OID Provisioning

Similar Messages

• Collection assign issue in OID provisioning environment

  Hy Tom,
  I am interested in LDAP with OID PROVISIONING in portal 10g application.
  we create a register procedure.
  however. i got an error message as ORA-06502: PL/SQL: numeric or value error: NULL index table key value.
  After debuging, we found that issue result assign null value .
  when we assign as
  user_vals(counter2) := entry.attr(counter1).attrval(counter2);
  It seems that that we can not assign entry.attr(counter1).attrval(counter2) to other var two time in procedure.
  It is server configuration issue or code issue.
  Thanks
  Newweber
  *********************** Code
  PROCEDURE pre_add (     ldapplugincontext IN ODS.plugincontext,
                 dn IN VARCHAR2,
                 entry IN ODS.entryobj,
                 rc OUT INTEGER,
                 errormsg OUT VARCHAR2
  IS
  ret                INTEGER;
  l_portal_user      wwsec_person.USER_NAME%type;
  l_first_name      wwsec_person.FIRST_NAME%type;
  l_last_name      wwsec_person.LAST_NAME%type;
  l_email      wwsec_person.EMAIL%type;
  l_work_phone      wwsec_person.WORK_PHONE%type;
  l_mobile      wwsec_person.MOBILE_PHONE%type;
  counter1           pls_integer;
  counter2           pls_integer;
  retval                pls_integer := -1;
  s                integer;
  user_session           DBMS_LDAP.session;
  user_dn           varchar(256);
  user_array           DBMS_LDAP.mod_array;
  user_vals           DBMS_LDAP.string_collection;
  user_binvals           DBMS_LDAP.blob_collection;
  indx                number := 1;
  BEGIN
  l_portal_user      :=null;
  l_first_name      :=null;
  l_last_name      :=null;
  l_email      :=null;
  l_work_phone      :=null;
  l_mobile      :=null;
  l_description      :=null;
  rc := 0;
  errormsg :=null;
  -- Create a mod_array
  user_array := dbms_ldap.create_mod_array(entry.binattr.count + entry.attr.count);
  -- Create a user_dn
  user_dn := substr(dn,1,instr(dn,',',1,1))||'cn=users,dc=e-hms,dc=net';
  FOR l_counter1 IN 1..entry.attr.COUNT LOOP
       FOR l_counter2 IN 1..entry.attr(l_counter1).attrval.COUNT LOOP
       ckerror('second loop get value--'|| entry.attr(l_counter1).attrname || '[' || l_counter1 || ']' ||'.val[' || l_counter2 || '] = ' ||entry.attr(l_counter1).attrval(l_counter2));                                   
  if entry.attr(l_counter1).attrval(l_counter2)     is null then
  ckerror('handle null attribule ');
  else                    
  -- get value
            ckerror('get value2'||entry.attr(l_counter1).attrname);
  IF entry.attr(l_counter1).attrname ='givenname' then           
                 l_first_name :=entry.attr(l_counter1).attrval(l_counter2);
                 ckerror('givename/firstname--'||l_first_name);
       elsif entry.attr(l_counter1).attrname ='sn' then           
                 l_last_name :=entry.attr(l_counter1).attrval(l_counter2);
                 ckerror('sn/lastname--'||l_last_name);
            elsif entry.attr(l_counter1).attrname ='mail' then
                 l_email := entry.attr(l_counter1).attrval(l_counter2);
                 ckerror(' email--'||l_email);
            elsif entry.attr(l_counter1).attrname ='mobile' then           
                 l_mobile :=entry.attr(l_counter1).attrval(l_counter2);
                 ckerror('mobile--'||l_mobile);
            elsif entry.attr(l_counter1).attrname ='telephonenumber' then           
                 l_work_phone :=entry.attr(l_counter1).attrval(l_counter2);
                 ckerror('work telphone--'||l_work_phone);
            elsif entry.attr(l_counter1).attrname ='cn' then           
                 l_portal_user :=entry.attr(l_counter1).attrval(l_counter2);
                 ckerror('cn/username--'||l_portal_user);
            elsif entry.attr(l_counter1).attrname ='description' then           
                 l_description :=entry.attr(l_counter1).attrval(l_counter2);
                 ckerror('description--'||l_description );
            else
            ckerror('handle other entry name--'||     entry.attr(l_counter1).attrname);
            ckerror('handle other entry--'||entry.attr(l_counter1).attrval(l_counter2) );
            end if;
  end if;
  ckerror('end compare at second loop');
  ckerror('NULL ASSIGN ISSUE FOR 72 --'||entry.attr(counter1).attrval(counter2));
  user_vals(counter2) := entry.attr(counter1).attrval(counter2);
  END LOOP;
  ckerror('end first loop');
  --- put ldap
  dbms_ldap.populate_mod_array(user_array,DBMS_LDAP.MOD_ADD, entry.attr(counter1).attrname,user_vals);
  user_vals.delete;
  END LOOP;
  processs other (l_firstname...) vars in SQL sataement
  EXCEPTION
  WHEN OTHERS THEN
  ckerror( 'Exception in PRE_ADD plugin. Error code is ' || TO_CHAR(SQLCODE));
  ckerror( ' ' || Sqlerrm);
  rc := 909;
  errormsg := 'Error code:'|| rc||' exception: pre_add data';
  END;

