way to delete such things.
Question For You:
If you don't want to Auto Save your Application Instance Form then why did you create that.
Workaround:
If you don't want Application Instance then create one more Application Instance without any form -
Facing problem in iplanet pre populate adapter in OIM 11g r2
We have deafult iplanet prepop adapter as iPlanet PP String. the default fields, i.e First Name, Last Name, email is getting populated from user form to process form. But we have a number of other attributes as well whose values need to be pre populated from user to process form. So I created an user in OIM with First Name, Last Name, email and some of the additional attributes, for eg Comapny Code. S while provisioning a user to the target system, only the user is getting provisioned to the target system with First Name, Last Name, email . Company Code is not getting populated, Although the mapping is correctly done.
Kindly suggest.
Edited by: 918071 on Oct 31, 2012 7:08 AMHave you added all the filelds in prepoluate tab of the process form which all you want to prepopulate and assigned them the "iPlanet PP String" adapter if you want to just copy the values from OIM to LDAP.
-
Custom Pre Process Event Handler in OIM 11g for middle initials
Hi,
I am trying to congiure a Custom Pre Process Event Handler for generating middle name in OIM 11g and I am following the steps as given in metalink ID: *1262803.1*
Even after successfully performing all the steps I am not able to get the middle initials in Admin Console when I create a new user.
1) Directory structure for the application that I have created through JDeveloper.
CustomApplication/
|-- CustomApplication.jws
`-- CustomProject
|-- CustomProject.jpr
|-- classes
| `-- com
| `-- example
| `-- custompph
| `-- CustomPreProcessEventHandler.class
`-- src
`-- com
`-- example
`-- custompph
`-- CustomPreProcessEventHandler.java
2) Directory structure for Plugins directory
My Plugin.xml :
<?xml version="1.0" encoding="UTF-8" ?>
<oimplugins>
<plugins pluginpoint="oracle.iam.platform.kernel.spi.EventHandler">
<plugin pluginclass="com.example.custompph.CustomPreProcessEventHandler"
version="1.0" name="CustomPreProcessEventHandler" />
</plugins>
</oimplugins>
plugin/
|-- lib
| `-- com
| `-- example
| `-- custompph
| `-- CustomPreProcessEventHandler.class
|-- middlename.zip
`-- plugin.xml
Copied the middlename.zip in the plugin folder in OIM_HOME and registered it successfully.
3) Created a EventHandlers file and imported it successfully using importmetadata.
My EventHandlers.xml:
<?xml version='1.0' encoding='utf-8'?>
<eventhandlers>
<!-- Custom preprocess event handlers -->
<action-handler
class="com.example.custompph.CustomPreProcessEventHandler"
entity-type="User"
operation="CREATE"
name="CustomPreProcessEventHandler"
stage="preprocess"
order="10"
sync="TRUE"/>
</eventhandlers>
I checked the logs as well but could not find something which can help me to proceed.
Also please advise is their any mapping that I need to do in *"Design Console"*
Please advise !!!!!
ThanksMy lib file contains the package as mentioned in the metalink.
Heirarchy in Plugin folder :
1) plugin.xml
2) Lib ( lib contains 3 folders : com/example/custompph; And inside custompph is my CustomPreProcessEventHandler.class file)
You mean to say i should not copy the entire package in lib but only the jar file of the CustomPreProceessEventHandler.class* file.
If i put only a .jar file in lib i get the following error.
"Error occured during the use of plugin registering utility. The plugin zip does not contain the definition of plugin class com.example.custompph.CustomPreProcessEventHandler"
Thanks
Edited by: 870050 on Jul 4, 2011 4:30 AM -
AD Trusted Reconciliation Issue in OIM 11g R2
Hi,
I am trying to reconcile the users from AD(Trusted Source) to OIM 11g R2.
I gave object class as User. and User ID in search filter but by default ObjectCategory is getting added in my search filter.
so my search query ends up something like..
