OIM 11g Peoplesoft Roles provisioning issue

Hi All,
We have configured Peoplesoft Connector 9.1.1.6 to provision roles to Peoplesoft through access policy. We are not able to provision multiple roles into Peoplesoft. It just provisions first role to user in peoplesoft and errors when provisioning the other role. The role names are matching in peoplesoft and OIM, pulled into the lookup.
Error on Server :
Running CREATEUSER
Target Class = oracle.iam.connectors.psft.usermgmt.integration.PSFTUMUserProvisi
onManager
PSProperties not loaded from file. Couldn't find file: pstools.properties
<Dec 19, 2011 1:26:54 PM EST> <Warning> <PSFTUM> <BEA-000000> <oracle.iam.connec
tors.psft.usermgmt.integration.PSFTUMUserProvisionManager : createUser : Exclusi
on List Attribute lookup not initialized>
Running MODIFYUSERROLE
Target Class = oracle.iam.connectors.psft.usermgmt.integration.PSFTUMUserProvisi
onManager
PSProperties not loaded from file. Couldn't find file: pstools.properties
Running MODIFYUSERROLE
Target Class = oracle.iam.connectors.psft.usermgmt.integration.PSFTUMUserProvisi
onManager
PSProperties not loaded from file. Couldn't find file: pstools.properties
<Dec 19, 2011 1:26:57 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================>
<Dec 19, 2011 1:26:57 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <oracle.iam.co
nnectors.psft.usermgmt.integration.PSFTUMUserProxyProvisionManager : modifyUserR
ole : Unable to Save user profile>
<Dec 19, 2011 1:26:57 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================
>
<Dec 19, 2011 1:26:57 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================>
<Dec 19, 2011 1:26:57 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <oracle.iam.co
nnectors.psft.usermgmt.integration.PSFTUMUserProxyProvisionManager : errorHandle
r : The value entered in the field does not match one of the allowable values.
You can see the allowable values by pressing the Prompt button or hyperlink.>
<Dec 19, 2011 1:26:57 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================
>
<Dec 19, 2011 1:26:57 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================>
<Dec 19, 2011 1:26:57 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <oracle.iam.co
nnectors.psft.usermgmt.integration.PSFTUMUserProxyProvisionManager : errorHandle
r : An error occurred while changing the value of the field.>
<Dec 19, 2011 1:26:57 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================
>
<Dec 19, 2011 1:26:57 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================>
<Dec 19, 2011 1:26:57 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <oracle.iam.co
nnectors.psft.usermgmt.integration.PSFTUMUserProxyProvisionManager : errorHandle
r : An error occurred while changing the value of the field.>
<Dec 19, 2011 1:26:57 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================
>
Running MODIFYUSERROLE
Target Class = oracle.iam.connectors.psft.usermgmt.integration.PSFTUMUserProvisi
onManager
PSProperties not loaded from file. Couldn't find file: pstools.properties
<Dec 19, 2011 1:26:58 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================>
<Dec 19, 2011 1:26:58 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <oracle.iam.co
nnectors.psft.usermgmt.integration.PSFTUMUserProxyProvisionManager : modifyUserR
ole : Unable to Save user profile>
<Dec 19, 2011 1:26:58 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================
>
<Dec 19, 2011 1:26:58 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================>
<Dec 19, 2011 1:26:58 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <oracle.iam.co
nnectors.psft.usermgmt.integration.PSFTUMUserProxyProvisionManager : errorHandle
r : The value entered in the field does not match one of the allowable values.
You can see the allowable values by pressing the Prompt button or hyperlink.>
<Dec 19, 2011 1:26:58 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================
>
<Dec 19, 2011 1:26:58 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================>
<Dec 19, 2011 1:26:58 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <oracle.iam.co
nnectors.psft.usermgmt.integration.PSFTUMUserProxyProvisionManager : errorHandle
r : An error occurred while changing the value of the field.>
<Dec 19, 2011 1:26:58 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================
>
<Dec 19, 2011 1:26:58 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================>
<Dec 19, 2011 1:26:58 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <oracle.iam.co
nnectors.psft.usermgmt.integration.PSFTUMUserProxyProvisionManager : errorHandle
r : The value entered in the field does not match one of the allowable values.
You can see the allowable values by pressing the Prompt button or hyperlink.>
<Dec 19, 2011 1:26:58 PM EST> <Error> <OIMCP.PSFTUM> <BEA-000000> <=============
=======================================
Any pointers would be appreciated.
Regards,
Ashok

