LDAP Sync -NullPointerException

Similar Messages

• Error while doing the Ldap sync for UDFs

  Hi All,
  I am doing LDAP sync for UDFs,
  Created users in OID.
  assigned to orclIDXPerson object modified the ldapconfig.props and created the input file.
  Now I am running the ldapsyncudf.sh then I getting the below error.
  Exception in thread "main" java.lang.NullPointerException
  at oracle.ods.virtualization.schema.AttributeTypeDefinition.getOID(AttributeTypeDefinition.java:117)
  at oracle.ods.virtualization.jndi.OVDSchemaContext.convertAttrDefnToJNDIAttrs(OVDSchemaContext.java:655)
  at oracle.ods.virtualization.jndi.OVDSchemaContext.getAttributes(OVDSchemaContext.java:137)
  at oracle.ods.virtualization.jndi.OVDSchemaContext.getAttributes(OVDSchemaContext.java:109)
  at oracle.iam.configservice.impl.LDAPUDFSyncImpl.isAttrExistsInLDAP(LDAPUDFSyncImpl.java:555)
  at oracle.iam.configservice.impl.LDAPUDFSyncImpl.validateOVDSchema(LDAPUDFSyncImpl.java:519)
  at oracle.iam.configservice.impl.LDAPUDFSyncImpl.addUDFwithLDAP(LDAPUDFSyncImpl.java:1082)
  at oracle.iam.configservice.api.LDAPUDFSyncEJB.addUDFwithLDAPx(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
  at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
  at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
  at $Proxy631.addUDFwithLDAPx(Unknown Source)
  can anyone please unblock me.
  Thanks,
  Valli

  Hi,
  Please see if these help (for 11gR2)
  Export the LDAPUser.xml file from MDS using weblogicExportMetatdata.bat. This xml contains the attributes mapping between OIM and OID for LDAP synchronization.
  Include the entry for OIM attribute (if entry does not exist for the attribute in the XML) under entity-attributes node. For e.g. use the following xml snippet to add the entry for ISD Code for Phone attribute
  <entity-attributes><attribute name=”ISD Code for Phone”> <type>string</type> <required>false</required> <attribute-group>Extended </attribute-group> <searchable>true</searchable> </attribute> </entity-attributes>
  Include the entry for OID attribute under target-fields node. For e.g. use the following xml snippet to add the entry for CountryCode
  <target-fields><field name=”CountryCode”><type>String</type> <required>false</required> </target-fields>
  Now map the OIM attribute with the OID attribute using the following xml snippet under attribute-maps node
  <attribute-maps><attribute-map> <entity-attribute> ISD Code for Phone </entity-attribute> <target-field>CountryCode</target-field> </attribute-map></attribute-maps>
  Save the changes and import the file back into MDS using WebLogic import utilities.

• LDAP Sync OAM 11g

  We have installed OAM 11g with the follwing:
  OS: RHEL 5.5 with 64bit Intel
  DBS: 11gR2 (11.2.0.1)
  RCU: 11.1.1.3.3
  IDM: 11.1.1.3
  SOA: 11.1.1.3
  WLS: 10.3.3
  IDAM: 11.1.1.3
  All the servers are up and running and all the consoles are accessible -- in short everything seems to be running fine. Except for the fact that we cannot create users or modify IT resource and some other OIM functions. We have followed the steps to execute LDAP Sync (which we think is the culprit) but it appears that OIM is not accessing LDAP.
  Before we ran LDAP Sync, we were able to "create users", but they were not accessible within OID. After running LDAP Sync, we are not able to create users. When we press Apply, we receive the following error:
  "An error has occurred while performatin create user sequence. Unable to set LDAP connection, and the root cause is -- Null input buffer."
  Any ideas?

  The error appears to be different. From oim_server1-diagnostic.log
  [2011-03-18T08:46:04.277-04:00] [oim_server1] [NOTIFICATION] [IAM-3010042] [oracle.iam.ldapsync.vo] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 0000Iv904T_7U8WVLyESOA1DWoEu00000a,0] [APP: oim#11.1.1.3.0] [arg: oracle.iam.ldapsync.impl.DefaultLDAPContainerMapper] Loading LDAP container mapping plug-in - oracle.iam.ldapsync.impl.DefaultLDAPContainerMapper
  [2011-03-18T08:46:04.327-04:00] [oim_server1] [NOTIFICATION] [IAM-0040016] [oracle.iam.platform.entitymgr.impl] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 0000Iv904T_7U8WVLyESOA1DWoEu00000a,0] [APP: oim#11.1.1.3.0] [arg: LDAPUser] [arg: LDAPDataProvider] Initializing data provider for entity type - LDAPUser of type LDAPDataProvider
  [2011-03-18T08:46:04.484-04:00] [oim_server1] [ERROR] [IAM-0042017] [oracle.iam.platform.entitymgr.provider.ldap] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 0000Iv904T_7U8WVLyESOA1DWoEu00000a,0] [APP: oim#11.1.1.3.0] [arg: oracle.iam.platform.entitymgr.vo.ConnectivityException: java.lang.IllegalArgumentException: Null input buffer] An error occurred while finding the change log type - oracle.iam.platform.entitymgr.vo.ConnectivityException: java.lang.IllegalArgumentException: Null input buffer
  Whereas the error in the note provided is:
  2010-11-24T23:54:30.262-06:00] [oim_server1] [ERROR] [IAM-0042006] [oracle.iam.platform.entitymgr.provider.ldap] [tid: [ACTIVE].ExecuteThread: '17' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 0000Im1aEEz6yGD5nBK6yZ1CvTLx0000B6,0] [APP: oim#11.1.1.3.0] [dcid: 2f99c0ab29663422:-14c1853b:12c810b022f:-7ffd-000000000000135c] [arg: java.lang.NullPointerException] An error occurred while looking up the entity in LDAP, and the corresponding error is - java.lang.NullPointerException

• OIM Ldap Sync Problems

  I am having a problem with LDAP integration. I have been working through the oracle manuals and the guide posted at http://onlineappsdba.com/index.php/2010/12/29/part-viii-optional-configure-ldap-sync-with-oim-11g-oim-11g-integration-with-ovdoid/.
  I have competed all of the steps but when I try to create a new user I get the following Error:
  An error occurred while performing create user operation. Unable to get LDAP connection, and the root cause is - Failed to get connection due to initialization error with the pool: Failed to intialize and start UCP Connection pool
  I have created the full jar file for the client. Can anyone offer up any suggestions here?

