OIM 11g , Ignore User Creation
Folks ,
I am facing a issue , hoping you guys could throw some pointers ..
I have a trusted recon set up via GTC DB connector . There is particular condition when i dont want the user to created in OIM though it will be pulled by GTC (Unfortunately i cant stop that).
So in nutshell, i want to ignore the OIM user creation when a particular reconciled attribute lets say firstName = ABC AND user is not already present in oim, then ignore the user creation ..
Any pointers how to achieve this ..
Thanks
Suren
Thanks Raghav for your response , but how ill this work .
So , when FirstName = ABC record will come , as per your recon rule .., it wont link to any existing user and it will land up in No Match Found status and as its trusted recon it will create the user .., which i dont want ..
I cant delete rest of the action rules , they are required for processing the updates etc ...
Please let me know if you need more info ..
Thanks
Suren
Similar Messages
-
OIM 11g Modify User Profile for Updating End Date
Hi Gurus!
We have an OIM implementation where users may request the creation of other users by means of a Create User request template. In this template we set the End Date to be 3 months after the request date.
In order for the requester to extend the period of a user's OIM user account (along with its provisioned resources) we customized a Modify User Profile by displaying the End Date field and automatically populate it again to 3 months after the request date. Also we developed a custom event handler to enable the user when it is disabled and the End Date is updated to a future date.
This Modify User Profile is working great when the user is still enabled (the End Date is still in the future), however, when the End Date has passed (and the user is Disabled) the requester is not able to see the user when selecting the Modify User Profile request template.
Is there a way to allow requesters to also see disabled users in the Modify User Profile request template?
Thank you in advance.
Regards,Hi Kevin,
thanks for your reply!
But, in this case, when the user is already disabled due to his End Date, how can a requester, through the Self Service TAB, enable it?
The Enable User request template does not work since when trying to enable the user, OIM sees the End Date is already passed and the DataSet validation throws an exception.
The only way I saw was providing a Modify User Profile Request template to change the End Date and developing a custom event handler to enable the user upon the extension of the End Date...
How can, in this situation, a requester enable the user and extend its End Date?
Thank you!
Regards, -
OIM 11g, Get users from table and insert them into Approval Task
Hi All,
I have OIM 11.1.1.5.4 in Solaris 10 and I have an Oracle Table configured as Trusted Source.
I am using Database_App_Tables_9.1.0.5.0 connector.
I want Reconciliate new users from a Oracle Table as follow:
1. I ran the scheduled job
2. The new users reconciled Must get into an Approval Task before of insert them into USR Table.
3. The Administrator User Approved o Rejected the new users.
4. The new users that were approval Must insert them into USR Table.
Is there any form of implement this?, Can you guide me please?.
Thanks for your Help.Through your Schedule Task, generate "*Create User*" (Request Type) request and assign approval workflow for such requests.
After completion of approval ONLY, users will get created into OIM 11g. -
OIM 11g searching users by UDF, using API
Hi,
I can't search by any field other then "Users.User ID, Users.Key, Users.Middle Name ... "
Standard fields but not on the list above (i.e. "USR_STREET"), allways result as 0 (rs.getRowCount()=0).
And the worst is searching by user defined field. It always ends with exception.
my code:
tcUserOperationsIntf a = client
.getService(tcUserOperationsIntf.class);
Hashtable ht = new Hashtable();
ht.put("USR_UDF_HR_ID1", "10000008");
System.out.println(ht);
tcResultSet rs = a.findAllUsers(ht);
System.out.println("count: " + rs.getRowCount());
System.out.println(rs.getStringValue("Users.User ID"));
System.out.println(rs.getStringValue("USR_UDF_HR_ID1"));
HR_ID1 is string, not required, not unique, searchable.