Hi All,
Any pointer.
Regards,
Ashok

Similar Messages

  • OIM 11g R2 Auto Provisioning Issue

    I have reconciled around 9K records into OIM and ran the evaluate user policies to provision them to LDAP.
    Around 8.5K records got provisioned to LDAP, but the others are not getting provisioned.
    I tried running the retry failed orchestrations and the orchestration cleanup and a few more got provisioned.
    Now there are around 300 records which still need to get provisioned. I tried running the evaluate policies again but it is no working.
    Am I missing something that should be done?
    Please suggest what can be done to resolve this

    please make sure that all the required fields / attributes that are needed for the provisioning are filled for the users not getting provisioned. Also check the status of the Account to be provisioned for any unprovisioned user does it state "provisioning"? if so check its history and try to find out the reason.

  • OIM 11g AD Connector Provisioning Issue

    Hi Guys
    i have this problem which just came from nowhere as everything used to work before. Please see below the stacktrace. I have to increase the timeout values on my datasources etc but it keeps failing. My database and everything is in good condition but this problem keeps occurring.
    Running ISADAM
    Target Class = java.lang.String
    Running Get Attribute Map
    Running AD Create User
    Running ISADAM
    Target Class = java.lang.String
    Running GETUSESSL
    Target Class = java.lang.String
    Running CheckUserStatus
    Running GETATTRIBUTEHASH
    Target Class = com.thortech.xl.util.adapters.tcUtilHashTableOperations
    Running Set User Attribute
    Running Set User Expiration Date
    Running ISADAM
    Target Class = java.lang.String
    Running CheckUserStatus
    Running GETPWDEXPIRESATTRIBUTEHASH
    Target Class = com.thortech.xl.util.adapters.tcUtilHashTableOperations
    Running Set Pwd Expires Attribute False
    Running GETATTRIBUTEHASH
    Target Class = com.thortech.xl.util.adapters.tcUtilHashTableOperations
    Running Set User Attributes
    <May 16, 2011 9:23:53 AM WAT> <Warning> <XELLERATE.DATABASE> <BEA-000000> <Exception while trying to get the connection count : 0>
    <May 16, 2011 9:24:14 AM WAT> <Warning> <XELLERATE.DATABASE> <BEA-000000> <Exception while trying to get the connection count : 1>
    <May 16, 2011 9:24:35 AM WAT> <Warning> <XELLERATE.DATABASE> <BEA-000000> <Exception while trying to get the connection count : 2>
    <May 16, 2011 9:25:17 AM WAT> <Error> <XELLERATE.DATABASE> <BEA-000000> <Class/Method: DirectDB/getConnection encounter some problems: Error while retrieving database connection.Please check for the follwoing
    Database srever is running.
    Datasource configuration settings are correct.
    java.sql.SQLException: Unexpected exception while enlisting XAConnection java.sql.SQLException: Transaction rolled back: Transaction timed out after 29 seconds
    BEA1-6F7499AA29E6D0A2F599
    at weblogic.jdbc.jta.DataSource.enlist(DataSource.java:1609)
    at weblogic.jdbc.jta.DataSource.refreshXAConnAndEnlist(DataSource.java:1496)
    at weblogic.jdbc.jta.DataSource.getConnection(DataSource.java:439)
    at weblogic.jdbc.jta.DataSource.connect(DataSource.java:396)
    at weblogic.jdbc.common.internal.RmiDataSource.getConnection(RmiDataSource.java:355)
    at oracle.iam.platform.utils.vo.OIMDataSource.getConnection(OIMDataSource.java:57)
    at com.thortech.xl.util.DirectDB.getConnection(DirectDB.java:200)
    at com.thortech.xl.util.DirectDB.getConnection(DirectDB.java:148)