  The other are related to something about a global connection pool, note the traces here are trimmed due to forum post limits:
  <Jun 6, 2011 1:48:44 PM EDT> <Notice> <Stdout> <BEA-000000> <<Jun 6, 2011 1:48:44 PM EDT> <Error> <XELLERATE.SERVER> <BEA-000000> <PooledResourceConnectionProvider/createConnection: Failed to create Resource Connection to target
  com.oracle.oim.gcp.exceptions.ResourceConnectionCreateException: java.lang.NullPointerException
       at oracle.iam.ldapsync.impl.repository.LDAPConnection.createConnection(LDAPConnection.java:118)
       at com.oracle.oim.gcp.ucp.PooledResourceConnectionProvider.createConnection(PooledResourceConnectionProvider.java:84)
       at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.createOnePooledConnectionInternal(UniversalConnectionPoolImpl.java:1570)
       at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.access$600(UniversalConnectionPoolImpl.java:1378)
       at oracle.ucp.common.UniversalConnectionPoolImpl.createOnePooledConnection(UniversalConnectionPoolImpl.java:445)
       at oracle.ucp.common.UniversalConnectionPoolImpl.addNewConnections(UniversalConnectionPoolImpl.java:945)
       at oracle.ucp.common.UniversalConnectionPoolBase.getInitialConnections(UniversalConnectionPoolBase.java:613)
       at oracle.ucp.common.UniversalConnectionPoolBase.start(UniversalConnectionPoolBase.java:728)
       at com.oracle.oim.gcp.ucp.UCPPool.initializePool(UCPPool.java:94)
       at com.oracle.oim.gcp.pool.PoolFactory.getPool(PoolFactory.java:91)
       at com.oracle.oim.gcp.pool.ConnectionService.getConnection(ConnectionService.java:46)
       at com.oracle.oim.gcp.pool.ConnectionService.getConnection(ConnectionService.java:176)
       at oracle.iam.ldapsync.impl.repository.ITResourceRepository.getConnection(ITResourceRepository.java:34)
  Caused By: java.lang.NullPointerException
       at oracle.iam.ldapsync.impl.repository.LDAPConnection.createConnection(LDAPConnection.java:87)
       at com.oracle.oim.gcp.ucp.PooledResourceConnectionProvider.createConnection(PooledResourceConnectionProvider.java:84)
       at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.createOnePooledConnectionInternal(UniversalConnectionPoolImpl.java:1570)
       at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.access$600(UniversalConnectionPoolImpl.java:1378)
       at oracle.ucp.common.UniversalConnectionPoolImpl.createOnePooledConnection(UniversalConnectionPoolImpl.java:445)
       at oracle.ucp.common.UniversalConnectionPoolImpl.addNewConnections(UniversalConnectionPoolImpl.java:945)
  >>
  <Jun 6, 2011 1:48:44 PM EDT> <Notice> <Stdout> <BEA-000000> <<Jun 6, 2011 1:48:44 PM EDT> <Error> <XELLERATE.SERVER> <BEA-000000> <Class/Method: UCPPool/initializePool encounter some problems:  Failed to create Resource Connection to target
  oracle.ucp.UniversalConnectionPoolException:  Failed to create Resource Connection to target
       at com.oracle.oim.gcp.ucp.PooledResourceConnectionProvider.createConnection(PooledResourceConnectionProvider.java:90)
       at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.createOnePooledConnectionInternal(UniversalConnectionPoolImpl.java:1570)
       at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.access$600(UniversalConnectionPoolImpl.java:1378)
       at oracle.ucp.common.UniversalConnectionPoolImpl.createOnePooledConnection(UniversalConnectionPoolImpl.java:445)
       at oracle.ucp.common.UniversalConnectionPoolImpl.addNewConnections(UniversalConnectionPoolImpl.java:945)
       at oracle.ucp.common.UniversalConnectionPoolBase.getInitialConnections(UniversalConnectionPoolBase.java:613)
       at oracle.ucp.common.UniversalConnectionPoolBase.start(UniversalConnectionPoolBase.java:728)
  Caused By: com.oracle.oim.gcp.exceptions.ResourceConnectionCreateException: java.lang.NullPointerException
       at oracle.iam.ldapsync.impl.repository.LDAPConnection.createConnection(LDAPConnection.java:118)
       at com.oracle.oim.gcp.ucp.PooledResourceConnectionProvider.createConnection(PooledResourceConnectionProvider.java:84)
       at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.createOnePooledConnectionInternal(UniversalConnectionPoolImpl.java:1570)
       at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.access$600(UniversalConnectionPoolImpl.java:1378)
       at oracle.ucp.common.UniversalConnectionPoolImpl.createOnePooledConnection(UniversalConnectionPoolImpl.java:445)
       at oracle.ucp.common.UniversalConnectionPoolImpl.addNewConnections(UniversalConnectionPoolImpl.java:945)
  Caused By: java.lang.NullPointerException
       at oracle.iam.ldapsync.impl.repository.LDAPConnection.createConnection(LDAPConnection.java:87)
       at com.oracle.oim.gcp.ucp.PooledResourceConnectionProvider.createConnection(PooledResourceConnectionProvider.java:84)
       at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.createOnePooledConnectionInternal(UniversalConnectionPoolImpl.java:1570)
       at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.access$600(UniversalConnectionPoolImpl.java:1378)
       at oracle.ucp.common.UniversalConnectionPoolImpl.createOnePooledConnection(UniversalConnectionPoolImpl.java:445)
       at oracle.ucp.common.UniversalConnectionPoolImpl.addNewConnections(UniversalConnectionPoolImpl.java:945)
       at oracle.ucp.common.UniversalConnectionPoolBase.getInitialConnections(UniversalConnectionPoolBase.java:613)
       at oracle.ucp.common.UniversalConnectionPoolBase.start(UniversalConnectionPoolBase.java:728)
  >>
  <Jun 6, 2011 1:48:44 PM EDT> <Notice> <Stdout> <BEA-000000> <<Jun 6, 2011 1:48:44 PM EDT> <Error> <XELLERATE.SERVER> <BEA-000000> <Class/Method: ConnectionService/getConnection encounter some problems:  Failed to intialize and start UCP Connection pool
  com.oracle.oim.gcp.exceptions.ConnectionPoolInitException:  Failed to intialize and start UCP Connection pool
       at com.oracle.oim.gcp.ucp.UCPPool.initializePool(UCPPool.java:100)
       at com.oracle.oim.gcp.pool.PoolFactory.getPool(PoolFactory.java:91)
       at com.oracle.oim.gcp.pool.ConnectionService.getConnection(ConnectionService.java:46)
       at com.oracle.oim.gcp.pool.ConnectionService.getConnection(ConnectionService.java:176)
       at oracle.iam.ldapsync.impl.repository.ITResourceRepository.getConnection(ITResourceRepository.java:34)
  Caused By: oracle.ucp.UniversalConnectionPoolException:  Failed to create Resource Connection to target
       at com.oracle.oim.gcp.ucp.PooledResourceConnectionProvider.createConnection(PooledResourceConnectionProvider.java:90)
       at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.createOnePooledConnectionInternal(UniversalConnectionPoolImpl.java:1570)
       at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.access$600(UniversalConnectionPoolImpl.java:1378)
       at oracle.ucp.common.UniversalConnectionPoolImpl.createOnePooledConnection(UniversalConnectionPoolImpl.java:445)
       at oracle.ucp.common.UniversalConnectionPoolImpl.addNewConnections(UniversalConnectionPoolImpl.java:945)
       at oracle.ucp.common.UniversalConnectionPoolBase.getInitialConnections(UniversalConnectionPoolBase.java:613)
       at oracle.ucp.common.UniversalConnectionPoolBase.start(UniversalConnectionPoolBase.java:728)
       at com.oracle.oim.gcp.ucp.UCPPool.initializePool(UCPPool.java:94)
       at com.oracle.oim.gcp.pool.PoolFactory.getPool(PoolFactory.java:91)
       at com.oracle.oim.gcp.pool.ConnectionService.getConnection(ConnectionService.java:46)
       at com.oracle.oim.gcp.pool.ConnectionService.getConnection(ConnectionService.java:176)
       at oracle.iam.ldapsync.impl.repository.ITResourceRepository.getConnection(ITResourceRepository.java:34)
       at oracle.iam.platform.entitymgr.provider.ldap.LDAPDataProvider.getChangelogType(LDAPDataProvider.java:2261)
  Caused By: com.oracle.oim.gcp.exceptions.ResourceConnectionCreateException: java.lang.NullPointerException
       at oracle.iam.ldapsync.impl.repository.LDAPConnection.createConnection(LDAPConnection.java:118)
       at com.oracle.oim.gcp.ucp.PooledResourceConnectionProvider.createConnection(PooledResourceConnectionProvider.java:84)
       at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.createOnePooledConnectionInternal(UniversalConnectionPoolImpl.java:1570)
  Caused By: java.lang.NullPointerException
       at oracle.iam.ldapsync.impl.repository.LDAPConnection.createConnection(LDAPConnection.java:87)
       at com.oracle.oim.gcp.ucp.PooledResourceConnectionProvider.createConnection(PooledResourceConnectionProvider.java:84)
       at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.createOnePooledConnectionInternal(UniversalConnectionPoolImpl.java:1570)
  >>
  <Jun 6, 2011 1:48:45 PM EDT> <Notice> <Stdout> <BEA-000000> <<Jun 6, 2011 1:48:44 PM EDT> <Error> <oracle.iam.platform.entitymgr.provider.ldap> <IAM-0042017> <An error occurred while finding the change log type - oracle.iam.platform.entitymgr.vo.ConnectivityException: com.oracle.oim.gcp.exceptions.ConnectionServiceException:  Failed to get connection due to initialization error with the pool: Failed to intialize and start UCP Connection pool  >>
  <Jun 6, 2011 1:48:45 PM EDT> <Notice> <Stdout> <BEA-000000> <<Jun 6, 2011 1:48:45 PM EDT> <Warning> <oracle.iam.platform.entitymgr.impl> <IAM-0040017> <Cannot initialize data provider - java.lang.NullPointerException
       at java.util.Hashtable.get(Hashtable.java:334)
       at oracle.iam.ldapsync.impl.repository.ITResourceRepository.returnConnection(ITResourceRepository.java:46)
       at oracle.iam.platform.entitymgr.provider.ldap.LDAPDataProvider.getChangelogType(LDAPDataProvider.java:2291)
       at oracle.iam.platform.entitymgr.provider.ldap.LDAPDataProvider.initialize(LDAPDataProvider.java:378)
       at oracle.iam.ldapsync.impl.provider.LDAPSyncDataprovider.initialize(LDAPSyncDataprovider.java:28)
       at oracle.iam.platform.entitymgr.impl.EntityManagerConfigImpl.getDataProvider(EntityManagerConfigImpl.java:325)
  >>
  <Jun 6, 2011 1:48:45 PM EDT> <Notice> <Stdout> <BEA-000000> <<Jun 6, 2011 1:48:45 PM EDT> <Error> <XELLERATE.SERVER> <BEA-000000> <PooledResourceConnectionProvider/createConnection: Failed to create Resource Connection to target
  com.oracle.oim.gcp.exceptions.ResourceConnectionCreateException: java.lang.NullPointerException
       at oracle.iam.ldapsync.impl.repository.LDAPConnection.createConnection(LDAPConnection.java:118)
       at com.oracle.oim.gcp.ucp.PooledResourceConnectionProvider.createConnection(PooledResourceConnectionProvider.java:84)
  Caused By: java.lang.NullPointerException
       at oracle.iam.ldapsync.impl.repository.LDAPConnection.createConnection(LDAPConnection.java:87)
       at com.oracle.oim.gcp.ucp.PooledResourceConnectionProvider.createConnection(PooledResourceConnectionProvider.java:84)     