What I get is:
*Thor.API.Exceptions.tcAPIException: Error occurred while finding users.
at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:234)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:348)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:259)
at Thor.API.Operations.tcUserOperationsIntf_e9jcxp_tcUserOperationsIntfRemoteImpl_1033_WLStub.findAllUsersx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:84)
at $Proxy2.findAllUsersx(Unknown Source)
at Thor.API.Operations.tcUserOperationsIntfDelegate.findAllUsers(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at Thor.API.Base.SecurityInvocationHandler$1.run(SecurityInvocationHandler.java:68)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.security.Security.runAs(Security.java:41)
at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(weblogicLoginSession.java:52)
at Thor.API.Base.SecurityInvocationHandler.invoke(SecurityInvocationHandler.java:79)
at $Proxy3.findAllUsers(Unknown Source)
at com.netline.woz.magwit.ApiTester.main(ApiTester.java:72)
Caused by: Thor.API.Exceptions.tcAPIException: Error occurred while finding users.
at com.thortech.xl.ejb.beansimpl.tcUserOperationsBean.findAllUsers(tcUserOperationsBean.java:4588)
at Thor.API.Operations.tcUserOperationsIntfEJB.findAllUsersx(Unknown Source)
at sun.reflect.GeneratedMethodAccessor2851.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy321.findAllUsersx(Unknown Source)
at Thor.API.Operations.tcUserOperationsIntf_e9jcxp_tcUserOperationsIntfRemoteImpl.findAllUsersx(tcUserOperationsIntf_e9jcxp_tcUserOperationsIntfRemoteImpl.java:1182)
at Thor.API.Operations.tcUserOperationsIntf_e9jcxp_tcUserOperationsIntfRemoteImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)*
Any idea what's missing? I saw in diffrent threads that searching by UDF should work fine...
Thank you,
MagdaDid you restart your oim server after creation of the UDF?
Also, you can create a lookup definition of Field type. Put the database field in the field, and the Users.XXXXX in the label and then you should be able to search on the Users.XXXX after a restart.
-Kevin -
OIM 11g R2 - User random password Generation
Hi All,
In my case users are getting created in OIM using Trusted source reconciliation and need to populate a random password for each user.
Please suggest me which of the following methods is better and why?
Method 1: Created a post Event Handler and populate password attribute. This case I created a custom Post event handler and populated password attribute and is success but the password stored in database is plain text and so not able login to Adminconsole with same password. So, how to encrypte password and then store in DB?
Method 2: Create entity adapter and attach to user form using Data object manager
Or, please suggest me any other best way.
Thanks in advance.Hi,
Users are being created thru trusted source recon and password is not automatically getting populated. I verified it, by checking USR_PASSWORD attribute in USR table and it is empty. -
OIM 11g r2 User UDF fields Updation based on AD ID
Hi,
We have to update the UDF fields created for the users in OIM using the data from a table.
This table contains the AD ID, and other fields.
OIM User (already available) will be updated based on AD ID ….i;e AD ID column will be used to find the user in OIM and then his UDF will be updated based on the respective data from other columns in the table .
Please can you help me on this task?
Thanks,Your requirement doesn't tell much like when you want to update your user. If it would be on daily basis then go for Schedule Task, if you want to at the time of provisioning then you can have one task and attach your code to bring AD ID in OIM..
You may leverage Event Handlers as well if your use case requires that. -
OIM 11g create user with API - double resources
Hello.
We have a custom web client for creating a user in OIM. When we create a user with the OOTB web app (formerly xlWebApp), it creates the user and the Access Policies work correctly to give the user one of each resource.
When we create the user with the API from our custom web app, it tries to assign 2 of each resource to the new user. Has anyone seen this behavior before? Thank you.Bump Thanks.
-
OIM 11g R1 - User Login activities
Hello,
we have OAM-OIM-OID integration. A user authenticates against OAM/OID.
It is possible to track any user login or user password changes?
Where will this activities stored? OAM or OID?you can check the OAM or OID Audit logs.