    at com.thortech.xl.dataaccess.tcDataBase.getConnection(tcDataBase.java:3198)
    at com.thortech.xl.dataaccess.tcDataBase.readPartialStatement(tcDataBase.java:705)
    at com.thortech.xl.dataobj.tcDataBase.readPartialStatement(tcDataBase.java:271)
    at com.thortech.xl.dataaccess.tcDataSet.executeQuery(tcDataSet.java:935)
    at com.thortech.xl.dataobj.tcDataSet.executeQuery(tcDataSet.java:1523)
    at com.thortech.xl.dataaccess.tcDataSet.executeQuery(tcDataSet.java:903)
    at com.thortech.xl.dataobj.tcDataSet.executeQuery(tcDataSet.java:1490)
    at com.thortech.xl.cache.CacheUtil.getSetCachedQuery(CacheUtil.java:250)
    at com.thortech.xl.dataobj.tcDataObj.eventPostUpdate(tcDataObj.java:2262)
    at com.thortech.xl.dataobj.tcScheduleItem.eventPostUpdate(tcScheduleItem.java:742)
    at com.thortech.xl.dataobj.tcDataObj.update(tcDataObj.java:662)
    at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:508)
    at com.thortech.xl.adapterfactory.events.tcAdpEvent.updateSchItem(tcAdpEvent.java:188)
    at com.thortech.xl.adapterfactory.events.tcAdpEvent.finalizeProcessAdapter(tcAdpEvent.java:3529)
    at com.thortech.xl.adapterfactory.events.tcAdpEvent.finalizeAdapter(tcAdpEvent.java:3711)
    at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpADCSCREATEUSER.implementation(adpADCSCREATEUSER.java:105)
    at com.thortech.xl.client.events.tcBaseEvent.run(tcBaseEvent.java:196)
    at com.thortech.xl.dataobj.tcDataObj.runEvent(tcDataObj.java:2492)
    at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(tcScheduleItem.java:2936)
    at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(tcScheduleItem.java:554)
    at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:602)
    at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:474)
    at com.thortech.xl.ejb.beansimpl.tcProvisioningOperationsBean.retryTasks(tcProvisioningOperationsBean.java:3704)
    at Thor.API.Operations.tcProvisioningOperationsIntfEJB.retryTasksx(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
    at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
    at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
    at $Proxy482.retryTasksx(Unknown Source)
    at Thor.API.Operations.tcProvisioningOperationsIntfEJB_4xftoh_tcProvisioningOperationsIntfRemoteImpl.retryTasksx(tcProvisioningOperationsIntfEJB_4xftoh_tcProvisioningOperationsIntfRemoteImpl.java:2683)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:84)
    at $Proxy160.retryTasksx(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:198)
    at $Proxy481.retryTasksx(Unknown Source)
    at Thor.API.Operations.tcProvisioningOperationsIntfDelegate.retryTasks(Unknown Source)
    at com.thortech.xl.webclient.actions.ResourceProfileProvisioningTasksAction.retryTasks(ResourceProfileProvisioningTasksAction.java:698)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:269)
    at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(tcLookupDispatchAction.java:133)
    at com.thortech.xl.webclient.actions.tcActionBase.execute(tcActionBase.java:894)
    at com.thortech.xl.webclient.actions.tcAction.execute(tcAction.java:213)
    at org.apache.struts.chain.commands.servlet.ExecuteAction.execute(ExecuteAction.java:58)
    at org.apache.struts.chain.commands.AbstractExecuteAction.execute(AbstractExecuteAction.java:67)
    at org.apache.struts.chain.commands.ActionCommandBase.execute(ActionCommandBase.java:51)
    at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
    at org.apache.commons.chain.generic.LookupCommand.execute(LookupCommand.java:305)