  Hy Tom,
  I am interested in LDAP with OID PROVISIONING in portal 10g application.
  we create a register procedure.
  however. i got an error message as ORA-06502: PL/SQL: numeric or value error: NULL index table key value.
  After debuging, we found that issue result assign null value .
  when we assign as
  user_vals(counter2) := entry.attr(counter1).attrval(counter2);
  It seems that that we can not assign entry.attr(counter1).attrval(counter2) to other var two time in procedure.
  It is server configuration issue or code issue.
  Thanks
  Newweber
  *********************** Code
  PROCEDURE pre_add (     ldapplugincontext IN ODS.plugincontext,
                 dn IN VARCHAR2,
                 entry IN ODS.entryobj,
                 rc OUT INTEGER,
                 errormsg OUT VARCHAR2
  IS
  ret                INTEGER;
  l_portal_user      wwsec_person.USER_NAME%type;
  l_first_name      wwsec_person.FIRST_NAME%type;
  l_last_name      wwsec_person.LAST_NAME%type;
  l_email      wwsec_person.EMAIL%type;
  l_work_phone      wwsec_person.WORK_PHONE%type;
  l_mobile      wwsec_person.MOBILE_PHONE%type;
  counter1           pls_integer;
  counter2           pls_integer;
  retval                pls_integer := -1;
  s                integer;
  user_session           DBMS_LDAP.session;
  user_dn           varchar(256);
  user_array           DBMS_LDAP.mod_array;
  user_vals           DBMS_LDAP.string_collection;
  user_binvals           DBMS_LDAP.blob_collection;
  indx                number := 1;
  BEGIN
  l_portal_user      :=null;
  l_first_name      :=null;
  l_last_name      :=null;
  l_email      :=null;
  l_work_phone      :=null;
  l_mobile      :=null;
  l_description      :=null;
  rc := 0;
  errormsg :=null;
  -- Create a mod_array
  user_array := dbms_ldap.create_mod_array(entry.binattr.count + entry.attr.count);
  -- Create a user_dn
  user_dn := substr(dn,1,instr(dn,',',1,1))||'cn=users,dc=e-hms,dc=net';
  FOR l_counter1 IN 1..entry.attr.COUNT LOOP
       FOR l_counter2 IN 1..entry.attr(l_counter1).attrval.COUNT LOOP
       ckerror('second loop get value--'|| entry.attr(l_counter1).attrname || '[' || l_counter1 || ']' ||'.val[' || l_counter2 || '] = ' ||entry.attr(l_counter1).attrval(l_counter2));                                   
  if entry.attr(l_counter1).attrval(l_counter2)     is null then
  ckerror('handle null attribule ');
  else                    
  -- get value
            ckerror('get value2'||entry.attr(l_counter1).attrname);
  IF entry.attr(l_counter1).attrname ='givenname' then           
                 l_first_name :=entry.attr(l_counter1).attrval(l_counter2);
                 ckerror('givename/firstname--'||l_first_name);
       elsif entry.attr(l_counter1).attrname ='sn' then           
                 l_last_name :=entry.attr(l_counter1).attrval(l_counter2);
                 ckerror('sn/lastname--'||l_last_name);
            elsif entry.attr(l_counter1).attrname ='mail' then
                 l_email := entry.attr(l_counter1).attrval(l_counter2);
                 ckerror(' email--'||l_email);
            elsif entry.attr(l_counter1).attrname ='mobile' then           
                 l_mobile :=entry.attr(l_counter1).attrval(l_counter2);
                 ckerror('mobile--'||l_mobile);
            elsif entry.attr(l_counter1).attrname ='telephonenumber' then           
                 l_work_phone :=entry.attr(l_counter1).attrval(l_counter2);
                 ckerror('work telphone--'||l_work_phone);
            elsif entry.attr(l_counter1).attrname ='cn' then           
                 l_portal_user :=entry.attr(l_counter1).attrval(l_counter2);
                 ckerror('cn/username--'||l_portal_user);
            elsif entry.attr(l_counter1).attrname ='description' then           
                 l_description :=entry.attr(l_counter1).attrval(l_counter2);
                 ckerror('description--'||l_description );
            else
            ckerror('handle other entry name--'||     entry.attr(l_counter1).attrname);
            ckerror('handle other entry--'||entry.attr(l_counter1).attrval(l_counter2) );
            end if;
  end if;
  ckerror('end compare at second loop');
  ckerror('NULL ASSIGN ISSUE FOR 72 --'||entry.attr(counter1).attrval(counter2));
  user_vals(counter2) := entry.attr(counter1).attrval(counter2);
  END LOOP;
  ckerror('end first loop');
  --- put ldap
  dbms_ldap.populate_mod_array(user_array,DBMS_LDAP.MOD_ADD, entry.attr(counter1).attrname,user_vals);
  user_vals.delete;
  END LOOP;
  processs other (l_firstname...) vars in SQL sataement
  EXCEPTION
  WHEN OTHERS THEN
  ckerror( 'Exception in PRE_ADD plugin. Error code is ' || TO_CHAR(SQLCODE));
  ckerror( ' ' || Sqlerrm);
  rc := 909;
  errormsg := 'Error code:'|| rc||' exception: pre_add data';
  END;