OID: ORACLE_INSTANCE/auditlogs/OID/oid1
OAM: <MW_HOME>/user_projects/domains/OAM_domain/servers/oam_server1/logs/auditlogs
Reference:
http://docs.oracle.com/cd/E14571_01/doc.1111/e15478/audit.htm
http://docs.oracle.com/cd/E15523_01/oid.1111/e10029/auditing.htm -
OIM 11G : Selecting Multiple RO's in Single "Self Request Resource" Failing
Hello Everyone,
OIM 11G : End User "Self Request Resource" failing when user selects 2 or more resources in a Single Self Request Resource Request
1) On OIM 11G, I have created 2 resource objects, workflow, process forms.
2) Created the separate request dataset xml and imported into OIM repository
3) Now if an end user creates a request , "Self Request Resource" and selects one of the resource
4) Form defined as per request dataset shows up perfectly for the application on Resource Attributes page which comes next.
5) Only Problem that I am seeing is when End User selects 2 resources in one single request
Both the resource request dataset has been correctly configured because selecting only 1 works not both when both are selected in same request.
Thanks,
DeepakHello Experts,
on OIM 11G
I am getting the above issue when an end user does a "self request resource" and selects 2 Resource Objects.
On the Next Page, attribute form defined as per the request dataset.xml does not show up.
Both the RO's are seen on top breadcrumbs but with a blank form. I can navigate to the next RO Resource Data Details again with a blank form.
Though the attribute form as per request dataset comes up properly if I select any 1 of the 2 RO's and make "self request resource". everything goes fine.
I have followed the documentation thoroughly to import the datasets etc and can see request dataset in MDS_PATHS table (DEV_MDS user).
If anybody has also faced a similar issue or tested that selecting 2 RO's in 1 single "self request resource" works , pls let me know.
Thanking in advance,
Deepak -
Oim 11g Custom Challenge questions
hi,
does oim 11g allows users to setup custom challenge questions.
Sun Idm does have this feature..
any idea on Oracle Idm..
thank you.How to add custom challenge questions in OIM 11g
Find below link for 11gR2
http://srini-bellamkonda.blogspot.in/2012/11/adding-custom-challenge-questions-in.html -
Creation of a Request in OIM 11G using API's
Hi Friends,
I am trying to create a request using OIM 11g API's.
I am trying to do this for EBS Responsibility resource and this resource has a request dataset has EBS-IT-Resource-Instance, application name, responsibility name, start date and security group. Please note application name, responsibility name, start date and security group are in child form.
I am trying to populate the request dataset using the below code.
List<RequestBeneficiaryEntityAttribute> entityAttrList;
RequestBeneficiaryEntity entity = null;
entityAttrList = new ArrayList<RequestBeneficiaryEntityAttribute>();
entity = new RequestBeneficiaryEntity();
tcITResourceInstanceOperationsIntf tcITResourceIntf = Platform.getService(tcITResourceInstanceOperationsIntf.class);
HashMap searchcriteria = new HashMap<String, String>();
searchcriteria.put("IT Resources.Name", "EBSHF-APPS12");
tcResultSet resultSet = tcITResourceIntf.findITResourceInstances(searchcriteria);
long itResourceKey=resultSet.getLongValue("IT Resources.Key");
entityAttrList.add(this.getAttrLong("eBusiness Suite Instance Name",itResourceKey));
entityAttrList.add(this.getAttr("Application Name","3~300"));
entityAttrList.add(this.getAttr("Responsibility Name", "3~300~52281"));
entityAttrList.add(this.getAttr("Security Group", "3~0"));
entity.setEntityKey(getResourceKey("Oracle eBusiness Responsibility"));
entity.setEntityType(RequestConstants.RESOURCE);
entity.setEntitySubType("Oracle eBusiness Responsibility");
entity.setEntityData(entityAttrList);
private RequestBeneficiaryEntityAttribute getAttr(String name, String value)
RequestBeneficiaryEntityAttribute attr = null;
attr = new RequestBeneficiaryEntityAttribute(name, value, RequestBeneficiaryEntityAttribute.TYPE.String);
return attr;
private RequestBeneficiaryEntityAttribute getAttrLong(String name, long value)
RequestBeneficiaryEntityAttribute attr = null;
attr = new RequestBeneficiaryEntityAttribute(name, value, RequestBeneficiaryEntityAttribute.TYPE.Long);
return attr;
My code is working fine and a request is getting created. But when I try to open the request dataset(object form) for the newly created request, I am getting null exceptions.