    at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
    at org.apache.struts.chain.ComposableRequestProcessor.process(ComposableRequestProcessor.java:283)
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:462)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at com.thortech.xl.webclient.security.CSRFFilter.doFilter(CSRFFilter.java:61)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.iam.platform.auth.web.PwdMgmtNavigationFilter.doFilter(PwdMgmtNavigationFilter.java:115)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.iam.platform.auth.web.OIMAuthContextFilter.doFilter(OIMAuthContextFilter.java:100)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    Caused by: weblogic.transaction.TimedOutException: Transaction timed out after 29 seconds
    BEA1-6F7499AA29E6D0A2F599
    at weblogic.jdbc.jta.DataSource.enlist(DataSource.java:1607)
    ... 111 more
    at weblogic.jdbc.jta.DataSource.refreshXAConnAndEnlist(DataSource.java:1515)
    at weblogic.jdbc.jta.DataSource.getConnection(DataSource.java:439)
    at weblogic.jdbc.jta.DataSource.connect(DataSource.java:396)
    at weblogic.jdbc.common.internal.RmiDataSource.getConnection(RmiDataSource.java:355)
    at oracle.iam.platform.utils.vo.OIMDataSource.getConnection(OIMDataSource.java:57)
    at com.thortech.xl.util.DirectDB.getConnection(DirectDB.java:200)
    at com.thortech.xl.util.DirectDB.getConnection(DirectDB.java:148)
    at com.thortech.xl.dataaccess.tcDataBase.getConnection(tcDataBase.java:3198)
    at com.thortech.xl.dataaccess.tcDataBase.readPartialStatement(tcDataBase.java:705)
    at com.thortech.xl.dataobj.tcDataBase.readPartialStatement(tcDataBase.java:271)
    at com.thortech.xl.dataaccess.tcDataSet.executeQuery(tcDataSet.java:935)
    at com.thortech.xl.dataobj.tcDataSet.executeQuery(tcDataSet.java:1523)
    at com.thortech.xl.dataaccess.tcDataSet.executeQuery(tcDataSet.java:903)
    at com.thortech.xl.dataobj.tcDataSet.executeQuery(tcDataSet.java:1490)
    at com.thortech.xl.cache.CacheUtil.getSetCachedQuery(CacheUtil.java:250)
    at com.thortech.xl.dataobj.tcDataObj.eventPostUpdate(tcDataObj.java:2262)
    at com.thortech.xl.dataobj.tcScheduleItem.eventPostUpdate(tcScheduleItem.java:742)
    at com.thortech.xl.dataobj.tcDataObj.update(tcDataObj.java:662)
    at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:508)
    at com.thortech.xl.adapterfactory.events.tcAdpEvent.updateSchItem(tcAdpEvent.java:188)
    at com.thortech.xl.adapterfactory.events.tcAdpEvent.finalizeProcessAdapter(tcAdpEvent.java:3529)
    at com.thortech.xl.adapterfactory.events.tcAdpEvent.finalizeAdapter(tcAdpEvent.java:3711)
    at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpADCSCREATEUSER.implementation(adpADCSCREATEUSER.java:105)
    at com.thortech.xl.client.events.tcBaseEvent.run(tcBaseEvent.java:196)
    at com.thortech.xl.dataobj.tcDataObj.runEvent(tcDataObj.java:2492)
    at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(tcScheduleItem.java:2936)
    at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(tcScheduleItem.java:554)
    at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:602)
    at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:474)
    at com.thortech.xl.ejb.beansimpl.tcProvisioningOperationsBean.retryTasks(tcProvisioningOperationsBean.java:3704)
    at Thor.API.Operations.tcProvisioningOperationsIntfEJB.retryTasksx(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
    at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
    at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
    at $Proxy482.retryTasksx(Unknown Source)

