OIM 11g - Change 'Modify Self Profile'

Similar Messages

• Modify Self Profile in Request Failed status

  Hi,
  I have requiement to allow user to update his few details though Self-Service>My Profile> Attributes Update . System trigers an OOB approval to System Administrator for the Modify Self Profile , and on approval of task the attributes are getting updated succesfuly however , the status of task is "Request Failed." On request history it's caputring error after Post Process Initation . Any idea , what can be the issue here .
  Thanks In Advance
  Swati Pandey

  Issue is resolved.

• OIM 11g changing process tasks on Xellerate User

  Hi all,
  I am trying to send an email when an OIM user gets disabled. To do this i would like to set the Notification for the "Disable User" process task on Xellerate User.
  However, any attempted change to the process tasks gives this error:
  The security level for this data item indicates that it cannot be updated.
  Update failed.
  Update failed.
  Adding a post-update event handler doesn't work in 11g anymore as well.
  What would be the suggested way to send emails and fire adapters on changes to the user profile?
  Thanks for your thoughts.

  Hi Kevin,
  I got it working by creating a new process task with task effect: Disables Process Or Access To Application
  That process task had an adapter attached that would send the mail.
  After your comment I went on to experiment with the notifications. Earlier i couldn't get them to be sent, but after creating a new process task (setting the tcCompleteTask handler and the notification) it started sending the emails. And now I don't need the custom adapter anymore.
  Not sure what changed, thanks for your input.

• OIM 11g R1 - Modifying a Resource Erases Custom Process Task ???

  I've created a Generic Resource in OIM that uses the Database Applications Table connector 9.1.0.5.0.
  Then I add my own process tasks through Design Console under "Process Management -> Process Definitions". On each custom process task I've attached my own custom adapters, which I created through "Development Tools -> Adapter Factory" in Design Console. These custom adapters use methods from my Java code. My Java jar file is located in "Oracle_IDM1/server/JavaTasks".
  Now here is the issue:
  Whenever I modify this resource in OIM under "Configuration -> Manage Generic Connector" (E.g Changing reconciliation type from Full to Incremental), all my custom process tasks get deleted.
  What is the reason for this? Is there a solution for this problem?

  This is indeed a major flaw for GTC. Below I found this issue in a Oracle doc.
  Doc Link: http://docs.oracle.com/cd/E14571_01/doc.1111/e14309/aptrouble.htm
  Below is a description of this issue from the Oracle documentation
  Summary:
  Customization work done on objects of a generic technology connector would be overwritten if you perform a Manage Generic Technology Connector operation.
  Description:
  You can use the Design Console to customize connector objects that are automatically created during generic technology connector creation. However, after you customize connector objects, if you perform a Manage Generic Technology Connector operation, then all the customization done on the connector objects would be overwritten. Therefore, Oracle recommends that you to apply one of the following guidelines:
  Do not use the Design Console to modify generic technology connector objects.
  The exception to this guideline is the IT resource. You can modify the parameters of the IT resource by using the Design Console. However, if you have enabled the cache for the GenericConnector and GenericConnectorProviders categories, then you must purge the cache either before or after you modify IT resource parameters. See "Purging the Cache" in the Oracle Fusion Middleware System Administrator's Guide for Oracle Identity Manager for information about running the PurgeCache utility.
  If you use the Design Console to modify generic technology connector objects, then do not use the Manage Generic Technology Connector feature to modify the generic technology connector.
  Connector objects that are automatically created are not deleted even if the generic technology connector creation process fails.

• Which architecture do you use for OIM 11g IHM (admin, self service, etc)?

  Hi,
  I would like to know if you use :
  - The native IHM with native extension (Event handlers, prepopulate adapters, etc).
  - Custom tabs in ADF added to OIM.
  - A web application in ADF (war) added to the oim.ear.
  - A J2EE application in ADF which communicates through webservices.
  - A J2EE application in another technology which communicates through webservices.
  - Other architectures.
  And why did you choose this architecture?
  Thank you very much for your replies.
  Regards
  Pierre.

  Note that you can use the internal LDAP that comes with WebLogic, for your users and groups if you want.
  When you have multiple domains, you have a problem with this set-up as the internal LDAP is coupled to
  a specific domain. This means that users you created in one domain are not visible in the other. When using
  a separate LDAP that contains the users. You can configure in each domain an authenticator that points
  to the LDAP. In this way you can share to user accross multiple domains.
  When you are planning to use one domain you can stick with the internal LDAP if you want.
  An example set-up (that uses access manager not identity manager) can be found here: http://middlewaremagic.com/weblogic/?p=7819,
  which might help you in how to proceed.