• CUCM 8.6.2 LDAP User Delete Pending LDAP Sync Status Inactive

  BE6K ver 8.6.2
  Client has a user who recently got married.  They changed her account information in Active Directtory to reflect her new last name. At that point CUCM shows her as
  Delete Pending
  LDAP Sync Status Inactive
  CUC shows
  LDAP User has been deleted.
  The user still exists in both CUC and CUCM and is actively takign and receiving calls.  User has VM access.
  Shorrt of deleting the user in AD and recreating her, is there a way to force this to re-sync?
  Thanks
  Matt

  Then that's expected to happen, for all purposes to CUCM/CUC eyes, msmith no longer exists and will be deleted, and a new user mjones now will be imported.
  Depending on when the change was done and when CUCM detected this, it might take up to 48 hours maximum to delete the user
  You'll need to associate everything to the new user, and also add that new user into CUC.
  Or switch back her userID to the old one, and just change the surname for directory purposes.
  HTH
  java
  if this helps, please rate
  www.cisco.com/go/pdihelpdesk

• Error while importing : /metadata/iam-features-ldap-sync/LDAPUser.xml

  Hi,
  I am unable to import modified Oracle Identity Manager metadata. I am using OIM 11.1.1.5 on Windows Server 2007 EE.
  I am trying to use the import/export functionality via EM.
  I am able to export the LDAPUser.xml file from */metadata/iam-features-ldap-sync/LDAPUser.xml,* have made changes to it but when I am importing it back I am getting the error :
  Error occurred while executing operation.
  MDS-00001: exception in Metadata Services layer
  MDS-01059: document with the name /metadata/iam-features-ldap-sync/LDAPUser.xml missing in the source metadata store
  The values of the parameters in the import MDS operations are :
  fromLocation : E:/MDS/import/ +(On the physical server hosting the OIM)+
  docs : */metadata/iam-features-ldap-sync/LDAPUser.xml*
  restrictCustTo:               
  excludeAllCust: false
  excludeBaseDocsan : false     
  excludeExtendedMetadata : false
  cancelOnException : true
  I have tried using the command line script as well, It runs without a hitch but when I try and import back, it gives me the same old unedited document.
  Has anyone been successful with this approach ?
  Regards,

  Yes, I have. But still the same issue. It seem to run fine using the weblogicImportmetadata.bat fine but when I export and check the updated file, I still get back the original.
  Here's what I get on runnung the weblogicImportmetadata.bat file
  Initializing WebLogic Scripting Tool (WLST) ...
  Welcome to WebLogic Server Administration Scripting Shell
  Type help() for help on available commands
  Starting import metadata script ....
  Please enter your username :weblogic
  Please enter your password :
  +Please enter your server URL [t3://localhost:7001] :t3://localhost:7001+
  Connecting to t3://localhost:7001 with userid weblogic ...
  Successfully connected to Admin Server 'AdminServer' that belongs to domain 'OIM
  +1'.+
  Warning: An insecure protocol was used to connect to the
  server. To ensure on-the-wire security, the SSL port or
  Admin port should be used instead.
  Location changed to domainRuntime tree. This is a read-only tree with DomainMBea
  n as the root.
  For more help, use help(domainRuntime)
  Disconnected from weblogic server: AdminServer
  End of importing metadata script ...
  Exiting WebLogic Scripting Tool.
  C:\Oracle\Middleware1\Oracle_IDAM\server\bin>
  Edited by: 810367 on Aug 21, 2012 6:45 PM