    Hi Rajiv
    I tried that..but eventually the error comes occurs.
    The problem occurs when the connector executes Set User Attributes task. Im not sure what exactly it is setting that causes and where i can look to investigate this.
    Any ideas?

  • OIM 11g R1 Request Template issue

    Hi All,
    We are facing an issue with implementing the Request Management of OIM 11g R1 11.1.1.5 for Create User.
    OIM already provides OOTB CreateUserDataSet.xml and a ‘Create User’ Request Template.
    We have changed(customized) the OOTB CreateUserDataSet.xml at the same location in MDS and have created one our own Request Template – ‘Create Custom’.
    We have also added Attribute Restrictions in the ‘Create Custom’  request template for mandatory fields like – ‘Organization’, ‘User Type’ & ’Design Console Access’.
    The issue we are facing is –“After some time(not immediately) the Request Template gets corrupt and does not open thus rendering the Request Process for Create User inoperable.”
    Below is the the log error of the OIM Web console error after we are trying to open ‘Create Custom’ by clicking on the Request Template.
    <ADF_FACES-60096:Server Exception during PPR, #8
    oracle.iam.platform.utils.MinLimitException: size < minimum limit
                    at oracle.iam.platform.canonic.model.Values.setMinLimit(Values.java:187)
                    at oracle.iam.requesttemplate.agentry.operations.OpenActor.renderAttributeRestrictionsTab(OpenActor.java:829)
                    at oracle.iam.requesttemplate.agentry.operations.OpenActor.prepare(OpenActor.java:198)
                    at oracle.iam.consoles.faces.utils.CanonicUtils.prepareOperation(CanonicUtils.java:169)
                    at oracle.iam.consoles.faces.utils.CanonicUtils.prepareOperation(CanonicUtils.java:179)
                    at oracle.iam.consoles.faces.render.canonic.UICursor$TableActionListener.processAction(UICursor.java:855)
                    at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
    Any help in solving above issue, workarounds or knowing that is it an OIM bug will be greatly helpful.
    Note* I have noticed(through Export) that in a corrupted Request Template the Organization Name that I have restricted to a Constant, has the- Organization Name's Text as value in exported xml. If I change it back to ACT KEY and import it back in OIM the Template is again restored until next corruption
    Thanks already
    Regards,
    Nitin Tewari

    Excellent! Thank you very much!
    Edited by: 958794 on May 22, 2013 10:37 AM

  • OIM 11g R2 - AD provisioning based on Role and Access Policy

    Hi, for Active Direcotry integration i used some prepopulation plugin for populationg resource form (based on http://fusionsecurity.blogspot.sk/2013/01/populating-request-attributes-in-oim.html).
    It's work fine - requested account was fully provisioned.
    Can i use this plugins for Role based provisioning?
    I try to create access policy and associated role but when attached the role to the user and run Evaluate User Policies Job, account can't be provisioned.
    In diagnostic.log i found.....
    [oracle.iam.platform.kernel.impl] [.....] [userId: oiminternal] [.....] [APP: oim#11.1.2.0.0] Immediate consequences are returned with event - InitiatePolicyEvaluationAndProvisioning
    [oracle.iam.platform.kernel.impl] [.....] [userId: oiminternal] [.....] [APP: oim#11.1.2.0.0] Next Waiting child process is ..........6380 sync = false
    [oracle.iam.platform.kernel.impl] [.....] [userId: oiminternal] [.....] [APP: oim#11.1.2.0.0] First Waiting child process is ..........6380
    [oracle.iam.platform.kernel.impl] [.....] [userId: oiminternal] [.....] [APP: oim#11.1.2.0.0] Kernel executing default validation with process id, event id, entity and operation 6,380.0.Resource.ACCESS_POLICY_BASED_PROVISION
    [oracle.iam.platform.kernel.impl] [.....] [userId: oiminternal] [.....] [APP: oim#11.1.2.0.0] Kernel completed the child orchestration - 6380.6379
    [oracle.iam.platform.kernel.dao] [.....] [userId: oiminternal] [.....] [APP: oim#11.1.2.0.0] Inserting records for orchestration cleanup
    [oracle.iam.platform.kernel.impl] [.....] [userId: oiminternal] [.....] [APP: oim#11.1.2.0.0] Completed orchestration with action result - 113

    Hi, all
    I try to fill Access policy Process Form. Account request was created and provisioned when field AD Server and Organization Name was filled in, but pre-population plugin doesn't fired
    The question is.... How can i use pre-population plugin for populating request dataset used with request generated by access policy....
    Is it possible to use plugins for requests generated based on access policy?
    a.

  • OIM 11g giving roles

    Hi all. I'm trying to customize the self-registration feature in such a way. In particular I need that after the self-registration, a user automatically get assigned to a specific role. By default OIM assign to all registered users "ALL USERS" role (not removable). I need, in addition to this role, that after the registration a user automatically get the role "MY_ROLE".
    How can I achieve this goal?
    Thank you in advance,
    Giuseppe.

