Modifying delete user adapter for OIM

hi,
I need to modify the delete user adapter for iPlanet and not deprovision a resource based on the value of a UDF field ( if the value is true, then the account is revoked; and if the value is false, the account is not revoked).
I have been able to add an if condition to the iPlanet Delete User adapter using the adapter factory. And have mapped the value of UDF to a adapter variable.Now, the user is not deleted when the value of UDF is true.
But the "System Validation" and "Create" user show task status as "Cancelled" when i view the users resource profile. I want to know, where and how these two are cancelled when we revoke a account. As , this is not letting me revoke an account later, even after I set the value of UDF as "false".
Kindly guide me through this.
Thanks,
AJ.

Hi,
Please do the Following things:
1. In your Delete User task remove the existing adapter and put new process adapter which either that UDF has value True or False. If the UDF has True value then it return Yes and if UDF has False then return No.
2. Create new task called Revoke User Access this task will have the adatper which was in Delete User task which you have removed.
3. Delete User task will be triggered as you press Revoke button or at Deprovisioning Date.
4. Revoke User Access task will be tirggered on Yes response of your Deleter User task and Revoke the user account form the Resource.
5. Go the Undo/Recovery tab of your Delete User task and remove all the task which are under Undo Task Name tab.
6. Now, if you want to cancel the user Create User task (Ideally it should be there) when user get deleted form resource add these task to Undo/Recovery tab of your Revoke User Access task.
Let me know if you have any query for the same....
Regards
Alabhya Goel

Similar Messages

  • Not able to create, deleted user again in OIM

    Hi,
    As part of our porcess we susped the user on the next day of his/her last working day. And after 20 days we are deleting that user from OIM.
    Now the deleted user again re-hire into the organization. So we need to re-create the user in OIM.
    But we are unable to create the user in OIM 11g. And it is showing error as "user already exist".
    Then we found there is an entry for this user in OIM repository as usr_status as deleted. And also we are not able to see this user in the OIM admin console even there is an entry in repository.
    Please help us how to solve this issue in creating the identity in OIM.
    Thanks in advance
    Siva

    If you want to re-create a deleted user with the same user id then you need to set the re-use id property to true and also drop the unique key contraint from the USR table.
    Ref: Re: Steps for re-using the same user id of a deleted user in OIM 11g ?
    -Bikash

  • Create approval request  for Delete User operati with oim api -11g Release2

    Hi,
    How I can create an approval request for a User Delete operation usin API? Can anyone quide me? Any help is strongly appreciated..
    BR,
    Aliye

    You can use the exact same technique for any of the other requests submissions through APIs that have been posted on this message forum. Just supply the template name for your request template you plan to use.
    Here is a page of sample code for requests. http://java.net/projects/openptk/sources/svn/show/branches/Oracle/OIM11g/examples/java/OIMClient/src/oim/client/request?rev=1402
    -Kevin

  • OIM 11g attaching an adapter to the delete user process

    Hi everyone,
    Is there any way to attach
    1. A process task adapter to the Delete User task for the Xellerate User process. Either through creating a new task and linking this task to the Delete User task or modifying the out of the box event handler.
    2. Or an entity adapter to User on pre delete. (from what I understand you can't do this in 11g)
    What I'm trying to do is obscure a user's information in the database before or after they are deleted. I'm trying to avoid event handlers. Any help would be greatly appreciated.

    You should be able to create a pre-process event handler on the User object for action Delete.
    -Kevin

  • Delete user notification

    Hi,
    We need to modify the delete user workflow for a new requirement. We need that before deleting any users(employees or contractors), the system should check whether user is disabled or not. Id user status== disabled, then delete the user else, if user status not equal to disabled, then error message should be disabled, the "delete user" task should be rejected and a mail to IDM admin should be send.
    I have successfully created the adapter which validate user's status. If the user status is not disabled and any user tries to delete the user then the adapter throws errors. The error messages are displayed in web console through error message definition. Now my requirement is that, when error message is displayed, then a mail notification should be send to system administrator. I dont know this approach. If anybody has worked on such requirements, then please let me know.
    Thanks,
    Kalpana.