(&(ObjectCategory=Person)(&(objectclass=User)(uid=*******))) which is not correct for my AD.
If I give any object class other than User I get following error:
+oracle.iam.connectors.icfcommon.exceptions.IntegrationException: The value for a key [IntOrgPerson Configuration Lookup] is not defined in the provided map.+
Though I have given this value in Lookup.Configuration.ActiveDirectory.Trusted ....
How can I update or remove this ObjectCategory field from my query.
Regards,
Abhi
Edited by: 918619 on Jan 21, 2013 4:11 AMOrch[725719:CREATE]oracle.iam.platform.kernel.EventFailedException: IAM-3051103:The create operation on user entity failed in action stage.: at oracle.iam.identity.usermgmt.utils.UserManagerUtils.createEventFailedException(UserManagerUtils.java:278) at oracle.iam.identity.usermgmt.utils.UserManagerUtils.createEventFailedException(UserManagerUtils.java:303) at oracle.iam.identity.usermgmt.impl.handlers.create.CreateUserActionHandler.execute(CreateUserActionHandler.java:182) at oracle.iam.identity.usermgmt.impl.handlers.create.CreateUserActionHandler.execute(CreateUserActionHandler.java:64) at sun.reflect.GeneratedMethodAccessor2302.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at oracle.iam.platform.kernel.impl.EventHandlerDynamicProxy$1.process(EventHandlerDynamicProxy.java:30) at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:13) at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:6) at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:128) at oracle.iam.platform.tx.OIMTransactionManager.execute(OIMTransactionManager.java:22) at oracle.iam.platform.kernel.impl.EventHandlerDynamicProxy.invoke(EventHandlerDynamicProxy.java:26) at $Proxy254.execute(Unknown Source) at oracle.iam.platform.kernel.impl.OrchProcessData.runActionEvents(OrchProcessData.java:1115) at oracle.iam.platform.kernel.impl.OrchProcessData.access$500(OrchProcessData.java:84) at oracle.iam.platform.kernel.impl.OrchProcessData$8.processWithoutResult(OrchProcessData.java:719) at oracle.iam.platform.tx.OIMTransactionCallbackWithoutResult.process(OIMTransactionCallbackWithoutResult.java:9) at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:13) at oracle.iam.platform.tx.OIMTransactionCa
-
SJSDS recon issue with oim 11g
I got the following logging message while reconciling SJSDS (sun directory server) with oim 11g. All the recon statuses were success (group, role, user, trusted user), but no data was from SJSDS.
Did anyone has any idea about it?
Thanks
John
[2011-06-19T10:01:47.352-05:00] [oim_server1] [NOTIFICATION] [IAM-0080013] [oracle.iam.platform.kernel.impl] [tid: [ACTIVE].ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 0000J2cQzfw5qYWFLzfP8A1DzNVx0000A0,0] [APP: oim#11.1.1.3.0] [arg: 194] [arg: 0] [arg: JobDetails] [arg: UPDATE] Kernel executing default validation with process id, event id, entity and operation 194.0.JobDetails.UPDATE
[2011-06-19T10:01:47.376-05:00] [oim_server1] [NOTIFICATION] [IAM-1020024] [oracle.iam.scheduler.impl.quartz] [tid: [ACTIVE].ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 0000J2cQzfw5qYWFLzfP8A1DzNVx0000A0,0] [APP: oim#11.1.1.3.0] [arg: 194.242.JobDetails.UPDATE.entityId=null] Execute default action handler with 194.242.JobDetails.UPDATE.entityId=null