• Error while exporting metadata file /iam-features-ldap-sync/LDAPUser.xml

  Hi All,
  i am trying to export /iam-features-ldap-sync/LDAPUser.xml metadata file with the weblogic properties mentioned below
  # Weblogic Server Name on which OIM application is running
  wls_servername=oim_server1
  # If you are importing or exporting any out of box event handlers, value is oim.
  # For rest of the out of box metadata, value is OIMMetadata.
  # If you are importing or exporting any custom data, always use application name as OIMMetadata.
  application_name=OIMMetadata
  # Directory location from which XML file should be imported.
  # Lets say I want to import User.xml and it is in the location /scratc/asmaram/temp/oim/file/User.xml,
  # I should give from location value as /scratc/asmaram/temp/oim. Make sure no other files exist
  # in this folder or in its sub folders. Import utility tries to recursively import all the files under the
  # from location folder. This property is only used by weblogicImportMetadata.sh
  metadata_from_loc=@metadata_from_loc
  # Directory location to which XML file should be exported to
  metadata_to_loc=D:/MDS
  # For example /file/User.xml to export user entity definition. You can specify multiple xml files as comma separated values.
  # This property is only used by weblogicExportMetadata.sh and weblogicDeleteMetadata.sh scripts
  metadata_files=/metadata/iam-features-ldap-sync/LDAPUser.xml
  # Application version
  application_version=11.1.1.3.0
  i get the following error
  Initializing WebLogic Scripting Tool (WLST) ...
  Welcome to WebLogic Server Administration Scripting Shell
  Type help() for help on available commands
  Starting export metadata script ....
  Please enter your username [weblogic] :weblogic
  Please enter your password [welcome1] :
  Please enter your server URL [t3://localhost:7001] :t3://hostname:7001
  Connecting to t3://hostname:7001 with userid weblogic ...
  Successfully connected to Admin Server 'AdminServer' that belongs to domain 'OIMDOMAIN'.
  Warning: An insecure protocol was used to connect to the
  server. To ensure on-the-wire security, the SSL port or
  Admin port should be used instead.
  Location changed to domainRuntime tree. This is a read-only tree with DomainMBea
  n as the root.
  For more help, use help(domainRuntime)
  Problem invoking WLST - Traceback (innermost last):
  File "C:\Oracle\Middleware\Oracle_IDM1\server\bin\weblogicExportMetadata.py";,
  line 22, in ?
  File "C:\Oracle\MIDDLE~1\ORACLE~1\common\wlst\mdsWLSTCommands.py";, line 134, i
  n exportMetadata
  File "C:\Oracle\MIDDLE~1\ORACLE~1\common\wlst\mdsWLSTCommands.py";, line 568, i
  n executeAppRuntimeMBeanOperation
  File "C:\Oracle\MIDDLE~1\ORACLE~1\common\wlst\mdsWLSTCommands.py";, line 538, i
  n getMDSAppRuntimeMBean
  UserWarning: MDS-91002: MDS Application runtime MBean for "OIMMetadata" is not available. "exportMetadata" operation failure.
  i have exported these files multiple times, it never gave an errror, but this time i see this error, please help.
  Thanks in advance

  Glad that worked.
  Working with MDS, another way is to use the EM console for exporting/importing data from/to MDS. This I find lot easier rather than working with the OOTB script.
  Steps are:
  http://ADMINSTRATION_SERVER/em
  Navigate to Identity and Access, oim. Right-click and navigate to System MBean Browser.
  Under Application Defined MBeans, navigate to oracle.mds.lcm, Server:oim_server1, Application:oim, MDSAppRuntime.
  To export the configuration files:
  •     Click the Operations tab, and then click exportMetaData.
  •     In the toLocation field, enter /tmp or the name of another directory.
  •     Select createSubDir as false.
  •     In the docs field, enter the complete file location as the Element.
  •     Also select false for excludeAllCust, excludeBaseDocs, and excludeExtendedMetadata. Then, click Invoke.
  This exports the file specified in the docs field to the directory specified in the toLocation field.
  To import the configuration files:
  •     Click importMetaData
  •     In the fromLocation field, enter /tmp or the name of the directory in which you have the configuration files.
  •     Select createSubDir as false.
  •     In the docs field, enter the complete file location as the Element. For example, /db/oim-config.xml.
  •     Also select false for excludeAllCust, excludeBaseDocs, and excludeExtendedMetadata. Then, click Invoke.
  This imports the file specified in the docs field to MDS in the toLocation field.
  HTH

• Role creation in OIM 11.1.1.5.0 fails with LDAP Sync Enabled

  I am in the process of configuring LDAP sync for OIM 11.1.1.5.0 with ODSEE.
  At this time, when I add a user in OIM, I can see that the user gets created in LDAP under the LDAP dn that I supplied when configuring OIM (Configuration process screen name = "LDAP Server Continued", field name = "LDAP User Container")
  However when I try to add a role in OIM, the call fails. OIM server logs have the following exception message:
  <Jul 14, 2011 1:21:52 PM EDT> <Warning> <oracle.iam.callbacks.common> <IAM-2030146> <[CALLBACKMSG] Are applicable policies present for this async eventhandler ? : false>
  <Jul 14, 2011 1:21:53 PM EDT> <Error> <oracle.iam.platform.entitymgr.provider.ldap> <IAM-0042002> <An error occurred while creating the entity in LDAP, and the corresponding error is - {0}
  javax.naming.NameNotFoundException: Error: NO_SUCH_OBJECT
  null [Root exception is oracle.ods.virtualization.service.VirtualizationException]
  at oracle.ods.virtualization.jndi.OVDUtil.mapErrorCode(OVDUtil.java:151)
  at oracle.ods.virtualization.jndi.OVDContext.createSubcontext(OVDContext.java:512)
  at javax.naming.directory.InitialDirContext.createSubcontext(InitialDirContext.java:183)
  at oracle.iam.platform.entitymgr.provider.ldap.LDAPUtil.createSubcontext(LDAPUtil.java:1045)
  at oracle.iam.platform.entitymgr.provider.ldap.LDAPDataProvider.create(LDAPDataProvider.java:487)
  at oracle.iam.platform.entitymgr.impl.EntityManagerImpl.createEntity(EntityManagerImpl.java:291)
  at oracle.iam.platform.entitymgr.impl.EntityManagerImpl.createEntity(EntityManagerImpl.java:239)
  at oracle.iam.ldapsync.impl.eventhandlers.role.RoleCreateLDAPHandler.create(RoleCreateLDAPHandler.java:128)
  at oracle.iam.ldapsync.impl.eventhandlers.role.RoleCreateLDAPHandler.execute(RoleCreateLDAPHandler.java:46)
  at oracle.iam.platform.kernel.impl.OrchProcessData.runPreProcessEvents(OrchProcessData.java:898)
  at oracle.iam.platform.kernel.impl.OrchProcessData.runEvents(OrchProcessData.java:634)
  at oracle.iam.platform.kernel.impl.OrchProcessData.executeEvents(OrchProcessData.java:227)
  at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:664)
  at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.process(OrchestrationEngineImpl.java:435)
  at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.orchestrate(OrchestrationEngineImpl.java:381)
  at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.orchestrate(OrchestrationEngineImpl.java:334)
  at oracle.iam.identity.rolemgmt.impl.RoleManagerImpl.create(RoleManagerImpl.java:188)
  at oracle.iam.identity.rolemgmt.api.RoleManagerEJB.createx(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
  Any idea whats going on?
  When configuring OIM, I provided a value for the "LDAP Role Container" as "ou=Groups,dc=mycompany,dc=com". The docs shown an example of "cn=groups, dc=mycountry, dc=com" (see http://download.oracle.com/docs/cd/E21764_01/install.1111/e12002/oidonly.htm#CDDDIAIC, step 18). Could this difference in container type be causing this problem?
  Any idea where OIM stores this container information if I wanted to test ldap sync with the different roles container?
  Thanks
  Aspi Engineer
  Putnam Investments

  Aspi,
  OIM keeps its ldap config under "$IDM_HOME/server/ldap_config_util" as "ldapconfig.props"
  Thanks,
  Sandeep Gupta

• Problem OIM OID Ldap Sync Configuration in 11g.

