OIM 11g R2 Membership rules and roles

All,
I have noticed that the NOT operator is not available while creating the membership rules in roles.
Is there any work around for this?
I am planning to write a post process event handler to add the roles if I can't find any other way around this.

You can add elements but that would be difficult to manage. Suppose you have 100 departments and you want exclude Department 1000 then it would be difficult to add Department 1 to Department 999 in your rule.
As of now you can go ahead with your Event handler.
I opened an ER with Oracle long back.

Similar Messages

  • How to use rules and roles in workflow?

    Hi experts,
    I am a beginner in  workflow. Could  any one tell me how to use rules and roles in workflow ?
    Can u pls tell me the steps to follow?
    and more over what are all the <b>important things</b> we have to learn in workflow module ??
    I shall be thankful to u.
    Thanks
    uma

    Hi
    Workflow automates the steps and activities in a business process according to predefined procedures and rules.
    Workflow presents information and documents to the appropriate knowledge worker or agent (another entity such as a program) to make a decision or perform an activity.
    Workflow tracks each and every step in the process flow and maintains an ongoing status.
    Workflow also collects and reports all of the metrics associated with the execution and completion of the process.
    Check the below links u will get lot of info..
    http://www.sap-press.com/product.cfm?account=&product=H950
    Workflow
    http://www.sap-img.com/workflow/sap-workflow.htm
    http://help.sap.com/saphelp_47x200/helpdata/en/a5/172437130e0d09e10000009b38f839/frameset.htm
    For examples on WorkFlow...check the below link..
    http://help.sap.com/saphelp_47x200/helpdata/en/3d/6a9b3c874da309e10000000a114027/frameset.htm
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/PSWFL/PSWFL.pdf
    http://help.sap.com/saphelp_47x200/helpdata/en/4a/dac507002f11d295340000e82dec10/frameset.htm
    http://www.workflowing.com/id18.htm
    http://www.e-workflow.org/
    http://web.mit.edu/sapr3/dev/newdevstand.html
    Go through the following links on FORK :
    http://help.sap.com/saphelp_nw04/helpdata/en/24/e2283f2bbad036e10000000a114084/frameset.htm
    http://help.sap.com/saphelp_nw04/helpdata/en/8d/25f1e7454311d189430000e829fbbd/frameset.htm
    http://help.sap.com/saphelp_46c/helpdata/en/c5/e4a930453d11d189430000e829fbbd/content.htm
    http://www.insightcp.com/res_23.htm
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/BCBMTWFMSTART/BCBMTWFMSTART.pdf
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/BCBMTWFMDEMO/BCBMTWFMDEMO.pdf
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/BCBMTWFMPM/BCBMTWFMPM.pdf
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/PSWFL/PSWFL.pdf
    For more reference on workflow: http://****************/Tutorials/Workflow/Workflow.htm
    http://help.sap.com/saphelp_erp2005vp/helpdata/en/04/9277a346f311d189470000e829fbbd/frameset.htm
    Check these links.
    http://www.sapgenie.com/workflow/index.htm
    /people/ginger.gatling/blog/2005/12/01/link-workflow-business-objects-to-your-collaboration-tasks
    http://help.sap.com/saphelp_nw04/helpdata/en/92/bc26a6ec2b11d2b4b5006094b9ea0d/content.htm
    http://help.sap.com/saphelp_bw33/helpdata/en/92/bc26a6ec2b11d2b4b5006094b9ea0d/content.htm
    http://help.sap.com/saphelp_bw31/helpdata/en/8d/25f94b454311d189430000e829fbbd/content.htm
    http://www.sap-press.com/product.cfm?account=&product=H950
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/PSWFL/PSWFL.pdf
    http://www.workflowing.com/id18.htm
    http://www.e-workflow.org/