[2011-06-19T10:01:47.447-05:00] [oim_server1] [NOTIFICATION] [] [oracle.iam.platform.kernel.dao] [tid: [ACTIVE].ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 0000J2cQzfw5qYWFLzfP8A1DzNVx0000A0,0] [APP: oim#11.1.1.3.0] Inserting records for orchestration cleanup
[2011-06-19T10:01:47.475-05:00] [oim_server1] [NOTIFICATION] [IAM-0080046] [oracle.iam.platform.kernel.impl] [tid: [ACTIVE].ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 0000J2cQzfw5qYWFLzfP8A1DzNVx0000A0,0] [APP: oim#11.1.1.3.0] [arg: Done] Completed orchestration with action result - Done
[2011-06-19T10:01:47.705-05:00] [oim_server1] [NOTIFICATION] [] [oracle.iam.platform.authz.impl] [tid: [ACTIVE].ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 0000J2cQzfw5qYWFLzfP8A1DzNVx0000A0,0] [APP: oim#11.1.1.3.0] [[
*---Stack Trace Begins[[This is not an exception. For debugging purposes]]---*
oracle.iam.platform.authz.impl.OESAuthzServiceImpl.doCheckAccess(OESAuthzServiceImpl.java:212) oracle.iam.platform.authz.impl.OESAuthzServiceImpl.hasAccess(OESAuthzServiceImpl.java:190)
oracle.iam.platform.authz.impl.OESAuthzServiceImpl.hasAccess(OESAuthzServiceImpl.java:182)
oracle.iam.platform.authz.impl.AuthorizationServiceImpl.hasAccess(AuthorizationServiceImpl.java:173)
oracle.iam.scheduler.impl.util.SchedulerAccessUtils.checkOperationAccess(SchedulerAccessUtils.java:22)
oracle.iam.features.scheduler.agentry.operations.LookupActor.prepare(LookupActor.java:1555)
oracle.iam.features.scheduler.agentry.operations.LookupActor.refresh(LookupActor.java:2969)
oracle.iam.features.scheduler.agentry.operations.LookupActor.receiveEvent(LookupActor.java:2807)
oracle.iam.consoles.faces.mvc.canonic.Model.handleIntent(Model.java:922)
oracle.iam.consoles.faces.mvc.canonic.Controller.doHandleIntent(Controller.java:528)
oracle.iam.consoles.faces.mvc.canonic.Controller.doSelectAction(Controller.java:203)
oracle.iam.consoles.faces.event.NavigationListener.processAction(NavigationListener.java:97)
... 34 lines skipped..
oracle.iam.platform.auth.web.PwdMgmtNavigationFilter.doFilter(PwdMgmtNavigationFilter.java:115)
... weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
oracle.iam.platform.auth.web.OIMAuthContextFilter.doFilter(OIMAuthContextFilter.java:100)
... 15 lines skipped..
weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
---Stack Tracefor this call Ends---
]]As the log says thats not an exception. Anyway why dont you enable the connector logs and see what does the connector complaint about. Refer the Enable Logging section in the connector PDF
Thanks
SRS -
OIM-AD connector Issues in OIM 11g
Hi
We are trying to provision user from OIM 11G to AD using Administration Tab of Admin Console.
As part of ADITResource configuration , follwoing fields are included.In the Enterprise manager OIM server log, we are getting the below error message.
Error Message In Enterprise manager OIM server log -
Module OIMCP.ADCS
Thread ID [ACTIVE].ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'
Message com.thortech.xl.integration.ActiveDirectory.tcUtilADTasks : createUser : Wrong Value Specified in Root Context of IT ResourceOr Organization DN_
However, in Admin console Selfservice-->Task-->Provisioning -->Shows error as
Response:Connection Error encountered
Response Description: Error encountered while connecting to target system
We have sucessfully tested the connection using Diagnoistic Dashboard (XIMDD) & Ldap Browser.