  Hi Team,
  I am doing OIM and OID LDAP Sync configuration There It is failed in "Configuration Process" Step.
  and also in weblogic OIM Maganaged server in ADMIN mode not in running mode.
  please find the both logs.
  *********************************Weblogic Logs**********************************************
  Enter username to boot WebLogic server:weblogic
  Enter password to boot WebLogic server:
  <28-Sep-2012 14:07:44 o'clock BST> <Info> <Management> <BEA-141107> <Version: We
  bLogic Server 10.3.5.0 Fri Apr 1 20:20:06 PDT 2011 1398638 >
  <28-Sep-2012 14:07:47 o'clock BST> <Notice> <WebLogicServer> <BEA-000365> <Serve
  r state changed to STARTING>
  <28-Sep-2012 14:07:47 o'clock BST> <Info> <WorkManager> <BEA-002900> <Initializi
  ng self-tuning thread pool>
  <28-Sep-2012 14:07:48 o'clock BST> <Notice> <Log Management> <BEA-170019> <The s
  erver log file E:\Oracle\Middleware\user_projects\domains\IAM_domain\servers\oim
  server1\logs\oimserver1.log is opened. All server side log events will be writ
  ten to this file.>
  28-Sep-2012 14:07:56 oracle.security.am.common.nap.util.NAPLogger log
  SEVERE: Failed to communicate with any of configured Access Server, ensure that
  it is up and running.
  <28-Sep-2012 14:07:57 o'clock BST> <Notice> <Security> <BEA-090082> <Security in
  itializing using security realm myrealm.>
  <28-Sep-2012 14:08:04 o'clock BST> <Notice> <WebLogicServer> <BEA-000365> <Serve
  r state changed to STANDBY>
  <28-Sep-2012 14:08:04 o'clock BST> <Notice> <WebLogicServer> <BEA-000365> <Serve
  r state changed to STARTING>
  <28-Sep-2012 14:08:20 o'clock BST> <Warning> <oracle.jps.upgrade> <JPS-06003> <C
  annot migrate credential folder/key ADF/anonymous#oimBpelCredKey.Reason oracle.s
  ecurity.jps.service.credstore.CredentialAlreadyExistsException: JPS-01007: The c
  redential with map ADF and key anonymous#oimBpelCredKey already exists..>
  <28-Sep-2012 14:08:21 o'clock BST> <Warning> <oracle.adf.share.ADFContext> <BEA-
  000000> <Automatically initializing a DefaultContext for getCurrent.
  Caller should ensure that a DefaultContext is proper for this use.
  Memory leaks and/or unexpected behaviour may occur if the automatic initializati
  on is performed improperly.
  This message may be avoided by performing initADFContext before using getCurrent
  To see the stack trace for thread that is initializing this, set the logging lev
  el of oracle.adf.share.ADFContext to FINEST>
  <28-Sep-2012 14:08:24 o'clock BST> <Error> <Deployer> <BEA-149205> <Failed to in
  itialize the application 'oim [Version=11.1.1.3.0]' due to error oracle.iam.plat
  form.utils.OIMAppInitializationException:
  OIM application intialization failed because of the following reasons:
  oim-config.xml was not found in MDS Repository.
  Unable to find keystore ".xldatabasekey" in <DOMAIN_HOME>/config/fmwconfig/.
  Password for OIMSchemaPassword is not seeded in CSF.
  Password for xell is not seeded in CSF.
  Password for DataBaseKey is not seeded in CSF.
  Password for JMSKey is not seeded in CSF.
  Password for .xldatabasekey is not seeded in CSF.
  Password for default-keystore.jks is not seeded in CSF.
  Password for SOAAdminPassword is not seeded in CSF.
  oracle.iam.platform.utils.OIMAppInitializationException:
  OIM application intialization failed because of the following reasons:
  oim-config.xml was not found in MDS Repository.
  Unable to find keystore ".xldatabasekey" in <DOMAIN_HOME>/config/fmwconfig/.
  Password for OIMSchemaPassword is not seeded in CSF.
  Password for xell is not seeded in CSF.
  Password for DataBaseKey is not seeded in CSF.
  Password for JMSKey is not seeded in CSF.
  Password for .xldatabasekey is not seeded in CSF.
  Password for default-keystore.jks is not seeded in CSF.
  Password for SOAAdminPassword is not seeded in CSF.
  at oracle.iam.platform.utils.OIMAppInitializationListener.preStart(OIMAp
  pInitializationListener.java:145)
  at weblogic.application.internal.flow.BaseLifecycleFlow$PreStartAction.r
  un(BaseLifecycleFlow.java:282)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
  dSubject.java:321)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
  120)
  at weblogic.application.internal.flow.BaseLifecycleFlow$LifecycleListene
  rAction.invoke(BaseLifecycleFlow.java:199)
  Truncated. see log file for complete stacktrace
  Caused By: oracle.iam.platform.utils.OIMAppInitializationException:
  OIM application intialization failed because of the following reasons:
  oim-config.xml was not found in MDS Repository.
  Unable to find keystore ".xldatabasekey" in <DOMAIN_HOME>/config/fmwconfig/.
  Password for OIMSchemaPassword is not seeded in CSF.
  Password for xell is not seeded in CSF.
  Password for DataBaseKey is not seeded in CSF.
  Password for JMSKey is not seeded in CSF.
  Password for .xldatabasekey is not seeded in CSF.
  Password for default-keystore.jks is not seeded in CSF.
  Password for SOAAdminPassword is not seeded in CSF.
  at oracle.iam.platform.utils.OIMAppInitializationListener.preStart(OIMAp
  pInitializationListener.java:145)
  at weblogic.application.internal.flow.BaseLifecycleFlow$PreStartAction.r
  un(BaseLifecycleFlow.java:282)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
  dSubject.java:321)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
  120)
  at weblogic.application.internal.flow.BaseLifecycleFlow$LifecycleListene
  rAction.invoke(BaseLifecycleFlow.java:199)
  Truncated. see log file for complete stacktrace
  >
  <28-Sep-2012 14:08:24 o'clock BST> <Warning> <Munger> <BEA-2156203> <A version a
  ttribute was not found in element application in the deployment descriptor in E:
  \Oracle\Middleware\Oracle_IDM1\server\apps\spml-xsd.ear/META-INF/application.xml
  . A version attribute is required, but this version of the Weblogic Server will
  assume that the JEE5 is used. Future versions of the Weblogic Server will reject
  descriptors that do not specify the JEE version.>
  <28-Sep-2012 14:08:24 o'clock BST> <Warning> <Munger> <BEA-2156203> <A version a
  ttribute was not found in element application in the deployment descriptor in E:
  \Oracle\Middleware\user_projects\domains\IAM_domain\servers\oim_server1\tmp\_WL_
  user\spml-xsd\s8d2b9/META-INF/application.xml. A version attribute is required,
  but this version of the Weblogic Server will assume that the JEE5 is used. Futur
  e versions of the Weblogic Server will reject descriptors that do not specify th
  e JEE version.>
  <28-Sep-2012 14:08:24 o'clock BST> <Emergency> <Deployer> <BEA-149259> <Server '
  oim_server1' in cluster 'OIM_Cluster' is being brought up in administration stat
  e due to failed deployments.>
  Loading xalan.jar for XPathAPI.
  14:08:30 INFO [[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default
  (self-tuning)'] -
  ----------------- NEXAWEB SERVER LICENSE ------------------
  - Customer ID : 122
  - License type : Enterprise
  - Max unique IPs : unlimited
  - Max XUL sessions : unlimited
  - Max CPUs/server : unlimited
  - Clustering allowed : true
  - Expiration date : none
  Nexaweb Technologies Inc.(C)2000-2004. All Rights Reserved.
  Nexaweb Technologies Inc.
  10 Canal Park
  Cambridge, MA 02141
  Tel: 617.577.8100. Email: [email protected]
  14:08:31 INFO [[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default
  (self-tuning)'] - Clustering is OFF.
  14:08:31 INFO [[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default
  (self-tuning)'] - Servlet Engine: WebLogic Server 10.3.5.0 Fri Apr 1 20:20:06 PD
  T 2011 1398638 Oracle WebLogic Server Module Dependencies 10.3 Thu Mar 3 14:37:5
  2 PST 2011 Oracle WebLogic Server on JRockit Virtual Edition Module Dependencies
  10.3 Thu Feb 3 16:30:47 EST 2011
  14:08:31 INFO [[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default
  (self-tuning)'] - Servlet API Version: 2.5
  14:08:31 INFO [[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default
  (self-tuning)'] - Nexaweb Server Info = Nexaweb Server 3.3.1072
  14:08:31 INFO [[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default
  (self-tuning)'] - Nexaweb Server initialized successfully.
  <28-Sep-2012 14:08:34 o'clock BST> <Notice> <Log Management> <BEA-170027> <The S
  erver has established connection with the Domain level Diagnostic Service succes
  sfully.>
  <28-Sep-2012 14:08:34 o'clock BST> <Notice> <Cluster> <BEA-000197> <Listening fo
  r announcements from cluster using unicast cluster messaging>
  <28-Sep-2012 14:08:34 o'clock BST> <Notice> <Cluster> <BEA-000133> <Waiting to s
  ynchronize with other running members of OIM_Cluster.>
  <28-Sep-2012 14:09:04 o'clock BST> <Notice> <Server> <BEA-002613> <Channel "Defa
  ult[2]" is now listening on 127.0.0.1:14000 for protocols iiop, t3, CLUSTER-BROA
  DCAST, ldap, snmp, http.>
  <28-Sep-2012 14:09:04 o'clock BST> <Notice> <Server> <BEA-002613> <Channel "Defa
  ult[3]" is now listening on 0:0:0:0:0:0:0:1:14000 for protocols iiop, t3, CLUSTE
  R-BROADCAST, ldap, snmp, http.>
  <28-Sep-2012 14:09:04 o'clock BST> <Notice> <Server> <BEA-002613> <Channel "Defa
  ult[1]" is now listening on fe80:0:0:0:0:5efe:a2f:f22a:14000 for protocols iiop,
  t3, CLUSTER-BROADCAST, ldap, snmp, http.>
  <28-Sep-2012 14:09:04 o'clock BST> <Warning> <Server> <BEA-002611> <Hostname "UK
  SHWTOAP03A.skandia.co.uk", maps to multiple IP addresses: 10.47.242.42, 0:0:0:0:
  0:0:0:1>
  <28-Sep-2012 14:09:04 o'clock BST> <Notice> <Server> <BEA-002613> <Channel "Defa
  ult" is now listening on 10.47.242.42:14000 for protocols iiop, t3, CLUSTER-BROA
  DCAST, ldap, snmp, http.>
  <28-Sep-2012 14:09:04 o'clock BST> <Notice> <WebLogicServer> <BEA-000330> <Start
  ed WebLogic Managed Server "oim_server1" for domain "IAM_domain" running in Prod
  uction Mode>
  <28-Sep-2012 14:09:04 o'clock BST> <Notice> <WebLogicServer> <BEA-000365> <Serve
  r state changed to ADMIN>
  <28-Sep-2012 14:09:04 o'clock BST> <Notice> <WebLogicServer> <BEA-000360> <Serve
  r started in ADMIN mode>
  **********************************OIM OID Ldap Sync Configuration Logs****************************
  [2012-09-28T14:49:11.171+01:00] [as] [NOTIFICATION] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [[
  [OIM_CONFIG] Updating Ldap Sync Configuration
  [2012-09-28T14:49:11.171+01:00] [as] [TRACE:16] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: LdapSync] [SRC_METHOD: configurationLdap] ENTRY
  [2012-09-28T14:49:11.171+01:00] [as] [TRACE] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: oracle.as.install.oim.config.util.LdapSync] [SRC_METHOD: configurationLdap] Create the Database connection
  [2012-09-28T14:49:11.171+01:00] [as] [TRACE:16] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: LdapSync] [SRC_METHOD: createDBConnection] ENTRY
  [2012-09-28T14:49:11.296+01:00] [as] [TRACE] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: oracle.as.install.oim.config.util.LdapSync] [SRC_METHOD: configurationLdap] isLIBOVD:true
  [2012-09-28T14:49:11.312+01:00] [as] [TRACE:16] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: LdapSync] [SRC_METHOD: closeDBConnection] ENTRY
  [2012-09-28T14:49:11.312+01:00] [as] [TRACE:16] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: LdapSync] [SRC_METHOD: closeDBConnection] RETURN
  [2012-09-28T14:49:11.312+01:00] [as] [TRACE:16] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: LdapSync] [SRC_METHOD: configurationLdap] RETURN
  [2012-09-28T14:49:11.312+01:00] [as] [NOTIFICATION] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [[
  Updated LDAP Server Details in mds schema
  [2012-09-28T14:49:11.312+01:00] [as] [TRACE:16] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: LdapSync] [SRC_METHOD: configurationLdap] RETURN
  [2012-09-28T14:49:11.812+01:00] [as] [NOTIFICATION] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [OIM_CONFIG] Updated LDAPContainerRules.xml.
  [2012-09-28T14:49:11.812+01:00] [as] [TRACE:16] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: mdsMetadata] [SRC_METHOD: loadEventhandler] RETURN
  [2012-09-28T14:49:14.687+01:00] [as] [NOTIFICATION] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [[
  [OIM_CONFIG] Created jobs using seedSchedulerData. Log location C:\Program Files\Oracle\Inventory\logs
  [2012-09-28T14:49:14.687+01:00] [as] [ERROR] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] File not found[[
  java.io.FileNotFoundException: File not found
       at java.util.zip.ZipFile.open(Native Method)
       at java.util.zip.ZipFile.<init>(ZipFile.java:117)
       at java.util.jar.JarFile.<init>(JarFile.java:135)
       at java.util.jar.JarFile.<init>(JarFile.java:72)
       at oracle.as.install.oim.config.util.RoleSODJarUtil.updateFile(RoleSODJarUtil.java:32)
       at oracle.as.install.oim.config.OIMConfigManager.configureOIM(OIMConfigManager.java:783)
       at oracle.as.install.oim.config.OIMConfigManager.doExecute(OIMConfigManager.java:538)
       at oracle.as.install.engine.modules.configuration.client.ConfigAction.execute(ConfigAction.java:335)
       at oracle.as.install.engine.modules.configuration.action.TaskPerformer.run(TaskPerformer.java:87)
       at oracle.as.install.engine.modules.configuration.action.TaskPerformer.startConfigAction(TaskPerformer.java:104)
       at oracle.as.install.engine.modules.configuration.action.ActionRequest.perform(ActionRequest.java:15)
       at oracle.as.install.engine.modules.configuration.action.RequestQueue.perform(RequestQueue.java:63)
       at oracle.as.install.engine.modules.configuration.standard.StandardConfigActionManager.start(StandardConfigActionManager.java:158)
       at oracle.as.install.engine.modules.configuration.boot.ConfigurationExtension.kickstart(ConfigurationExtension.java:81)
       at oracle.as.install.engine.modules.configuration.ConfigurationModule.run(ConfigurationModule.java:83)
       at java.lang.Thread.run(Thread.java:662)
  [2012-09-28T14:49:14.687+01:00] [as] [NOTIFICATION] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [[
  [OIM_CONFIG] Failed configuration step Configure OIM Server
  [2012-09-28T14:49:14.702+01:00] [as] [ERROR] [] [oracle.as.install.engine.modules.configuration.standard.StandardConfigActionManager] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] One or More configurations failed. Exiting
  [2012-09-28T14:49:14.702+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine.modules.statistics] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] Install Adapter: Mark End for:CONFIG
  [2012-09-28T14:49:14.702+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine.modules.statistics] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] Install Adapter: Mark End for:INTERVIEW
  [2012-09-28T14:49:14.702+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine.modules.statistics] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] Install Adapter: Mark End for:INSTALL
  [2012-09-28T14:49:14.702+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine.modules.statistics] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] Install Adapter: Mark End for:COPY
  [2012-09-28T14:49:14.702+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine.modules.statistics] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] Install Adapter: Mark End for:LINK
  [2012-09-28T14:49:14.765+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] Setting valueOf(IS CONFIGURATION SUCCESSFUL) to:false. Value obtained from:USER
  [2012-09-28T15:11:21.461+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine] [tid: 11] [ecid: 0000JcD2jfD9pYjpp0_AiY1GPQHh000002,0] Setting valueOf(IS CONFIGURATION SUCCESSFUL) to:false. Value obtained from:USER
  [2012-09-28T15:11:27.914+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine] [tid: 11] [ecid: 0000JcD2jfD9pYjpp0_AiY1GPQHh000002,0] Setting valueOf(IS CONFIGURATION SUCCESSFUL) to:false. Value obtained from:USER
  Regards,
  Ravi.