    Thanks a lot P.K!!! This worked perfectly!!
    As for adding membership rules, I did it as follows: Go to the Web console of the OIM. Go to Administration. Then click on Search Roles. Here select the role which you wish to assign to the user by default who gets assigned in the organization which you checked for in the rule (*For Example: Organization Name == Xellerate Users.*). Here it is Xellerate Users but could be any new organization that you might have created. Then click on the Membership rules tab on the top in the role that you have opened now. In that click on Assign Rules. The window will show the rules that exist in the database. One of them will be the one which you created as per P.K's solution. Select that and click on Assign. Its done!! :D Now whenever a new user will be created in the organization you have checked for, he'll automatically get the role you selected by default along with the ALL USERS role. So if you have an access policy assigned to that role, you can even have auto provisioning to some ldap directory work for you like I did in my case :D :)

  • Business Roles Provisioning - Issue

    Hi All,
    We are on GRC SP13.
    We are using business roles for provisioning.
    When i select "CHANGE ACCOUNT" request type and request for business roles through GRC, roles are being assigned to UserID and everything is working fine.
    Issue is with the notification mail user is getting after provisioning. My notification email has details as shown below.
    Hi Padmavathi Sai,
    The Request number : 453 , has been processed and the Request is Closed. The details are as follows:
    PREDDY User created in XXXXXXX
    XXXXXXXXX Business role assigned to PREDDY
    Kind regards,
    Access Control Administrator
    PREDDY UserID is already available in the target system and user selected change account request type, but notification email says that user is created
    Anyone came across this issue?
    Regards,
    Sai.

    Hi Colleen,
    I am using the standard notification template GRAC_AR_CLOSE.
    Hi %FIRST_NAME% %LAST_NAME% (%USER_ID%),
    The Request number : %REQNO% , has been processed and the Request is
    Closed. The details are as follows:
    %PROVISIONING%
    Kind regards,
    Access Control Administrator
    %PROVISIONING% variable shows mail notification as I have mentioned above
    Can you help me with this?
    Regards,
    Sai.

  • OIM 11g - PeopleSoft Employee Reconciliation 11

    I am trying to create OIM users from incremental (trusted) reconciliation with the new PeopleSoft Employee Reconciliation 11 connector. I get the user created from the PERSON_BASIC_SYNC message. However, they are disabled.
    If I look at the documentation, I see that there is configuration around the Workforce sync message. Is this required now in the 11g connector? Is there anyway to work around this?
    Thanks

    Check your status lookups that are configured around the person message and change the status for what is incoming to Active.
    -Kevin

  • OIM 11g R2 -AD Provisioning Error

    Hi,
    We have configured AD connector server. When we try to provision the user with AD account we get:
    Target Class = oracle.iam.connectors.icfcommon.prov.ICProvisioningManager
    <Nov 14, 2012 10:05:40 PM PST> <Error> <ORACLE.IAM.CONNECTORS.ICFCOMMON.PROV.ICPROVISIONINGMANAGER> <BEA-000000> <oracle.iam.connectors.icfcommon.prov.ICProvisioningManager : createObject : Error while creating user
    java.lang.IllegalArgumentException: Parameter 'name' must not be blank.
    at org.identityconnectors.common.Assertions.blankCheck(Assertions.java:90)
    at oracle.iam.connectors.icfcommon.service.oim9.OIM9Configuration.getConfiguration(OIM9Configuration.java:139)
    I can see that all the mandatory fields are pre-populated except the Unique ID attribute -is this could be the issue, if yes then how do we handle this. I can see there are no events logged at the connector server end for this provisioning process attempt.
    We have reconciled Groups, Organization successfully using connector server.
    Can anyone help on this asap..!
    Thanks

    Unique ID attribute is ObjectGUID which I think would be autogenerated. I can see that my user id , OU and other mandatory attributes are populated on the process form, but still I am facing this issue.
    it is throwing this error soon after CREATEOBJECT is invoked.
    Thanks again

  • OIM 11g - Default role does not exists

    Hey,
    the default role IDENTITY ORGANIZATION ADMINISTRATORS does not exists in my OIM (11.1.1.5.4)
    I need this role to assign an user privileges to create and manage organization.
    Any idea?