• OID provisioning via OIM

  OID provisioning from OIM
  i have deployed and configured OID connector but users not provisioned to OID. it gives INVALID_NAMING_ERROR. what could be the possible reason.

  please check and reply :
  View IT Resource Details and Parameters
  IT Resource Name OID IT Resource
  IT Resource Type OID Server
  Port 389
  Use XL Org Structure false
  Last Trusted Delete Recon TimeStamp
  CustomizedReconQuery
  SSL false
  Server Address 10.76.118.72
  Recon Attribute Lookup Code AttrName.Recon.Map.OID
  Root DN dc=ad,dc=infosys,dc=com
  Admin Id cn=orcladmin,cn=Users,dc=ad,dc=infosys,dc=com
  Last Target Recon TimeStamp
  Last Target Delete Recon TimeStamp
  Last Trusted Recon TimeStamp
  Admin Password *********
  Prov Attribute Lookup Code AttrName.Prov.Map.OID

• OIM to OID Provisioning to cn=groups

  We want to provision a user in to cn=groups in addition to cn=Users in OID.
  Flow is like, when we provision a user into OID. It is getting provisioned into cn=Users.
  But now depending on this user's User Type: If User Type is A or B. We want to provision this into cn=Groups (Which has two nodes cn=A and cn=B).
  So if the user created & Provisioned has User Type=A, it should be added to cn=A in cn=groups and same for userType=B.
  Requirement is we should have all the users of User Type=A in cn=A and similar for B. Please suggest the best approach to achieve this.
  Thanks.
  Regards,
  Nitin

  Hi,
  Problem still exists: I've reconciled groups from OID to OIM running this task: OID Group Lookup Reconciliation Task.
  Now i am able to see OID groups in Lookup.OID.Group. but when i try to add these groups from access policy/or during manual prov from OID User Group lookup search option, it is showing no value.
  I tried checking UD_OID_USR from, it has UD_OID_GRP as child table. And when i preview UD_OID_GRP from design console, i am able to query OID Groups that i reconciled.
  Also checked value of linked lookup in UD_OID_GRP: Lookup.OID.Group which is correct and populated good.
  But not able to see same user groups through Admin console. It throws this error on search:
  ERROR,28 Jul 2010 11:40:22,632,[XELLERATE.WEBAPP],Class/Method: tcLookupFieldAction/lookupByColumn encounter some problems: lookup Error
  ERROR,28 Jul 2010 11:40:24,820,[XELLERATE.WEBAPP],Class/Method: tcLookupFieldAction/lookupByColumnFiltered encounter some problems: No Values Present
  ERROR,28 Jul 2010 11:47:08,937,[XELLERATE.WEBAPP],Class/Method: tcLookupFieldAction/lookupByColumn encounter some problems: lookup Error
  ERROR,28 Jul 2010 11:47:10,386,[XELLERATE.WEBAPP],Class/Method: tcLookupFieldAction/lookupByColumnFiltered encounter some problems: No Values Present
  Help required urgently.
  Regards,
  Nitin