  Your log files too give some hint... Please verify whether following files like .xldatabasekey are present in your environment:-
  OIM application intialization failed because of the following reasons:
  oim-config.xml was not found in MDS Repository.
  Unable to find keystore ".xldatabasekey" in <DOMAIN_HOME>/config/fmwconfig/.
  Password for OIMSchemaPassword is not seeded in CSF.
  Password for xell is not seeded in CSF.
  Password for DataBaseKey is not seeded in CSF.
  Password for JMSKey is not seeded in CSF.
  Password for .xldatabasekey is not seeded in CSF.
  Password for default-keystore.jks is not seeded in CSF.
  Password for SOAAdminPassword is not seeded in CSF.
  I doubt whether OIM is properly installed in your environment otherwise .xldatabasekey would have been present in <DOMAIN_HOME>/config/fmwconfig..
  Also, as far as Weblogic starting in ADMIN mode is concerned, you may try to do the following...
  ps -eaf| grep AdminServer
  Kill the process
  Then remove the lok file. i.e. Lock files...
  rm -rf /home/oracle/Oracle/Middleware/user_projects/domains/oimdomain/servers/oim_server1/tmp/*oim_server1.lok*
  rm -rf /home/oracle/Oracle/Middleware/user_projects/domains/oimdomain/servers/soa_server1/tmp/*soa_server1.lok*
  rm -rf /home/oracle/Oracle/Middleware/user_projects/domains/oimdomain/servers/AdminServer/tmp/*AdminServer.lok*
  After that
  Take the backup of /home/oracle/Oracle/Middleware/user_projects/domains/<DOMAIN_HOME>/servers/AdminServer/data/ldap/ldapfiles (I mean CUT this folder and save it in Backup folder..
  Share the result with us....