    960944 wrote:
    Hey,
    the default role IDENTITY ORGANIZATION ADMINISTRATORS does not exists in my OIM (11.1.1.5.4)
    I need this role to assign an user privileges to create and manage organization.
    Any idea?The following roles were removed in 11.1.1.5.0:
    IDENTITY ORGANIZATION ADMINISTRATORS
    ACCESS POLICY ADMINISTRATORS
    IT RESOURCE ADMINISTRATORS
    GENERIC CONNECTOR ADMINISTRATORS
    REPORT ADMINISTRATORS
    Regards,
    Vladimir

  • OIM 11g - PeopleSoft connector - Future Dated Recon Events

    Hi OIM Experts,
    I am having a problem, processing the future dated events using OIM peoplesoft connector.
    All the current dated, events are getting linked and processed.
    The future dated events in OIM are in deferred state as expected. But after running the "Run Future Dated Reconciliation Events " , the event is not linked to any user, but state changes to data received.
    The user exists in OIM.
    Any ideas on how to resolve this.
    Regards
    Vicky

    Hi Suren,
    1311 - Cause: Status of the batch is not 'Completed'.
    1311 - Event id, when i try to Re-Evaluate event.
    Regards
    Vicky
    Edited by: vicky on Jan 27, 2011 6:27 PM

  • OIM 11g: Create roles automatically

    I would like to create roles in OIM based on a field value (I'm getting this value by connecting to a Database via a GTC).
    Also, once created, the Role should be added to the Self-Assign Role template.
    Ideally, this would be a Scheduled Task that runs periodically to create new roles as they are added.
    Is this possible, and if so, what class should I be using? I've not used the OIM APIs as much so any suggestions would be great.

    Found out that there is a RoleManager API that will allow me to do this.

  • OIM 11g R2 -AD Provisioning -Connector Server side Error

    Hi,
    Following error is thrown on the connector server side when we attempt to provision an AD resource:
    11/15/2012 7:28:50 PM <VERBOSE>: Class-> ActiveDirectoryConnector, Method -> TranslateObjectClass, Message -> Returning the object class: ObjectClass: __ACCOUNT__ and exiting the method
    11/15/2012 7:28:50 PM <INFORMATION>: Class-> ActiveDirectoryConnector, Method -> Create, Message -> Committing the changes and creating the directory entry.
    11/15/2012 7:28:50 PM <ERROR>: Class-> ActiveDirectoryConnector Method -> Create, Message -> Encountered Excetion: Access is denied.
    11/15/2012 7:28:50 PM <ERROR>: Class-> ActiveDirectoryConnector Method -> Create, Message -> Stack Trace: at System.DirectoryServices.Interop.UnsafeNativeMethods.IAds.SetInfo()
         at System.DirectoryServices.DirectoryEntry.CommitChanges()
         at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryConnector.Create(ObjectClass oclass, ICollection`1 attributes, OperationOptions options) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryConnector.cs:line 256
         ConnectorServer.exe Error: 0 : Org.IdentityConnectors.Framework.Common.Exceptions.ConnectorException: Access is denied.
         at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryConnector.Create(ObjectClass oclass, ICollection`1 attributes, OperationOptions options) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryConnector.cs:line 368
         at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.CreateImpl.Create(ObjectClass oclass, ICollection`1 attributes, OperationOptions options) in c:\ADE\aime_icf\icf\framework\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 388
         at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.ConnectorAPIOperationRunnerProxy.Invoke(Object proxy, MethodInfo method, Object[] args) in c:\ADE\aime_icf\icf\framework\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 244
         at ___proxy1.Create(ObjectClass , ICollection`1 , OperationOptions )
         at Org.IdentityConnectors.Framework.Impl.Server.ConnectionProcessor.ProcessOperationRequest(OperationRequest request) in c:\ADE\aime_icf\icf\framework\dotnet\FrameworkInternal\Server.cs:line 609
    Am i missing any connector side configurations here?
    Thanks

    please perform these tests,
    1- check if the reconciliation is working with the same user provided in the connector configurations?
    2- check if the user reconciled can be updated modified through the IDM Admin console?
    after this
    check that you are providing the proper OU for the user to be provisioned?
    check the the Resource History and see where it is failing maybe some required information is missing.
    have you applied the patch 14190610 for AD connector?