If I did not populate the fields that are in the child form application name, responsibility name and security group which are highlighted above, then I am able to view the form with the correct IT-Resource-Instance name after request creation.
So, I am thinking I am doing something wrong while populating child form data in the request dataset.
Can you please provide me some code snippet to populate the child using 11G API'S?Hi Bikash,
After referring your code, i made changes in mine. Here is my updated code.
RequestBeneficiaryEntityAttribute parantAttr=null;
List<RequestBeneficiaryEntityAttribute> entityAttrList;
RequestBeneficiaryEntity entity = null;
entity = new RequestBeneficiaryEntity();
parantAttr=this.getAttrLong("eBusiness Suite Instance Name", itResourceKey);
RequestBeneficiaryEntityAttribute mid1 = new RequestBeneficiaryEntityAttribute();
List <RequestBeneficiaryEntityAttribute> childAttributesList = new ArrayList<RequestBeneficiaryEntityAttribute>();
childAttributesList.add(this.getAttr("Application Name", "3~555"));
childAttributesList.add(this.getAttr("Responsibility Name", "3~555~22862"));
childAttributesList.add(this.getAttr("Security Group", "3~0"));
mid1.setChildAttributes(childAttributesList);
mid1.setAction(RequestBeneficiaryEntityAttribute.ACTION.Add);
entityAttrList = new ArrayList<RequestBeneficiaryEntityAttribute>();
entityAttrList.add(parantAttr);
entityAttrList.add(mid1);
But when I try to run this, it is getting failed saying "RequestServiceException: IAM-2050033:Invalid attribute name null. No corresponding reference was found in the data set ProvisionResourceOracle eBusiness Responsibility".
Here is my request data set for your reference.
<AttributeReference name="eBusiness Suite Instance Name" attr-ref="eBusiness Suite Instance Name" type="Long" length="50" widget="itresource-lookup" required="true" available-in-bulk="true" itresource-type="eBusiness Suite UM"/>
<AttributeReference available-in-bulk="true" length="10" widget="text" type="String" attr-ref="UD_EBH_RSCP" name="EBS HR Foundation User Responsibilities">
<AttributeReference name="Application Name" attr-ref="Application Name" type="String" length="256" widget="lookup-query" available-in-bulk="true" required="true">
<lookupQuery lookup-query="select lkv_encoded as Value,lkv_decoded as Description from lkv lkv, lku lku where lkv.lku_key=lku.lku_key and lku_type_string_key='Lookup.EBS.Application' and lkv_encoded like concat('$Form data.eBusiness Suite Instance Name', '~%')" display-field="Description" save-field="Value"/>
</AttributeReference>
<AttributeReference name="Responsibility Name" attr-ref="Responsibility Name" type="String" length="256" widget="lookup-query" available-in-bulk="true" required="true" primary="true">
<lookupQuery lookup-query="select lkv_encoded as Value,lkv_decoded as Description from lkv lkv,lku lku where lkv.lku_key=lku.lku_key and lku_type_string_key='Lookup.EBS.Responsibility' and lkv_encoded like concat('$Form data.Application Name','~%')" display-field="Description" save-field="Value"/>
</AttributeReference>
<AttributeReference name="Security Group" attr-ref="Security Group" type="String" length="256" widget="lookup-query" available-in-bulk="true" required="true">
<lookupQuery lookup-query="select lkv_encoded as Value,lkv_decoded as Description from lkv lkv, lku lku where lkv.lku_key=lku.lku_key and lku_type_string_key='Lookup.EBS.SecurityGroup' and lkv_encoded like concat('$Form data.eBusiness Suite Instance Name', '~%')" display-field="Description" save-field="Value"/>
</AttributeReference>
I am not sure why it is not referencing to the attribute. In your blog, it is saying your code is to set process form. But i am trying to create a request using API's. so, I need some code snippet to populate request dataset. Do you think, this will serve both?