• How setup LDAP Sync After Install in OIM 11g  ver, 11.1.1.5.0

  Hi guys, I'm trying to find how to setup LDAP Sync After Install in OIM 11g (ver, 11.1.1.5)....
  I found on Metalink an interesting article "*How to Setup LDAP Sync After Install in OIM 11g [ID 1272682.1]*", but inside there is a Note that says:
  Note: This article is applicable to OIM version 11.1.1.3 only. Steps for 11.1.1.5 are not the same, and product manual has documented steps to setup LDAP sync after install.
  So, that the steps for 11.1.1.5 are not the same, it's clear.....
  and I tried to look for these steps in the manual:
  Oracle® Fusion Middleware Quick Installation Guide for Oracle Identity Management
  11g Release 1 (11.1.1)
  Part Number E10033-06
  but I didn't still find nothing for the specific 11.1.1.5.0 version....only for the 11.1.1.3.0 version
  Can anyone help me to find where these steps are ? I need this information as soon as possible ti start the development
  Thanks in advance for the help
  Alex

  If you are creating Before and After Create Opeation script, you would be able to access all the variables in the process form. Now obvious question, what are the names of these variables? The answer is: the name of the variable is same as that mentioned in the "decode" column of the provisioning attribute map lookup or in other words, the variable name is same as the AD attribute name. In the example mentioned in the documentation, the variable "%givenName% was used in the script. On the similar lines you can use other variables like "sn", "samAccountName", etc.
  Hope the information helps.