    Workflow
    http://www.sap-img.com/workflow/sap-workflow.htm
    http://help.sap.com/saphelp_47x200/helpdata/en/a5/172437130e0d09e10000009b38f839/frameset.htm
    For examples on WorkFlow...check the below link..
    http://help.sap.com/saphelp_47x200/helpdata/en/3d/6a9b3c874da309e10000000a114027/frameset.htm
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/PSWFL/PSWFL.pdf
    http://help.sap.com/saphelp_47x200/helpdata/en/4a/dac507002f11d295340000e82dec10/frameset.htm
    http://www.workflowing.com/id18.htm
    http://www.e-workflow.org/
    http://web.mit.edu/sapr3/dev/newdevstand.html
    http://www.sap-img.com/workflow/sap-workflow.htm
    http://help.sap.com/saphelp_47x200/helpdata/en/a5/172437130e0d09e10000009b38f839/frameset.htm
    For examples on WorkFlow...check the below link..
    http://help.sap.com/saphelp_47x200/helpdata/en/3d/6a9b3c874da309e10000000a114027/frameset.htm
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/PSWFL/PSWFL.pdf
    http://help.sap.com/saphelp_47x200/helpdata/en/4a/dac507002f11d295340000e82dec10/frameset.htm
    http://www.workflowing.com/id18.htm
    http://www.e-workflow.org/
    http://web.mit.edu/sapr3/dev/newdevstand.html
    Workflow tutorials with step-by-step and with screenshots are available at http://www.****************/Tutorials/Workflow/Workflow.htm
    http://help.sap.com/saphelp_erp2005vp/helpdata/en/42/c14a9b55103116e10000000a1553f7/frameset.htm
    http://help.sap.com/saphelp_erp2005vp/helpdata/en/c5/e4a930453d11d189430000e829fbbd/frameset.htm
    http://www.sapgenie.com/workflow/
    http://www.sap-img.com/workflow/sap-workflow.htm
    http://help.sap.com/saphelp_47x200/helpdata/en/3d/6a9b3c874da309e10000000a114027/frameset.htm
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/PSWFL/PSWFL.pdf
    http://help.sap.com/saphelp_47x200/helpdata/en/4a/dac507002f11d295340000e82dec10/frameset.htm
    http://www.sap-basis-abap.com/wf/sap-business-workflow.htm
    https://forums.sdn.sap.com/click.jspa?searchID=791580&messageID=2857887
    https://forums.sdn.sap.com/click.jspa?searchID=791580&messageID=2855919
    https://forums.sdn.sap.com/click.jspa?searchID=791580&messageID=2735228
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/BCBMTWFMSTART/BCBMTWFMSTART.pdf
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/BCBMTWFMDEMO/BCBMTWFMDEMO.pdf
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/BCBMTWFMPM/BCBMTWFMPM.pdf
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/PSWFL/PSWFL.pdf
    Debug a workflow.
    This has a step by step procedure :
    http://fuller.mit.edu/workflow/debugging.pdf
    www.erpgenie.com/sap/workflow/debugging.htm
    http://www.erpgenie.com/workflow/debugging.htm?2b5de440
    Workflow tutorials with step-by-step and with screenshots are available at
    http://www.****************/Tutorials/Workflow/Workflow.htm
    http://www.sapgenie.com/workflow/
    http://www.sap-img.com/workflow/sap-workflow.htm
    http://help.sap.com/saphelp_47x200/helpdata/en/3d/6a9b3c874da309e10000000a114027/frameset.htm
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/PSWFL/PSWFL.pdf
    http://help.sap.com/saphelp_47x200/helpdata/en/4a/dac507002f11d295340000e82dec10/frameset.htm
    http://www.workflowing.com/id18.htm
    http://www.e-workflow.org/
    http://web.mit.edu/sapr3/dev/newdevstand.html
    http://www.sap-basis-abap.com/wf/sap-business-workflow.htm
    https://forums.sdn.sap.com/click.jspa?searchID=791580&messageID=2857887
    https://forums.sdn.sap.com/click.jspa?searchID=791580&messageID=2855919
    https://forums.sdn.sap.com/click.jspa?searchID=791580&messageID=2735228
    http://www.sapbrain.com/TUTORIALS/TECHNICAL/WORKFLOW_tutorial.html