Thanks for your help. -
OIM 11g R2 installation Issue. OIM Schema creation failed using RCU 11.1.2
I have been trying to install OIM 11g R2 on a Windows server 2008 R2 64 Bit and have been encountering the following error during the OIM schema creation. The other schemas, such as Metadata, SOA, user messaging services and other associated schema creation was successful. But, the OIM schema creation was taking more than 2 minutes and finally it fails with the below error.
RCU-6130: Action failed
RCU-6135: Error while trying to execute java action.
Components used:
OS: Windows Server 2008 R2 64 Bit
DBS: 11gR2 (11.2.0.1)
RCU: 11.1.2
The first error occured was ora-12637 packet receive failed followed by Table or View does not exist. I could not fetch much information from the oim and rcu.log.
I have set the processes, open_cursors and session_cached_cursors as suggested in the preinstallation step of OIM 11g R2 installation.
Any pointers on this will be highly appreciated.
Thanks,
SriniCopy the msvcr71.dll file from rcuHome\jdk\jre\bin inside rcu installer and paste it in C:\Windows\SysWOW64.
Try running the rcu again with the new user i.e. instead of DEV_OIM, run it with DEV_OIM1.
Or drop the DEV_OIM user first and then use the same user. -
OIM 11g: SAP HRMS User Recon gives error
Hello,
I am using the SAP ER (Employee Reconciliation) connector, version Version: 9.1.2.2. I have upgraded to bundle patch 3 (BP3).
Connectivity to SAP works. I have run the manager recon, org recon and it brought in values.
When I try to reconcile users (using limited reconciliation) from IDOCS, it finds the user, creates a reconciliation event but ignores it. On querying the recon event the reason given for not linking is "Data Validation Failed"
[2011-03-09T11:00:53.088-08:00] [oim1] [NOTIFICATION] [IAM-5010000] [oracle.iam.reconciliation.impl] [tid: OIMQuartzScheduler_Worker-1] [userId: xelsysadm] [ecid: 0000IuRuoQM9d_w_wD0FyW1DTwVJ00000Q,0] [APP: oim#11.1.1.3.0] [dcid: c4ab19921fd287b5:377e40a5:12e9be68f89:-7ffa-0000000000000354] [arg: ignoreEvent Input Data : {Personnel Number=00011070, Street=1775 Milmont Dr, Postal Code=95035, Organization=Xellerate Users, Employee Type=Full-Time, Org Unit=10000037, Country=US, Middle Name=V, Cost Center=, User ID=00011070, City=Milpitas, Group=1, User Type=End-User, Manager ID=10000037, Status=Active, User Created From HRMS=1, Telephone Number=4081233339, District=Cnt#1, Position=00000026, Sub Group=FS, Last Name=Khan, First Name=Salman}] Generic Error/Information: ignoreEvent Input Data : {Personnel Number=00011070, Street=1775 Milmont Dr, Postal Code=95035, Organization=Xellerate Users, Employee Type=Full-Time, Org Unit=10000037, Country=US, Middle Name=V, Cost Center=, User ID=00011070, City=Milpitas, Group=1, User Type=End-User, Manager ID=10000037, Status=Active, User Created From HRMS=1, Telephone Number=4081233339, District=Cnt#1, Position=00000026, Sub Group=FS, Last Name=Khan, First Name=Salman}
On Re-evaluating the event, I see a different error in the logs:
[2011-03-09T13:47:38.646-08:00] [oim1] [ERROR] [IAM-5010006] [oracle.iam.reconciliation.impl] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: 0000IuS_iIo9d_w_wD0FyW1DTxCO0001JD,0] [APP: oim#11.1.1.3.0] [dcid: c4ab19921fd287b5:75438372:12e9c1335ee:-7ffa-0000000000002728] The following exception occurred: {0}[[
oracle.iam.reconciliation.exception.InvalidEventException: Invalid ManagerLogin : 10000037