IT Resource Details-
Parameter Value
AD Sync installed (yes/no) no
ADAM LockoutThreshold Value 5
ADDisableAttr Lookup Definition Lookup.ADProvisioning.DisableAttrLookup
ADGroup LookUp Definition Lookup.ADReconciliation.GroupLookup
Abandoned connection timeout 600
Admin FQDN cn=administrator,cn=Users,dc=example,dc=com
Admin Login administrator
Admin Password ********
Allow Password Provisioning yes
AtMap ADGroup AtMap.ADGroup
AtMap ADUser AtMap.AD
AtMap Group AtMap.ADGroup
Atmap ADOrg AtMap.ADOrg
Backup Server URL [NONE]
Connection pooling supported false
Connection wait timeout 100
Custom Attribute Name
CustomizedReconQuery
Inactive connection timeout 600
Initial pool size 1
Invert Display Name no
LDAP Connection Timeout 30000
Last Modified Time Stamp 0
Last Modified Time Stamp Group 0
Max pool size 30
Min pool size 2
Native connection pool class definition
OIM User UDF
Pool excluded fields
Pool preference Default
Port Number 389
Remote Manager Prov Lookup AtMap.AD.RemoteScriptlookUp
Remote Manager Prov Script Path
ResourceConnection class definition com.thortech.xl.integration.ActiveDirectory.ADResourceConnectionImpl
Root Context dc=example,dc=com
SSL Port Number 636
Server Address WIN-PEUB23TMMT4.example.com
Target Locale: Country US
Target Locale: Language en
Target Locale: TimeZone GMT
Target supports only one connection false
Timeout check interval 100
UPN Domain example.com
Use Disable Attr false
Use SSL false
Validate connection on borrow true
isADAM no
isUserDeleteLeafNode no
For Organization we have selected ou=Test,dc=example,dc=com in our lookup defination
Please suggest....
ThanksIt's not Key, it's the Scheduled Task attribute "IT Resource Name"
Documentation: http://download.oracle.com/docs/cd/E11223_01/doc.910/e11197/using_conn.htm#CHDFBAAC
Here is the documentation on the lookup format: http://download.oracle.com/docs/cd/E11223_01/doc.910/e11197/intro.htm#CHDHCCJD
-Kevin -
ESSO PG Connector Issue in OIM 11G
I setup ESSO Provision Gateway Connector in OIM 11G.
But during "add credential task" I get error:
"*The add_credential execution failed. Error: Error in sending instruction from provisioning manager in Api Command (400) Bad Request. Add Credential Command failed to get invoked*".
In Event Log of the Windows Server 2008 with the Provision Gateway I saw:
"*Unexpected end tag. Line 6, position 1015*", "*server cannot clear headers after http headers have been sent*".
It means a syntax error in xml request of connector to web-service of Provision Gateway.
Wireshark shows me sent xml-request:
"<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
<wsse:UsernameToken><wsse:Username>cn=adm,o=petro</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">12345678</wsse:Password><wsse:Nonce>QFJ903k1GFWnAoqZ/Npijg==</wsse:Nonce><wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2010-12-07T11:47:02.502Z</wsu:Created></wsse:UsernameToken></wsse:Security></soapenv:Header><soapenv:Body><AddCredential xmlns="http://passlogix.com/UP/"><strRequest><?xml version = '1.0' encoding = 'UTF-8'?>
<addRequest><attributes><attr name="objectclass"><value>urn.oasis.names.tc:SPML:1:0#GenericString</value></attr><attr name="provisioningAgent"><value>Provisioning Agent</value></attr><attr name="ssoUserId"><value>SGP63234</value></attr><attr name="creationTime"><value>2010-12-07 11:47:02.491Z</value></attr><attr name="executionTime"><value>2010-12-07 11:47:02.490Z</value></attr><attr name="applicationId"><value>SAP</value></attr><attr name="userId"><value>EBELOV</value></attr><attr name="description"><value>SAP</value></attr><attr name="password"><value>Q123</value></attr><attr name="thirdField"><value>888</value></attr></attributes></addRequest></strRequest></AddCredential></soapenv:Body></soapenv:Envelope>*</#document>*"
I saved it to xml-file and opened in Internet Explorer and there was error.
Then I decided to watch the view of this request in OIM 9.1.0.2 to compare with request in OIM 11G.
I found out next one:
the main difference was in last tag "*</#document>*".
I take this tag off from xml-file, taken from request of OIM 11G and saved the file.