    Thsi is the code I have written, but I am getting exception:
    public String validateUserStatus(String emailName, String fName, String lName, String empId, String userStatus, String toEmailID ) {
         String result = null;
         String subject = null;
         String body = null;
         String fullName = fName + " " + lName;
         HashMap usrMap = new HashMap();
         usrMap.put("USR_FIRST_NAME", fName);
         System.out.println(fName);
         usrMap.put("USR_LAST_NAME", lName);
         System.out.println(lName);
         usrMap.put("USR_UDF_NTLOGON", empId);
         System.out.println(empId);
         usrMap.put("USR_STATUS",userStatus);
         System.out.println(userStatus);
         if (userStatus.equalsIgnoreCase("Active"))
              try
              tcResultSet usrList = this.usrIntf.findUsers(usrMap);
              this.emailUtilIntf.constructEmail(emailName);
              System.out.println(emailName);
              subject = this.emailUtilIntf.getSubject();
              System.out.println(subject);
              body = this.emailUtilIntf.getBody();
              System.out.println(body);
    subject = subject.replaceAll("<username>", fullName);
    System.out.println(fullName);
    body = body.replaceAll("<username>", fullName);
    System.out.println(fullName);
              body = body.replaceAll("<employeeid>", empId);
              System.out.println(empId);
    this.emailUtilIntf.setSubject(subject);
    System.out.println(1);
    this.emailUtilIntf.setBody(body);
    System.out.println(2);
    this.emailUtilIntf.sendEmail(toEmailID);
    System.out.println(3);
              result = "USER_NOT_DISABLED";
              catch (Exception e) {
              log.error("Error in getting manager email" + e);
         else
         result = "SUCCESS";
         return result;
         }

  • Customizing Resource Adapter for Oracle Internet Directory

    Hi,
    I want to integrate an application which has Oracle Internet Directory as resource. I need to develop a resource adapter for integrating. As Oracle Internet Directory is LDAP v3, can I use LDAP resource Adapter for interaction, if so what customization is required?
    can any one give suggestion reagrding this?

    Hi Bahaugab,<br>
    I am working Oracle OID. I can able to add/modify/delete users from my resource configuration. But I am getting active sync problem with OID. It throws exception like :<br>
    From the admin console please verify that the change log is enabled under Configuration: Replication: Supplier Settings and that the Retro Changelog Plugin is enabled under Configuration: Plug-ins: Retro Changelog Plugin
    <br><br>
    But change log is enabled.
    <br><br>
    I want to know whether your active sync worked?
    <br><br>
    thanks<br>
    Neopal<br><br>

  • How to call OID delete user process task from AD process definition

    Hi All,
    I wanted to call OID delete user process task from AD process def. I have created a process task in AD Process def which will be integrated with OID Delete User adapter. How can i map OID related attributes to the adapter api?
    Expected inputs for OID delete api :
    root DN
    orgDN
    admin pwd
    server
    attr lookupcode
    XLOrgFlag
    sProcessInsKey
    UserID
    PDataOrg
    port
    AdminID
    SSLFlag
    here i cannot map some like : sProcessInsKey
    any pointers would be appreciated.
    Regards,
    Ashok

    OID delete user process task from AD process defWhy don't use call Revoke Resource API ?
    http://otndnld.oracle.co.jp/document/products/id_mgmt/idm_904/doc_cd/javadocs/operations/Thor/API/Operations/tcUserOperationsIntf.html#revokeObject%28long,%20long%29
    Use getObject API
    Iterate through resultset.
    If RONAME == OID User then call revokeObject

  • How can I o create, modify or delete users using OIM 11g web services?

    Hi,
    I have a requirement to create, modify or delete users using OIM 11g web services.
    The end users will be signing on to the online application, a user interface to request ids online. The user interface is the home grown application to request ids.
    I want to integrate this user interface with OIM 11g. I generated the java classes using the out of the box wsdl file as mentioned in the Developer’s Guide for Oracle Identity Manager 11g. But I need to know how to create users using web server client from a given wsdl file? Is there a sample web service client program to create a user in OIM?
    If you know of any document which I can follow or if you can give any details I really appreciate.
    Thanks and Regards,
    Viraf

    Hi Chong,
    Were you able to figure out the approach? I am facing the same issue like this. I have created a web service where the input values are no. of days to extend user's end date and user's employee ID. Output will be true or false. But I am getting error while searching user in OIM DB. I think my web service is not to query OIM DB
    Please let me know if you have worked on this senario.
    Thanks,
    Kalpana.

  • Steps for re-using the same user id of a deleted user in OIM 11g ?