at oracle.iam.reconciliation.impl.UserHandler.getOrchestrationParams(UserHandler.java:713)
at oracle.iam.reconciliation.impl.UserHandler.create(UserHandler.java:150)
at oracle.iam.reconciliation.impl.UserHandler.applyRule(UserHandler.java:90)
at oracle.iam.reconciliation.impl.UserHandler.process(UserHandler.java:65)
at oracle.iam.reconciliation.impl.ActionEngine.processEvent(ActionEngine.java:193)
at oracle.iam.reconciliation.impl.ActionEngine.processEvent(ActionEngine.java:155)
at oracle.iam.reconciliation.impl.ActionEngine.execute(ActionEngine.java:92)
at oracle.iam.reconciliation.impl.ActionTask.execute(ActionTask.java:73)
at oracle.iam.platform.async.impl.TaskExecutor.executeUnmanagedTask(TaskExecutor.java:100)
at oracle.iam.platform.async.impl.TaskExecutor.execute(TaskExecutor.java:70)
at oracle.iam.platform.async.messaging.MessageReceiver.onMessage(MessageReceiver.java:68)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy467.onMessage(Unknown Source)
at weblogic.ejb.container.internal.MDListener.execute(MDListener.java:466)
at weblogic.ejb.container.internal.MDListener.transactionalOnMessage(MDListener.java:371)
at weblogic.ejb.container.internal.MDListener.onMessage(MDListener.java:328)
at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:4659)
at weblogic.jms.client.JMSSession.execute(JMSSession.java:4345)
at weblogic.jms.client.JMSSession.executeMessage(JMSSession.java:3822)
at weblogic.jms.client.JMSSession.access$000(JMSSession.java:115)
at weblogic.jms.client.JMSSession$UseForRunnable.run(JMSSession.java:5170)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
"Invalid ManagerLogin : 10000037" 10000037 is the org number in the lookup and its corresponding personnel number 00016901 is not being picked up.
There is a known bug that if a user with that personnel number (i.e 00016901) does not exist in OIM 11g then OIM will not insert the record (bug 9688099), so to work around this, I added that personnel number to a user in OIM (USR_UDF_PERSONNEL_NUMBER). Still the same.
Has anyone seen a similar error? Any ideas on what I could be missing? Troubleshooting tips?
Has anyone implemented this version of the connector?
Regards,
Sunny
Edited by: Sunny on Mar 10, 2011 1:50 PMThis turned out to be an Oracle bug.
Bug 9539918 - BOTH MANAGER ID FIELD AND ORG UNIT FIELD IS DISPLAYED WITH ORG UNIT VALUE
This has been fixed in9.1.2.4 version of the connector. Patch11656991
Sunny
Edited by: Sunny on Mar 15, 2011 1:47 PM -
OIM 11g - Restricting the number of resources to one on Request Creation
Hi All,
We have a requirement wherein when a requester tries to create a Provision Resource request type(be it for himself or for others), he shouldn't be allowed to request for more than one resource in a single request. If a user chooses more than one resource, he should be prevented from proceeding further and also a message should be shown to the user indicating that only resource should be chosen for this request.
Can this functionality be achieved in OIM 11g?
Any kind of help or suggestion is greatly appreciated.
Thanks
DeepaI already have an enhancement request for this as the only plugin which Oracle provides for request creation is ValidationHandler. The validation handler is called 'number of resources' X 'number of users' and there is no static construct in the plugin either.
Thus workarounds:
1. Check for multiple resource selection in your SOA Approval process (this should not be at the orchestration level) and reject the request if there are more then one selection.