Edited xml-file was correct.
Is it error in connector or in OIM 11G?How to solve it?Can anyone help me?Hi!
I get the same error during Add Credential task with the ESSO PG connector in OIM 11g.....
The add_credential execution failed. Error: Error in Sending instruction from the provisioning manager in API Command (400)Bad Request.
com.passlogix.integration.provision.client.CommandInvocationException: Error in Sending instruction from the provisioning manager in API Command (400)Bad Request
Where I can check the xml file?
You could solve the problem?
Thanks in advance!!! -
I have created one Task assignement adapter and assigned to one user (myself). I have enabled that Send Mail check box, However I am NOT getting email from OIM 11g.
I have already defined EMail server IT resource details as below
Authentication: False
Server Name: &&&&&&&&
User Login: xelsysadm
User Password: xelsysadm
Could you please let me know what could be the reason???I do not think so since We are able to send emails during AD provisioning in same domain.
In my case Do I need to provide From address anywhere in OIM?
Pls suggest. -
Process Task dependency issue in OIM 11g
Hello,
I created 3 process tasks (Task1, Task2 and Task3) .I would like to trigger Task3 when both Task1 and Task2 get completed status.
So what I did is I put both Task1 and Task2 as depedent tasks in Task 3 "Task Dependecy" tab. In this case both Task1 and Task2 get triggered and completed , however Task3 is NOT triggering.
Even I tried putting both Task 1 and Task2 as Preceeding tasks for Task3, still it does not work.
Could you please let me know how can we trigger Task3 once both Task1 and Task2 completes.
Thanks for you help.By Task Dependency you can just control the order of the tasks being executed but you cannot invoke/insert a target.
Ideally what you did as suggested in the latter option is correct: Task1 and Task2 as preceding task of Task3.
To invoke Task3, you can do multiple things, the easiest here would be to go to the Responses tab of Task2 select the response Completed and then in Tasks to Generate section add Task3 -
Email Notifiation Issue in OIM 11g
Hi All,
I have a requirement of sending a notification to user & the user’s manager when the user is about to be disabled.
On User Disable in OIM, I am facing the issue that my changes are not getting effected and no email is getting triggered and the user is getting disabled successfully . I am adding the notification on Disable User Task in Xellerate User process definition. The implementation is on Oracle IdM 11g.
Could anyone suggest any solution for the above problem
Thanks
Siva PrasadDoes email notification goes out for any other notifications/alerts? Check the notification mailer and email ids settings as well.
Also open case with oracle support. -
Custom Target Reconciliation with child form entries in OIM 11g
Hello experts,
I have developed custom scheduler code to reconcile users from target system to OIM. In this code I am using the API createReconciliationEvent(java.lang.String psObjectName, java.util.Map poData, boolean pbFinishEvent). If the reconciled user does not have any child form entries(like roles and groups) then the user account is linked to OIM user profile but if the user has child form entries then user is not getting reconciled to OIM. In the logs it says...
oracle.iam.platform.utils.SuperRuntimeException: -104: Error occurred in XL_SP_RECONEVALUATEUSER while processing Event No 849 Error occurred in XL_SP_RECONREQDATACHECK while processing Event 849 'Event Received' is an invalid event status. Valid event states are Data Received,Data Validation Failed,Being Re-evaluated,Being Re-tried
at oracle.iam.reconciliation.dao.ReconActionDao.executeUserMatch(ReconActionDao.java:393)
at oracle.iam.reconciliation.impl.UserHandler.process(UserHandler.java:64)
at oracle.iam.reconciliation.impl.ActionEngine.processEvent(ActionEngine.java:194)
at oracle.iam.reconciliation.impl.ReconOperationsServiceImpl.processReconciliationEvent(ReconOperationsServiceImpl.java:982)
at oracle.iam.reconciliation.api.ReconOperationsServiceEJB.processReconciliationEventx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy334.processReconciliationEventx(Unknown Source)
at oracle.iam.reconciliation.api.ReconOperationsService_emc07d_ReconOperationsServiceRemoteImpl.__WL_invoke(Unknown Source)
at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
Here is my code...