• OIM to OID provisioning

  I have a requirement where users need to be created into OIM bu running a one time Trusted Source Recon. Once the users are created on OIM we want to link the account on OID with the user account created on OIM. When we run a Target Recon for these users the OIM accounts are not getting linked to the OID account.
  Also when i create an user in OIM and try to provision the OID resource to him, he is getting Provisioned, whereas if i try to provision OID to a user created in OIM through Trusted Source Recon the status shows as Provisioning.
  Can anyone please help me out by letting me know what might be the difference between users created manually through OIM admin console and the ones created through Trusted Recon, since provisioning is not working for the second set of users.
  Thanks,
  Partha

  This indicates that your manual provisioning is working, but not target reconciliation.
  When you are running target reconciliation:
  Make sure that the scheduled job that you are running for target recon is given appropriate values in the parameters to be given.

• OIM to OID Provisioning - Userid getting 'null' in OID

  OIM provisioned to OID. When Im creating a user in OIM and provisioning the OID resource, the userid is getting 'null' value in OID.
  Any reasons? How to fix this ?
  I have checked the design console and the ldapuserDNPrefix is mapped to uid.

  Hi,
  You have to had an another atrribute in order to make it work:
  Solution
  While creating a user account on Oracle Internet Directory through Oracle Identity Manager, the
  user ID that you specify is assigned to the cn field of Oracle Internet Directory.
  If required, you can customize the mapping so that the user ID is assigned to the uid field of
  Oracle Internet Directory.
  1.In the Design Console, open the AttrName.Prov.Map.OID lookup definition.
  2.Change the decode value of the ldapUserDNPrefix code key to uid.
  *3.Add the following item to AttrName.Prov.Map.OID lookup defintion*
  Code key "User ID", decode value "uid".
  Please note that Key is case sensitive.

• OIM-OID Provisioning - OID Group PrePopulate Approach :

  Hi,
  I am working on OID Connector 9.0.1.14 with OIM 11.1.1.5.
  I have reconciled all the Roles and Groups from OID to OIM and can successfully provision users to the OID along with membership to these specific Roles and Groups.
  I want to prepopulate the OID Group based on certain attribute from the OIM User form. My Approach so far is :
  1) Created an Entity Adapter with a variable : say Org and GroupName.
  2) Set the Logic as if Org = XYZ (+XYZ does exist on OIM+) set GroupName as = "OID Group 1" else set GroupName as = "OID Group 2"
  3) Attached this adapter to the "OID User Group" form on the "Data Object Manager" at the pre-insert stage.
  4) Mapped the Adapter variable as :
  a) Org Maps to "Organization Definition" with the qualifier "Organization Name"
  b) GroupName maps to the "Entity Field" with the qualifier "UD_OID_GRP_GROUP_NAME"
  However nothing seems to happen when I create/modify a user with Orgization Name as XYZ and manually Provision the OID Resource. I can see the form but nothing is populated in the Group Field. Upon completing the request, I get the user provisioned to OID but without any Group information..
  Is my approach right ? Am I missing something ?

  Here is what I have done for a client. My requirement was for a given department, a user must have a list of groups provisioned to them. So here is what i've done:
  1. Create a lookup that has Code Key = Department, Decode = CN of the groups in a delimited format.
  2. Create a provisioning task that will look at the department code from the user form, reference the lookup and find the decode values. Split them based on a delimiter. Then using each value, lookup the code key value from the real lookup that contains the full distinguished name of the group in the OID Group lookup. I even appened the IT Resource Key and ~ so that my search would be Decode or Code = "IT Resource Name~CN=<CN VALUE>%". This would return only the single group code key value. And then i add it to the child table. Repeat this for all the values in the delimited field.
  3. Create a provisioning task that removes the values from the child table based on the delimited value. You'll need to search through the existing child table values.
  Once you have the 2 tasks, you'll want to add a value to the your Lookup.USR_PROCESS_TRIGGERS that is your group determining field. Create your task name in this lookup. On your provisioning workflow, for the Adding of the groups task, make this unconditional, and have a preceding task of the Create User. Give it the name from your Lookup.USR_PROCESS_TRIGGERS and append " - Add Groups" to the task name. Create another task called the same, but append " - Delete Groups" to the task name. On the Add Groups task, make the preceding task the Delete groups. When you map your inputs to the adapters, on the delete, select the old value check box from the User Form so that you get the old value. Now, when the value changes on the user form, it will first remove the old groups, then add the new ones. All this will be done using the child table APIs, so that the existing Insert and Delete task triggers for your child table will run.
  -Kevin