2. As Kevin pointed out, in 9x xlWebAdmin.properties file can be used to set the following properties for single resource selection during requests. You can try to look for this information oim 11g properties files and test it out. -1 here means no limit.
request.resource.users.size=-1
request.resource.organizations.size=-1
request.resource.resources.size=-1-Bikash -
OIM 11g R2: Delete User UDF fields
Hi all,
I installed and configured OIM 11g R2. In this environment I created an UDF for User entity.
Here the steps that I followed:
- created a sanbox
- opened User Form
- added a custom field named "MyCustomField". The type field is Text.
Now, due to a mistake during UDF creation, I have to delete it.
I found this post (OIM 11gR2 - Unable to remove UDF which describe how to delete an UDF field.
The post gives these instructions:
- export the sandbox
- remove UDF occurences in xml files
- import the sanbox
I followed the instructions and at the and I checked the result: the UDF field does not exist in the User form, but the associated database field still exits in database.
My question is: how I can delete the database filed without create database inconsistency?
Thanks in advance,
DanieleHi Nayan,
I tried to export Users.xml using Depolyment Manager Export, but I the export failed whit this error.
[2012-10-09T10:03:37.366+02:00] [oim_server1] [ERROR] [] [XELLERATE.WEBAPP] [tid: [ACTIVE].ExecuteThread: '7' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: fc578f2854422d44:67bee673:13a2720c2c5:-8000-0000000000015853,0] [APP: oim#11.1.2.0.0] Class/Method: LoadDeploymentUtility/handleExportData encounter some problems: invalid character in name[[
Thor.API.Exceptions.tcAPIException: invalid character in name
at com.thortech.xl.ejb.beansimpl.tcExportOperationsBean.getExportXML(tcExportOperationsBean.java:245)
at Thor.API.Operations.tcExportOperationsIntfEJB.getExportXMLx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused by: oracle.xml.parser.v2.XMLDOMException: invalid character in name
at oracle.xml.util.XMLUtil.validateName(XMLUtil.java:464)
at oracle.xml.parser.v2.XMLDocument.createElement(XMLDocument.java:877)
at com.thortech.xl.ddm.repositories.api.impl.APIRepository.getElementforHashMapAttribute(APIRepository.java:552)
at com.thortech.xl.ddm.engine.visitor.ExportVisitor.visitStarted(ExportVisitor.java:126)
at com.thortech.xl.ddm.engine.data.datatypes.SchemaInstance.traverse(SchemaInstance.java:252)
at com.thortech.xl.ejb.beansimpl.tcExportOperationsBean.export(tcExportOperationsBean.java:281)
at com.thortech.xl.ejb.beansimpl.tcExportOperationsBean.getExportXML(tcExportOperationsBean.java:235)
... 120 more
]]Do you have any other suggestions?
Thanks,
Daniele
Maybe you are looking for
-
How can I reduce (or remove) camera shakes in a video with Premiere Pro CS5???
I want to reduce (or remove) camera shakes in a video with Premiere Pro CS5. Is there an build-in plugin I can use, or do I have to download / buy one? Thanks.
-
WSN 1.2 NI 9792 Security: Initial Setup? Default Username and Password?
Hello, With NI WSN 1.1, using a 9792, I can click the Set Permissions button and if none had been set it would simply ask me for a new administrator password. Now, with NI WSN 1.2, when I click on the Set Permissions button it takes me to the 9792's
-
Imported folder not showing up in Lightroom 4.1
I've imported my photos into Lightroom 4.1, running on Windows 7. My photos are organized by Year, then Month. For example, I imported a directory "2011", which contains all my photos from 2011. There are sub folders for each month, such as "April
-
Can't recall the Airport Express password
I've not been using my base station since Verizon came and installed FIOS and said I shouldn't use the base station in conjunction with their modem/router. I am aware this is not true and will get to that later. Tonight I want to listen to iTunes ove
-
How to unlock a FW external hard drive (la cie) in terminal window
HI, I have a FW external La cie drive that today decided to lock itself and even though i have tried to unlock and repair privileges and reboot and change ownership and permissions, still cant get in. There must be a way in terminal window to unlock