  • How to obtain Role name in OIM 11g using API's

    Hello,
    I have a scenario in which I create Role/Group in OIM 11g & it gets provisioned in AD [=works fine] & other part is when i delete role in OIM 11g then it should
    get deleted from AD.I have written postprocess event handler to achieve this.
    In role creation part i get all parameters using "orchestration.getParameters();" , but when i delete role then "orchestration.getParameters();" is empty,so i am
    not able to get role name.
    Is there a way to get role name while deleting roles using API ?
    Thanks,
    Rahul Shah

    Hi Raghav,
    Following is my code :
    tcRODetails = orgOpInterface.getObjects(organizationKey);
    for(int i = 0;i < tcRODetails.getRowCount();i++){
    tcRODetails.goToRow(i);
    // resourceName=AD Group
    if(resourceName.equalsIgnoreCase(tcRODetails.getStringValue("Objects.Name"))&&
    tcRODetails.getStringValue("Objects.Object Status.Status").equalsIgnoreCase("Provisioned")||
    tcRODetails.getStringValue("Objects.Object Status.Status").equalsIgnoreCase("Enabled")) {
    System.out.println("<<<FOUND>>>");
    processKey = tcRODetails.getLongValue("Process Instance.Key");
    provisionObjectKey = tcRODetails.getLongValue("Objects.Key");
    tcProcessSet = oimFormUtility.getProcessFormData(processKey);
    for(int j=0;j<tcProcessSet.getRowCount();j++){
    tcProcessSet.goToRow(j);
    if(grpName.equalsIgnoreCase(tcProcessSet.getStringValue("UD_ADGRP_NAME"))){
    System.out.println("MATCH FOUND!!!!!");
    orgOpInterface.removeObjectAllowed(organizationKey,provisionObjectKey);
    break;
    & i get following error :
    <Mar 22, 2012 1:54:43 PM IST> <Error> <XELLERATE.APIS> <BEA-000000> <Class/Method: tcOrganizationOperationsBean/removeObjectAllowed encounter some problems: Object with key=7 is not already set as an allowed object for Organization with key=1>
    Thanks
    Rahul Shah

  • Steps to enable Automatic provisioning in OIM 11g

    Hi,
    I am trying to configure my OIM 11g to automatically provision the resource into OID.
    I am able to do the provisioning manually but as per my requirement, when I register the user details in OIM the record must be created in OID automatically.
    Can u please mention the steps I must follow for the same.
    Regards

    Hi Pk
    I Checked the task "System Validation" status for the Resource.It was Pending as told I selected Auto Save in the process definition of the resource in design console.
    Now my resource gets provisioned but only when I attach user to the Role created by me. By default user gets attached to the All Users Role.
    What configuration changes should i make so that the user on creation gets attached to custom Role created by me.
    Regards

Maybe you are looking for

  • Scanned items show up in REVERSE order

    HP, please be more desriptive. I read previous posts and still cannot fix. When I scan a 5 page document, 1-5, it shows up on my MAC 10.9 in the order 5-1. One of your posts says in the "Copy" settings on the printer to change to "Collate On", then s

  • Is there a script to download iOS updates?

    I have a Mac and several iOS devices.  I have the Mac Yosemite Server app.  As I understand it, the Cache system will maintain a backup of each iOS update that I download, but since each update seems to be unique for each iOS device, that doesn't do

  • How to install/start local J2EE engine in Netweaver Developer Studido

    Hello, I just installed NDS 2.0.11 and I'm having a heck of a time figuring out how to actually test my code. Went thru tutorial for creating Calculator J2EE sample. When I get to step that describes how to deploy the EAR I get error below. I've gone

  • Which Satellite P300 and P200 have a second HDD connector?

    Hi. Does anyone know which Satellite P200 and P300 laptops have 2 HDD connectors installed? Thanks.

  • Atv not displaying content

    My ATV2 can connect to the network and to my iPad and iPhone, and the video audio works, but the visual is the title page only, won't play the video/movie, only stays on the title page. I know this isn't a technical question as it is connected proper