    Hello experts,
    By Default, in OIM 11.1.1.5.0 it is not allowing to re-use the same user id of a deleted user.
    Consider a user with user id as "ABCD1234". The user is deleted from OIM and it is not getting displayed in the user search. But in DB we could see that user details with "Deleted" status. Say accidently this hard delete has happened .
    How do we create that user again with same user id ?
    What is recommended for such scenario ?
    Thanks,
    DK

    I suggest disable the unique index instead of dropping it using ALTER INDEX <INDEX_NAME> DISABLE command.
    Better way to handle this do below
    1. disable index
    2. update usr_login for deleted user using sql query eg. xx|usr_login and commit it ( update usr set usr_login='xx'|| usr_login where upper(usr_status)='DELETED')
    3. enable your index
    4. now login to OIM and easily you can create user with the previous user login
    In this case your Index is still enbaled so it won't hamper the performancem, because this index is being used in various places for user search.
    NOTE: disable any other constraints if required. But, I don't think so. Just disabling unique index will allow you to update"
    --nayan                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           

  • Error in Prepopulate Adapter For OID in OIM

    I'm just modifying an existing adapter we have to cater for a user type in our system.
    the main snippet of the adapter is as below:
    // Adapter Variables
    String pseudousertype; // Pseudo User type in OIM form
    String staff; // Staff field in OIM Form
    String student; // Student type in OIM Form
    String staffou = "ou=staffxxxxx"; // OU prefix for staff users
    String pseudo; // Pseudo value in OIM Form
    String pseudoou = "ou=pseudoxxx"; // OU Prefix for Pseudo Users
    String studentou = "ou=studentxxx"; // OU prefix for student user
    protected void implementation() throws Exception {
              try {
              if (! initAdapter("105", "adpUSQ_PRE_OID_ORGANIZATIONUNIT", "P"))
                   return;
    // Run Time Variables
    pseudousertype = (String)getRunTimeValue(1210, isSreKey,"pseudousertype");
    staff = (String)getRunTimeValue(887, isSreKey,"staff");
    student = (String)getRunTimeValue(888, isSreKey,"student");
    pseudo = (String)getRunTimeValue(890, isSreKey,"pseudo");
                   // Execute Tasks and store results in Hashtable...
    if ((staff).equals("1"))
    setAdpRetVal(new String(staffou));
    else if ((student).equals("1"))
    setAdpRetVal(new String(studentou));
    else if ((pseudo).equals("1"))
    if ((pseudousertype).equals("Pre-Employee"))
    setAdpRetVal(new String(staffou));
    else
    setAdpRetVal(new String(pseudoou));
              finalizeAdapter();
              } catch (tcAdapterTaskException e) {
                        e.printStackTrace();
                        throw e;
              } catch (Exception e) {
                        e.printStackTrace();
                        throw e;
    The modification to the adapter was adding a new variable pseudousertype, and if pseudousertype equals Pre-Employee, set the user's OU into staffou
    I am getting the following error, after I have rebuild the adapter, restarted the application:
    ERROR 10:47:12,186, RMICallHandler-108 XELLERATE.ADAPTERS - Class/Method: tcAdapterMappingUtility/getRunTimeVariableMappings encounter some problems: No data available for variable having key = 1210
    java.lang.Exception: No data available for variable having key = 1210
    ERROR 10:47:12,197, RMICallHandler-108 XELLERATE.SERVER - Class/Method: tcAdapterExecuter/executeRuleGenerators encounter some problems: java.lang.Exception: Error getting run-time variables.
    java.lang.Exception: java.lang.Exception: Error getting run-time variables.
    I have modified 2 more pre-populate adapter which uses this same information/variable value and its working. Tried re-adding, recompiling all adapters with no success. Just picking any ideas you guys might have.
    Edited by: ruxpin on 30-Aug-2012 21:04

    Ketan: Yes, I am editing it from Adapter Factory. Its a bit weird as the info is definitely available and is used by at least 2 other prepop adapters.

  • Issue while deleting user defined field in oim 11.1.1.3

    All,
    Made a mistake while creating user defined field called "Profile for" (loing to OIM -> advanced -> configuration -> User configuration). We are trying to delete it. It appears to get deleted from user attributes screen. But when we run LDAP User Create and Update Reconciliation Task we get the following error below:
    oracle.iam.ldapsync.exception.ProcessLDAPReconDataException: oracle.iam.ldapsync.exception.ReconEventCreationException: Thor.API.Exceptions.tcAPIException: Profile for - LDAPUser object does not exists for resource object
    Is any thing else need to be deleted adn cleaned up?
    thanks in advance,
    Prasad.

    How do i check what resource object the recon task is running against. here is what i found so far.
    I cannot find LDAPUser resource object when i query Resource Management -> Resource Objects in design console. Same thing with Manage Resource and search (here i only find Xellerate User, Xellerate Organiztion, USERS_GTC, and Installation) in OIM advanced administration menu.
    The LDAP User Create and Update Reconciliation job itself has the following parameters (batch size, last change number, OIM employee type, OIM User organization name, OIM user type)
    I also decompiled LDAPUserChangesReconTask and it is looking for LDAPUser metadata from MDS directly.
    Prasad.