• Ldap Sync: User is not able to create in Active Directory through OIM

  Hi ,
  I have enabled the ldap sync between OIM and Active Directory.
  Option 1: with password
  While creating the new user in OIM , I am getting the below error .
  80eeb34d89d5ed80:18bc05bb:1403be9d7e6:-8000-000000000008f710,0] [APP: oim#11.1.2.0.0] Could not modify entry.[[
  javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A120C, problem 5003 (WILL_NOT_PERFORM), data 0
  remaining name 'cn=ADTESTLDAp10F ADTESTLDAp10LL,cn=Users,dc=cgtest,dc=adtest,dc=com'
    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3140)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820)
    at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1458)
    at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:255)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:172)
    at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:153)
    at oracle.ods.virtualization.engine.backend.jndi.ConnectionHandle.modify(ConnectionHandle.java:301)
    at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.modify(BackendJNDI.java:781)
  [2013-08-04T17:06:58.840-07:00] [oim_server1] [ERROR] [OVD-60600] [oracle.ods.virtualization.engine.util.ADUtilities] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 80eeb34d89d5ed80:18bc05bb:1403be9d7e6:-8000-000000000008f710,0] [APP: oim#11.1.2.0.0] Cannot set password : LDAP Error 53 : [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A120C, problem 5003 (WILL_NOT_PERFORM), data 0[[
  Looks like password is not able to set properly. But I am able to create the same user in AD using the same password.
  Option 1: without password
  Another testing, I have also tried to create user without password.  There is no error coming to log file. and I am able to see the below message in log file
  oracle.iam.ldapsync.impl.eventhandlers.user.UserCreateLDAPPreProcessHandler] [APP: oim#11.1.2.0.0] [SRC_METHOD: createUser] User created in LDAP with GUID 9dc8f6f4b8564216a5d75d86f7cad0a2
  But user is not created in AD . this is another issue.
  Thanks,
  Amit

  Thanks for your reply.
  I have seen sample xml and my target looks the same
  <wlserver dir="${weblogic.domain.dir}"
                           port="${weblogic.domain.admin.server.port}"
                           servername="${weblogic.domain.admin.server.name}"
                           username="${weblogic.domain.admin.user}"
                           domainname="${weblogic.domain.name}"
                           password="${weblogic.domain.admin.password}"
                           configFile="config.xml"
                           generateConfig="true"
                           action="start"
                           beahome="${env.BEA_HOME}"/>
  my requirement is to use ant task.. otherwise I am able to create through configuration wizard
  Thanks

• LDAP Sync causes fields in DEV_OIM.SVP to be plain text

  In OAM 11g , there is the OIM console. In there you can create users, organizations, roles, etc... When a user is created in the OIM console in 11g, that user is visible in the OID directory via ODSM.
  If I create a user in OID via ODSM, the reverse in not true. That user is not visible within the OIM console whereas in OAM 10.1.4.3 a user created in OID was visible in the Identity Server.
  I realize there is no "Identity Server" in 11g, but there is OIM which seems to serve a similar purpose (i.e. creation/modificaiton of users, etc).
  We have been told to use LDAP Sync. The problem with LDAP Sync is that when we have executed LDAP Sync steps and have tried to follow the steps outlined in Note: 1272682.1, the fields entered are no longer encrypted -- includes password, url, etc. This then causes an issue with modifying IT resources and the ability to create users in OIM.
  My question is simply if we change or add a user in our OID directory (or AD or other ldap directory), how do we make it visible in OIM? Has anyone had the issue with LDAP Sync not encrypting the values entered? If so, how did you get past this? I believe the steps in Note: 1272682.1 are probably correct but if the values entered during LDAP Sync are not encrypted, then the synchronization will not complete properly and subsequently any users created in OID will not appear in OIM.
  installed components:
  OS: RHEL 5.5 with 64bit Intel
  DBS: 11gR2 (11.2.0.1)
  RCU: 11.1.1.3.3
  IDM: 11.1.1.3
  SOA: 11.1.1.3
  WLS: 10.3.3
  IDAM: 11.1.1.3

  This has been answered in:
  Re: System error occured when trying to edit IT Resource in OIM 11g Console

• Missing /metadata/iam-features-ldap-sync in v11.1.1.6  OIM/OID sync

  Hi All
  Have picked up support of a site with Oracle Identity Management Suite already installed and need to create custom Schema attributes for users.
  Have modified the create user form no problem in OIM, and also created a custom class with the required attributes in OID.
  The bit I am stuck on is associating the custom class / attributes in OIM with the relevant fields in OID.
  Am looking at the
  Oracle® Fusion Middleware
  Integration Guide for Oracle Identity Management Suite
  11g Release 2 (11.1.2)
  E27123-03
  documentation which seems to make sense and have got as far as page 3-5 Step 2 where it says to
  Export the /metadata/iam-features-ldap-sync/LDAPUser.xml metadata file from the repository
  Issue I've got is that while i can identify the /metadata folder on the server, the only folder it contains are db and ldapReconJobs
  Anyone got any idea where things might have gone wrong / how to rectify?
  Am hoping that it may be something obvious to others as am new to this product-set.
  thanks in advance
  Dave

  thanks idamgod
  Your answer makes sense as to why the folder isnt there, but i have a bit of a problem in that there are no xServer components installed on the server so running the GUI orientated confg.sh isn't an easy option.
  (apparently not an option to install)
  is there any other (non gui orientated) way of achieving the same result?

• LDAP sync issues.

  In our environment we have OIM 11.1.1.3 and we have enabled LDAP sync with OID. Any user created on OIM is getting synced to OID. The problem is when we are making any changes to the attributes of the users or deleting a user the changes are reflected only to the entries which are under an OU. But all the users synced from OIM to OID are entering under a CN for eg- cn=Users. If someone can help or give proper pointers or guidance so that we can sync users to respective ou's ?

  I've had the same problem in configuring ODSEE.
  Since ldapadd doesn't exist, we had to use ldapmodify.
  You have two choices:
  a. change all of the *.ldif files and put them into the ldapmodify format
  b. add the *"-a"* to the command line, such as
  ldapmodify -h <host> -p <port> -D cn="Directory Manager" -w <password> -a -f iPlanet7_user_index_add_generic.ldif
  This assumes that you've followed the instructions and figured out what the nsslapd-backend value is -- lets say abc. You then have to edit iPlanet7_user_index_add_generic.ldif and wherever you see *<index-root>,* replace it with *"cn=index,cn=abc,cn=ldbm database,cn=plugins,cn=config"*
  The instructions state you have to extend the ODSEE using the following:
  iPlanet7_user_index_add.ldif OR iPlanet7_user_index_generic.ldif
  iPlanet7_oam_pwd_schema_add.ldif
  iPlanet7_user_index_add.ldif
  iPlanet7_user_schema_add.ldif
  It appeared that changes to the sunOne schema that you should have loaded before you started extending ODSEE for OAM (creating Users, Groups, Reserve), doesn't contain userRoot which is required for iPlanet_user_index_add.ldif

• LDAP sync is not updating any changes/deletion ?

  In our environment we have OIM 11.1.1.3 and we have enabled LDAP sync with OID. Any user created on OIM is getting synced to OID. The problem is when we are making any changes to the attributes of the users or deleting a user the change are not getting reflected back to OID. If someone can help or give proper pointers or guidance so that we can have a fully functional sync ?

  When you delete a user, they only get disabled.  There is a task called "Delayed Delete User" which will delete based on the value in the system configuration value "Period to Delay User Delete".  Try configuring this to 0 and then running the scheduled task to see if it deletes.
  For the attributes not being propagated, check the /db/LDAPUser file to see if the mappings exist for the attributes you are modifying.  In R1, there is the script which i have mentioned in this post, https://forums.oracle.com/message/10354064, for adding and removing mappings.
  -Kevin