• OID Provisioning issue on OIM 11g

  Hi,
  I have ran the target user recon for OID and noticed from the events that users are not linked. I tried assigning OID User resource from the provisioning workflow on the admin console but I am seeing the following the issue:
  DOBJ.ORC_NO_ORDER
  An error occurred while retrieving process information null : null
  Please help.

  Hi
  Can you verify On your OID resource object in desing console 'Order For User' is chosen.
  Regards
  user12841694

• OIM-OID provisionning issue with external plug in with AD

  Hi OIM/OID Guru's,
  We are using OIM with OID connector and having external authentication plug-in feature of OID with AD. Here we are using OID for user profile storage and doing password validation by using external plugin through AD however we have been
  facing one issue which is mentioned below :-
  Whenever we are creating any user in through OIM and found that user is provisioned to the OID target source but populating wrong value of attribute orclSourceObjectDN in OID process form:-
  orclSourceObjectDN = cn=OIDTEST3,CN=Users,DC=oracle-test,DC=oracle,DC=com
  correct value should be orclSourceObjectDN =cn=OIDTEST3,CN=Users,DC=oracle,DC=com
  we don't have any container in OID with DC=oracle-test however not sure how the process form is picking up this value?
  However could you please put more light why it is appending wrong DN in OIM process form? Where should i check for this from OIM side?

  Hi Dear,
  thanks for your reply and we are using OIM 9.x version. Checked Root DN value as you suggested (see below snap shot for oid resource definition):-
  Admin Id     cn=username
  Admin Password     *******
  Group Reconciliation Time Stamp     
  Last Target Delete Recon TimeStamp     
  Last Target Recon TimeStamp     
  Last Trusted Delete Recon TimeStamp     
  Last Trusted Recon TimeStamp     
  Port     6060
  Prov Attribute Lookup Code     AttrName.Prov.Map.OID
  Prov Group Attribute Lookup Code     AttrName.Group.Prov.Map.OID
  Prov Role Attribute Lookup Code     AttrName.Role.Prov.Map.OID
  Role Reconciliation Time Stamp     
  Root DN     DC=oracle,DC=com
  SSL     false
  Server Address     My server name
  Use XL Org Structure     false

• Queuing/Retrying 'Rejected' status OID Process Tasks: OIM-OID provisioning

  Hello Gurus,
  I have already up and running environment with OIM, OID connector pack and OID as the target system. So when a user data (for e.g. a UDF) is being provisioned from OIM to OID target system; if a process task comes back with 'rejected' status due to target unavailability/OID down; then is there any settings that we can configure within OIM design console that queues up and retries these 'rejected' tasks related to each individual user?
  Is there any setting within any of the OID lookups such that we can set a retry count for such process tasks?
  The goal is without human intervention all these 'rejected' process tasks should run successfully and be set to 'completed' status. If the target system is unavailable then there should be a way to run all these failed tasks - is my assumption.
  Is it by anyway related to 'Offline Provisioning'?
  Please provide some guidelines.
  Thanks,
  - oidm.
  Edited by: oidm on Mar 16, 2010 10:34 PM

  But it'll only allow us to 'retry' those specific tasks for a limited number of times and limited period of time. And will this task be retried only if its 'rejected' or it'll be retried for whatever number of times we specified?
  What if the target system doesn't come up for the whole day? Can we specify some value for the same in 'Duration' fields?
  So all in all if we talk about retrying the failed/rejected tasks we just have these options in hand as far as task 'status' is concerned?
  Thanks,
  - oidm.