• OIM 11G : Selecting Multiple RO's in Single "Self Request Resource" Failing

  Hello Everyone,
  OIM 11G : End User "Self Request Resource" failing when user selects 2 or more resources in a Single Self Request Resource Request
  1) On OIM 11G, I have created 2 resource objects, workflow, process forms.
  2) Created the separate request dataset xml and imported into OIM repository
  3) Now if an end user creates a request , "Self Request Resource" and selects one of the resource
  4) Form defined as per request dataset shows up perfectly for the application on Resource Attributes page which comes next.
  5) Only Problem that I am seeing is when End User selects 2 resources in one single request
  Both the resource request dataset has been correctly configured because selecting only 1 works not both when both are selected in same request.
  Thanks,
  Deepak

  Hello Experts,
  on OIM 11G
  I am getting the above issue when an end user does a "self request resource" and selects 2 Resource Objects.
  On the Next Page, attribute form defined as per the request dataset.xml does not show up.
  Both the RO's are seen on top breadcrumbs but with a blank form. I can navigate to the next RO Resource Data Details again with a blank form.
  Though the attribute form as per request dataset comes up properly if I select any 1 of the 2 RO's and make "self request resource". everything goes fine.
  I have followed the documentation thoroughly to import the datasets etc and can see request dataset in MDS_PATHS table (DEV_MDS user).
  If anybody has also faced a similar issue or tested that selecting 2 RO's in 1 single "self request resource" works , pls let me know.
  Thanking in advance,
  Deepak

• OIM 11g - Modify AdminWelcome.jsff

  I want to modify the AdminWelcome page that the panel box for roles, organization and authorization policy are closed by default. Only the panel box for user should be open
  Could somebody help me, how to modify the AdminWelcome.jsff from IdentityTaskFlow.jar?
  Edited by: 935899 on Aug 16, 2012 8:53 AM

  Hi Rajiv,
  Thanks for your response.
  1. I want to make Manager field on Profile->My Profile->Attributes editableYou can create Authorization Policy for this. I don't have VM running but Manager field should be present there.
  I tried to do that but the Manager field still can't be edited. I wonder if there is a (xml) file that i must edit just like in 10g such as FormMetadata.xml perhaps?
  2. When user modify the attribute(s) by him/her self, there is a workflow initiate and goes to xelsysadm (default request level and operation level).Customize OOTB Approval workflow or create new one with new Approval Policies.I tried to make a request level and operation level in Approval Policy with Auto Approval then it worked, no need approval when the user modify self profile.
  Thank you
  Ivan P
  Edited by: ivan kw on Sep 8, 2011 3:19 AM
  Edited by: ivan kw on Sep 8, 2011 3:22 AM

• OIM 11g Modify User Profile for Updating End Date

  Hi Gurus!
  We have an OIM implementation where users may request the creation of other users by means of a Create User request template. In this template we set the End Date to be 3 months after the request date.
  In order for the requester to extend the period of a user's OIM user account (along with its provisioned resources) we customized a Modify User Profile by displaying the End Date field and automatically populate it again to 3 months after the request date. Also we developed a custom event handler to enable the user when it is disabled and the End Date is updated to a future date.
  This Modify User Profile is working great when the user is still enabled (the End Date is still in the future), however, when the End Date has passed (and the user is Disabled) the requester is not able to see the user when selecting the Modify User Profile request template.
  Is there a way to allow requesters to also see disabled users in the Modify User Profile request template?
  Thank you in advance.
  Regards,

  Hi Kevin,
  thanks for your reply!
  But, in this case, when the user is already disabled due to his End Date, how can a requester, through the Self Service TAB, enable it?
  The Enable User request template does not work since when trying to enable the user, OIM sees the End Date is already passed and the DataSet validation throws an exception.
  The only way I saw was providing a Modify User Profile Request template to change the End Date and developing a custom event handler to enable the user upon the extension of the End Date...
  How can, in this situation, a requester enable the user and extend its End Date?
  Thank you!
  Regards,

• Self Registration in OIM 11g

  Hi,
  Can some one guide me on how to add User defined fields to self Registration page.My requirement is : In self registration form(at the login page),I have to add some UDFs and delete some existing fields.
  2.User should be created immediately - no approval process for user creation
  3.User email address should be the userid/username. All the oim-username properties should apply to user email address.(No duplicate user email address).Please help.
  Thanks.

  Regarding Question 1, Chapter 8 ( managing profile) of OIM 11g user guide should help you here. In summary, You will need to use self service related authorization policies to add udfs to self profile page.
  http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14316/my_profile.htm#CACICCFD
  Regarding Question 3, Please check out 11.5.2 Configuring the Username Policy of OIM 11g user guide.
  http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14316/usr_mangmnt.htm#CHDJGJJA
  You will need to configure EmailIdPolicy as the username generation policy. OIM11g has OOTB validations to enforce email uniqueness.