public void reconCall(String ResourceObject, Hashtable mUserDetail)
ReconOperationsService tcreconObj =null;
EventAttributes eventattr= new EventAttributes();
ArrayList roles=roleOfUser(mUserDetail.get("CommanName").toString(),mUserDetail.get("OrganizationUnit").toString());
ArrayList groups=groupOfUser(mUserDetail.get("CommanName").toString(),mUserDetail.get("OrganizationUnit").toString());
if((roles.size()==0)&& (groups.size()==0))
eventattr.setEventFinished(true);
else
eventattr.setEventFinished(false);
try
LOGGER.info("In com.gapp.recon.tasks.ReconAllUsers reconCall()");
LOGGER.info("Creating object of Thor.API.Operations.tcReconciliationOperationsIntf");
tcreconObj = Platform.getService(oracle.iam.reconciliation.api.ReconOperationsService.class);
LOGGER.info("Creating reconcilation event");
long lnreckey = tcreconObj.createReconciliationEvent(ResourceObject, mUserDetail, eventattr);
if(roles.size()==0)
LOGGER.info("there are no roles for the user");
if(roles.size()>0)
tcreconObj.providingAllMultiAttributeData(lnreckey, "RoleName", true);
LOGGER.info("Iterating roles");
LOGGER.info(roles.toString());
for(int k=0; k <roles.size(); k++)
LOGGER.info("Iteration "+k);
HashMap multiroles=new HashMap();
LOGGER.info("Adding role to hashmap");
multiroles.put("RoleName", roles.get(k));
LOGGER.info(multiroles.toString());
long j= tcreconObj.addMultiAttributeData(lnreckey, "RoleName", multiroles);
LOGGER.info("addMultiAttributeData key "+j);
if(groups.size()==0)
LOGGER.info("There Are No Groups For This User");
if(groups.size()>0)
tcreconObj.providingAllMultiAttributeData(lnreckey, "GroupName", true);
LOGGER.info("Iterating groups");
LOGGER.info(groups.toString());
for(int k=0; k <groups.size(); k++)
LOGGER.info("Iteration "+k);
HashMap multigroups=new HashMap();
LOGGER.info("Adding group to hashmap");
multigroups.put("GroupName", groups.get(k));
LOGGER.info(multigroups.toString());
long j= tcreconObj.addMultiAttributeData(lnreckey, "GroupName", multigroups);
LOGGER.info("addMultiAttributeData key "+j);
// LOGGER.info("executing processReconciliationEvent");
tcreconObj.processReconciliationEvent(lnreckey);
//LOGGER.info("executing finishReconciliationEvent");
// tcreconObj.finishReconciliationEvent(lnreckey);
// LOGGER.info("executing updateScheduletaskattribute");
}Pls Help.
ThanksYou gotta specify your child table recon-field in the process definition mappings as a Key Field. Refer OOTB AD connector and check:
Process Definition -> AD User ->Reconciliation Field Mappings -> memberOf -
Ldap Synch Error in attribute conversion operation Issue in OIM 11g R2 PS1
Hi All,
We have enabled LDAP Synch in OIM11g R2 PS1 environment. We have requirement of users getting created through Web Services. When we create a user through Webservices, and provide all the attributes required to create user then we are getting LDAP Error in attribute conversion operation:
2014-01-03T02:31:52.249-05:00] [oim_server1] [WARNING] [] [oracle.adf.controller.faces.lifecycle.Utils] [tid: [ACTIVE].ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 1353004b0df87234:-67081615:143517a89d1:-8000-0000000000002807,0] [APP: oracle.iam.console.identity.self-service.ear#V2.0] ADF: Adding the following JSF error message: IAM-2050243 : Orchestration process with id 9864, failed with error message IAM-3010201 : LDAP create event failed : 00000057: LdapErr: DSID-0C090C3E, comment: Error in attribute conversion operation, data 0, v1db1.[[
oracle.iam.ui.platform.exception.OIMRuntimeException: IAM-2050243 : Orchestration process with id 9864, failed with error message IAM-3010201 : LDAP create event failed : 00000057: LdapErr: DSID-0C090C3E, comment: Error in attribute conversion operation, data 0, v1db1.