• OIM OID PROVISIONING-RECONCILIATION

  hi
  i m using OIM with OID for provisioning and reconciliation
  while i reconcile from OID to OIM changes are reflected in OIM user profile
  while provisioning from OIM to OID ,when i make some changes in user profile, it does not get reflected in process form. i need to make the changes again in process form ,then only it gets reflected in OID.
  the process becomes very cumbersome. how this can be resolved ?

  Well for that you need to configure proper Change Field type process tasks which will actually transfer information from User Profile to process form.
  Refer look up USR_PROCESS_TRIGGERS for more details. You might also have a look at similar threads like following.
  Re: Password Update Task for OID Process form
  Thanks
  Sunny

• Escape character before dot in dn entry after OID provisioning

  Our OIM users are auto provisioned to OID using out of box OID connector. Everything works fine other than this issue.
  When value for OIM's "User login" contain the character dot (say BILLY.BOB) , the corresponding dn entry in OID is created with an escape character (dn: uid=BILLY\.BOB,cn=users,dc=abc,dc=com) .
  Example :
  OIM's 'User Login' = BILLY.BOB
  OID Entry created as
  dn: uid=BILLY\.BOB,cn=users,dc=abc,dc=com
  givenName: Billy
  uid: BILLY.BOB
  cn: Billy Bob
  Note that the uid does not get the escape character, only the dn value is getting affected.
  Thanks in advance!
  Kabi

  You need to remove . in the Lookup defintion which comes with OOTB connector.
  Re: OID Connector.User Id includes "\" when seen through ODSM

• OID Provisioning issue

  I have a case where a user did not get updated in OID when his account got modified in OIM. This lead to a data mismatch between OID and OIM.
  Can I write a task to send his info into OID.
  Thanks
  M

  Hi,
  This case is discussed numerous time in this forum.Please search the forum and you will get your answer.
  Check out this latest thread and solution by me and Kevin.
  Re: pushing oim account profile changes into AD!
  Regards
  Nitesh

• OIM - OID provisioning How to kill formatOrgDN ?

  Hello friends,
  few rows from OIM log :
  XL_INTG.OID OID:tcUtilLDAPOperations -> ~~~~~~~~~~Leaving getPath() with dc=company,dc=com~~~~~~~~~~
  XL_INTG.OID the initial pContainerDN is:cn=Users
  XL_INTG.OID tcUtilOIDUserOperations -> Entering formatOrgDN(s,s)
  XL_INTG.OID tcUtilOIDUserOperations -> with Parameters
  XL_INTG.OID tcUtilOIDUserOperations -> [pOrgDNcn=Users
  XL_INTG.OID tcUtilOIDUserOperations -> pRootDNdc=company,dc=com]
  XL_INTG.OID OID:tcUtilLDAPOperations -> ~~~~~~~~~~Entering getPath() with ou=users~~~~~~~~~~
  XL_INTG.OID OID:tcUtilLDAPOperations -> ~~~~~~~~~~Leaving getPath() with ou=Users,dc=company,dc=com~~~~~~~~~~
  so formatOrgDN changes orgDN from cn=Users to ou=Users.
  Maybe someone can help me, where can i disable this formatting ?
  OIM 9.1.0.0
  OID connector : 9.0.4.1
  Thanx!

  Check IT Resource configuration put root dn for your identities, then searh in AttrName.Prov.Map.OID lookup change ldapOrgDNPrefix with your entry name and
  ldapOrgUnitObjectClass for your organization ldap class

• Error while updating the value to OID

  Hi,
  I have configured the OID provisioning, the Change tasks are working fine but the updated tasks are getting rejected for one custom attribute with the below error.
  <Aug 30, 2012 10:19:22 PM EST> <Error> <XELLERATE.ADAPTERS> <BEA-000000> <Class/Method: tcAdpEvent/getITAssetParam encounter some problems: Could not find IT asset value for Svr_key = 121 and spd_key = 214>
  <Aug 30, 2012 10:19:22 PM EST> <Error> <XELLERATE.ADAPTERS> <BEA-000000> <Class/Method: tcAdpEvent/getITAssetParam encounter some problems: DATA_ERROR
  com.thortech.xl.dataobj.util.tcAdapterTaskException: DATA_ERROR
  The updated tasks are working well for other attributes. The adapter I have used is the OOTB adapter "adpOIDMODIFYUSER".
  Please let me know the solution.
  Regards,
  Ishank

  There was an issue with mapping. After resolving that it worked fine.