  • Error while trying to delete user in OIM 11gR1

    Hi,
    When I try to delete the user from OIM console by clicking on 'Delete User' button, I get the following error:
    "The Delete operation failed. Bulk Orchestration not yet implmented" on the cosole.
    Kindly help in resolving the issue.
    Regards

    I have been able to resolve the issue now.
    I followed the below steps for the same:
    1. In the Welcome page for Oracle Identity Manager Administration, under System Management, click System Configuration.
    2. In the left pane, search for system properties.
    3. In the search result, select the Period to Delay User Delete property.
    4. Edit the property value to 0.
    5. Save the property.
    After setting the same, I was able to successfully delete the user.
    Regards.
    Edited by: 963540 on Jun 4, 2013 5:11 AM

  • How to delete Users or Organinzations from oim

    Hi,
    I have deleted some users as well as organizations in OIM, and I got the message that they are successfully deleted.
    But when I try to reconile the same user from csv file using GTC connector or create the deleted organization from OIM I am getting the Error that user already exists and Organization cannot be created
    Do we have a way to completely delete the users or organizations
    Please help me

    This may be due to user logins are same for deleted user and newly coming user. Go to system properties and reuse use login property to true and retry reconciliation.
    Else
    You can remove from database but it'll be tedious as you would need to delete all reference as well.
    regards,
    GP

  • OIM: Deleting users (REALLY deleting users)

    Hi,
    I have a complete OIM test environment set up on my customers network.
    Through the course of testing we have created a number of users to play around with in order to test different scenarios.
    At some point our OIM should be used for production and I am wondering have to approach this without having to establish a parallel production environment.
    In others word, I would like my test env. to become my production env.
    The only hurdle is how to delete all my test-users from the database.
    I could disable and/or lock the test users, but they would still show up everywhere and pollute my historical reports etc.
    I know this is not supported, but has anyone tried to delete users from the underlying database. It may be semi-complicated and it definitely requires solid knowledge of the underlying database structure - but hey - it's just a matter of deleting some rows in the correct order.....right?
    Kind regards,
    Tom

    Tom,
    Good question, and one that we are having now aswell. What i have been trying out recently is using the export functions to export all the configuration data, rolling back the database to get rid of test users then importing the config back in again. With a number of carefull DB backups along the way just incase!
    In an ideal world using Devlopment, Pre-Prod and Production machine you would also use the export/import to deploy your changes to prod. I think the best practice guide has some notes on this.
    Of course if you are just talking about getting rid of the recon events rather than actual users then you can use the archival command line tool.
    However, if you do manage to do it by poking the database I'm sure we would love to hear about it!
    cheers
    neil

  • OIM PSFT UM delete user task

    Hello,
    We are using PSFT UM v. 9.0.4 and I can't see any delete user task. The conenctor documentation does not mention it int he supported functions. Does this mean that the connector cannot delete the user or this is a must have for any connector?
    Thanks

    Hi,
    you have to apply undo task (delete task) on an unconditional task.
    Also check Revoke if no longer applied in access policy, so whenever the the group membership rule failed delete task will trigger for revoke.
    There should not be difference via API, your revoke task from OIM does same work .
    Thanks,
    Kuldeep
    Edited by: Kuldeep on May 9, 2012 11:49 PM

Maybe you are looking for

  • DW CC  2014 Window--- Extensions--- Adobe Exchange Option Missing from Menu Toolbar

    I discovered that this option is not listed in the menu though from reading Adobe Dreamweaver * Extensions it should be. Then, I did a search and came up with Adobe Extension Manager CC at Adobe - Exchange : Download the Adobe Extension Manager. So. 

  • Only the header of the print test page prints

    Can not print docs. Test page will only print windows header. Printer will print from Paint in both color and black and white. Printer is a hp f4180. OP is Vista32

  • Email client issue Symbian Belle

    Hello everyone. I just installed Symbian Belle in my nokia N8, and configured the email client with my Gmail account.  I'm getting a strange error when I try to read any message of my inbox.  Every time that I try to read a message, all that I can se

  • LabVIEW on the Mac at Macworld Expo 2008

    National Instruments had a very small booth at Macworld Expo this year. They were there nonetheless and I asked them a few questions about the current state of LabVIEW on the Mac. I also wanted to find out how, and if, a current Windows user like mys

  • Where's the manual?

    I have given it a go -- 20 minutes searching the Adobe site and googling. Where can I download a PDF manual for Soundbooth?