at oracle.iam.ui.platform.exception.OIMErrorHandler.reportServiceException(OIMErrorHandler.java:170)
at oracle.iam.ui.platform.exception.OIMErrorHandler.reportException(OIMErrorHandler.java:65)
at oracle.adf.model.binding.DCDataControl.reportException(DCDataControl.java:411)
at oracle.adf.model.binding.DCBindingContainer.reportException(DCBindingContainer.java:416)
at oracle.adf.model.binding.DCBindingContainer.reportException(DCBindingContainer.java:471)
at oracle.adf.model.binding.DCControlBinding.reportException(DCControlBinding.java:201)
at oracle.jbo.uicli.binding.JUCtrlActionBinding.reportException(JUCtrlActionBinding.java:2016)
at oracle.jbo.uicli.binding.JUCtrlActionBinding.doIt(JUCtrlActionBinding.java:1660)
at oracle.adf.model.binding.DCDataControl.invokeOperation(DCDataControl.java:2150)
at oracle.jbo.uicli.binding.JUCtrlActionBinding.invoke(JUCtrlActionBinding.java:740)
at oracle.adf.controller.v2.lifecycle.PageLifecycleImpl.executeEvent(PageLifecycleImpl.java:402)
at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding._execute(FacesCtrlActionBinding.java:252)
at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding.execute(FacesCtrlActionBinding.java:210)
at oracle.iam.ui.platform.utils.FacesUtils.executeOperationBinding(FacesUtils.java:165)
at oracle.iam.ui.platform.utils.FacesUtils.executeOperationBindingFromActionListener(FacesUtils.java:112)
at oracle.iam.ui.catalog.view.backing.CartReqBean.submitActionListener(CartReqBean.java:848)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.sun.el.parser.AstValue.invoke(AstValue.java:187)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:297)
at org.apache.myfaces.trinidadinternal.taglib.util.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:53)
at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcastToMethodBinding(UIXComponentBase.java:1256)
at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:183)
at oracle.adf.view.rich.component.fragment.UIXRegion.broadcast(UIXRegion.java:148)
at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:102)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:92)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:361)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:96)
at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:96)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.broadcastEvents(LifecycleImpl.java:1018)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:386)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:194)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.view.page.editor.webapp.WebCenterComposerFilter.doFilter(WebCenterComposerFilter.java:117)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:106)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.help.web.rich.OHWFilter.doFilter(Unknown Source)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.iam.ui.platform.servletfilter.IdentityContextFilter.doFilter(IdentityContextFilter.java:50)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.iam.platform.servletfilter.PwdMgmtNavigationFilter.doFilter(PwdMgmtNavigationFilter.java:164)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.bpel.services.workflow.client.worklist.util.WorkflowFilter.doFilter(WorkflowFilter.java:248)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.bpel.services.workflow.client.worklist.util.DisableUrlSessionFilter.doFilter(DisableUrlSessionFilter.java:70)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:179)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3730)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3696)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
In this case user is getting created in OIM but LDAP Synch is not happening we are getting the error as mentioned above.
When we create user in OIM not through Web Serives but through Identity Self Service and provide any date attribute for example Start Date,Provisoning Date, Deprovisoning Date or any other date attribute, then also we are geeting the same error of Error in attribute conversion operation Issue, in this case user is not getting created in OIM and LDAP Synch is not happening.
And when we create a user in OIM not through Web Serives but through Identity Self Service and did not give any of the date attribute then user is getting created and LDAP synch is also happening successfully.