• Reconciliation of "change password on next logon" from AD fails in OIM 11g

  Hello,
  We have a use case on our OIM 11g project where we create a user in Active Directory and check *"User must change password at next logon"* box in AD.
  We have setup AD as Trusted and Target resource (using connector 9.1.1.7), where users coming from AD will be created in OIM and password changes in OIM will be sent to AD. Also we use the password synchronization module (9.1.1.5) to synchronize the passwords from AD to OIM when they are changed in AD.
  What we noticed is the "User must change password at next logon" is synchronized to the "AD Resource", but unlike the regular attributes it is not accessible normally because it's a system attribute.
  What we expect is the user logging in to OIM will be prompted to change the password, but nothing happens when the newly reconciled user logs in (i.e. normal self-service page is shown). Same thing applies when we set the flag on an existing user also.
  Did anyone get this working properly?
  P.S. In a previous version it used to be the opposite where the user was constantly prompted for the password, even though it was changed in AD already, after changing the password using Alt+Crtl+Delete the user was still prompted to change when logging in to OIM. Oracle suggested we upgrade to 11.1.1.5.1 (most recent patch set) but now the reverse happens - we never get change password prompt now.
  Thanks,
  -JP
  Edited by: JacekP on Oct 17, 2011 8:10 AM

  Yeah, you're right, unfortunately we have dual authorative password model, where a user can change the password from OIM when he is accessing a OIM through a web interface or from his Windows machine through the domain controller. We need the use case to work fully both ways ideally.
  A plan-B solution is to use a directory synchronization mechanism outside of OIM that would connect OID and AD, but we would prefer not to.

• OIM 11g R2 - Invoking Modify Operation on a disbled account

  Hi,
  In OIM 11g R2, we noticed that OIM is allowing to perform modify operation on an account which is in disabled state.Is there any way to prevent this?.We are planning to write a validator code to perform this check but we have multiple connectors,so the changes are substantial.Thanks in advance.

  Hi,
  Sounds like I hit the same issue with OIM 9.x
  I tried to update the corresponding process form version of an existing user in OIM db, still the new field is not available in UI.
  Referred to SQL update http://rajivdewan.blogspot.fi/2013/08/fvc-form-version-control-utility.html
  That's cool! After updating the process form version in db, existing user's process form displays new attribute.
  Br,
  Jakob
  Message was edited by: JakobDaavid

• Customize Self Service Page in OIM 11g

  Hi All,
  How can i add some functionality of Profile tab in to another custom tab like(i have to add resource tab(Self Service Page-->My Profile-->Resource) in to a custom tab) because i have to hide Profile tab and add Proxy and Resource tab of Profile tab in to another custom tab so that user can see only these two tab instead of whole profile tab .
  please give me any idea how to do it.
  thanks
  Edited by: 902535 on Apr 10, 2013 10:53 PM

  Duplicate Post:
  Adding Custom Tab in OIM 11g  Self Service Page

• OIM 11g R2 - Change User Container

  Hello,
  I need to change the ldap user container in OIM 11g R2. I need to change it from cn=users1,cn=oracleAccounts,dc=mycompany,dc=com to cn=users2,cn=oracleAccounts,dc=mycompany,dc=com. I am using OUD as the directory for LDAP sync. How do I do this?
  Thanks.

  you need to modify the /db/LDAPContainerRules.xml to achieve this. Export it from MDS , modify it and then import it again. Restart OIM and then try.
  Regards,
  Sunny

• Can approver modify user's request form in OIM 11g?

  Dear All,
  In OIM 10g, the approver of a request can modify user's request form, we just need to configure the permission in OIM. But, can we do it in OIM 11g?
  If can, how can i configure it?
  really need your help guys,, :D
  Thank you,
  --herry                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               

  Hi user12841694,
  Thanks for the suggestion. But, the data (field) that can be modified by the approver is very limited. We cannot attach multi-valued attribute there (like Child Form).
  Regards,
  ---herry

• Auto approval for self registration request in OIM 11G R2

  Hi all,
  We have a requirement where we want end users to be able to self-register without needing any sort of approval. We are using OIM 11G R2 with the latest patchset.
  The way to do it in 11G R1 is explained in the following document:
  [http://docs.oracle.com/cd/E21764_01/doc.1111/e14316/unauth_selfservice.htm#BABFEIBF]
  But now that R2 does not have any request templates, we are not sure how to do this. Any help will be greatly appreciated. Thanks for your time.
  -sandeepc

  refer this.
  Configuring Auto-Approval for Self-Registration - Fails due to Organisation