We need to create users through Web Services and we need to resolve this issue asap, request you all to provide any helpful pointer on this.
Thanks
VarshaThis can happen due to OIM-LDAP wrong attribute mapping/value getting passed.
Can you please first try with OOTB attributes and see how it behaves?
J -
How to retrieve Request Form Data in OIM 11g for SOA workflows
Hi,
I have a business requirement wherein, I need to retrieve a field's value inside my SOA composite for further processing and decide on the Approver of the Request. Say for e.g. I'm having a field *"Country"* inside my Request Form, and what i need to do is, as soon as the request form is submitted, I need to retrieve the value for *"Country"* attribute inside my SOA Composite using Payload, and further process it. This scenerio is with respect to provision an application instance to a user.
Now, in a similar scenario, where I was trying to create a user of type *"Contractor"*, I had used Request Service Api to retrieve the Basic information of the userform submitted, and decide on approval. Fortunately, the basic data like, First Name, Last Name, Login etc was successfully being fetched from the Request and I was able to perform further operations.
Unfortunately, the same code which was working for Creation of a User, is not working when I'm trying to provision an application instance to the user.
Below is the code which worked fine for me to retrieve basic request data for user creation, and isn't working for provisioning application instance:
RequestService reqSvc = (RequestService)oimClient.getService(RequestService.class);
String reqId = ((oracle.xml.parser.v2.XMLElement)getVariableData("inputVariable", "payload", "/ns3:process/ns4:RequestID")).getText();
System.out.println("request ID: " reqId);+
Request req = reqSvc.getBasicRequestData(reqId);
List <RequestEntity> targetEntities = req.getTargetEntities();
System.out.println("targetEntities : " targetEntities);+
System.out.println("------------");
for (RequestEntity rea : targetEntities)
+{+
List <RequestEntityAttribute> attributes = rea.getEntityData();
for( oracle.iam.request.vo.RequestEntityAttribute attribute : attributes)
+{+
System.out.println("Attribute.getName() : " attribute.getName().toString());+
if(attribute.getName().equals("User Manager"))
+{+
beneficiaryManagerKey = attribute.getValue().toString();
System.out.println("User Manager : " beneficiaryManagerKey);+
+}+
e+lse if(attribute.getName().equals("User Login"))+
+{+
userid = attribute.getValue().toString();
System.out.println("User Login : " userid);+
+}+
+}+
+}+
Any pointers to this would be of a great help.
RegardsList <RequestEntity> targetEntities = req.getTargetEntities();
System.out.println("targetEntities : " + targetEntities);
System.out.println("------------");
The above piece of code retrieves the attributes and their values from the request form while creating a user, but not from the request form, which provisioning a resource to a user.
Regards,
Maybe you are looking for
-
Hello Guys, I am just curious to know how PM will work without integration of MM or FI as a first phase. How would we issue the spare parts to the work order ? lets say I use the different system to create a PO for non stock and services and wanted t
-
EMac looking for wireless hook up, some confusion
I have an eMac 700 with a bus of 100. So I have to use the original airport card. Pricey. Apple mentioned using a 3rd party wireless card. Could this be it ? Wireless Pre-N Desktop Network Card - Belkin $129 Then could i use an airport Exstreem? Appl
-
Please help me, this is really upsetting. I really would like my Itunes to work. The message that pops up is saying that it will only transpher purchased items and I downloaded a lot of CDs so if you can please help me it would be lovely.
-
IChat doesn't open--period. Bus error?
I just received my new iMac (Intel Core Duo, woohoo!) on Saturday, and the very first time I tried to open iChat was about an hour ago. All I got was a couple bounces, and then.. failure. Rebooting doesn't make any difference. I tried opening it in T
-
Permissions Messed Up For App Install
iOS: 10.9.5 Macbook Air The battery of my new Macbook Air was not retaining charge (for more than 2-4 hours depending on usage) so I gave called Apple support and turned it in for monitoring. They claimed that their tests required that they reformat