    Regarding Work Flow   
    work flow scenarios.
    1. applying for a leave.
    2. approval process.
    3. material creation process.
    4. mainly work flow is for notification purpose.
    chk this links
    http://help.sap.com/saphelp_erp2005/helpdata/en/fb/135962457311d189440000e829fbbd/frameset.htm
    http://help.sap.com/saphelp_erp2005/helpdata/en/c5/e4a930453d11d189430000e829fbbd/frameset.htm
    Workflow
    http://www.sap-img.com/workflow/sap-workflow.htm
    http://help.sap.com/saphelp_47x200/helpdata/en/a5/172437130e0d09e10000009b38f839/frameset.htm
    For examples on WorkFlow...check the below link..
    http://help.sap.com/saphelp_47x200/helpdata/en/3d/6a9b3c874da309e10000000a114027/frameset.htm
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/PSWFL/PSWFL.pdf
    http://help.sap.com/saphelp_47x200/helpdata/en/4a/dac507002f11d295340000e82dec10/frameset.htm
    http://www.workflowing.com/id18.htm
    http://www.e-workflow.org/
    http://web.mit.edu/sapr3/dev/newdevstand.html
    http://www.erpgenie.com/workflow/index.htm
    http://www.sap-basis-abap.com/wf/sap-business-workflow.htm
    http://www.insightcp.com/res_23.htm
    A good tutorial
    http://www.thespot4sap.com/articles/Invoice_Verification_Automation_Using_SAP_Workflow.asp
    http://www.sap-basis-abap.com/wf/sap-business-workflow.htm
    /people/alan.rickayzen/blog
    /people/jocelyn.dart/blog/2006/06/19/why-use-abap-oo-with-workflow
    a good book
    http://www.sap-press.com/product.cfm?account=&product=H950
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/PSWFL/PSWFL.pdf
    http://help.sap.com/saphelp_47x200/helpdata/en/4a/dac507002f11d295340000e82dec10/frameset.htm
    http://www.sap-press.com/downloads/h950_preview.pdf
    Check the following PDF
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/BCBMTWFMSTART/BCBMTWFMSTART.pdf
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/BCBMTWFMDEMO/BCBMTWFMDEMO.pdf
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/BCBMTWFMPM/BCBMTWFMPM.pdf
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/PSWFL/PSWFL.pdf
    also seach the workflow forum: SAP Business Workflow
    Regards
    Anji

  • OIM 11g R2 - Creating a new role using API

    Hi,
    I am trying to create a new role in OIM 11g R2 using RoleManager API.The requirement is to provide "Role Owner" also while creating the role.May I know how to do that?.Thanks in advance.

                        HashMap <String, String> groupMap = new HashMap <String, String> ();
                        groupMap.put("Groups.Group Name", groupName);
                        groupMap.put("Groups.Role Description", "Just for testing");
                        long groupKey = -1L;
                        try {
                                groupKey = goi.createGroup(groupMap);
                                logger.info("RESULT: Group with group_key '" + groupKey
                                                + "' has been successfully created");
                        } catch (tcAPIException e) {
                                logger.info("Creating client...."+e);
                        } catch (tcDuplicateGroupException ex) {
                             return getGroupKey(goi, groupName);
                                //logger.info(""+ex.toString());
                        } catch (tcInvalidAttributeException er) {
                                logger.info(""+er.toString());
    I hope this really helps you,
    Thiago Leoncio.
    (Blog: thiagoleoncio)

  • OIM 11g-How to restrict the role administrator from seeing "other" roles

    Dear All,
    How to restrict Administrator from seeing roles he is not suppose to administer?
    My administrator is suppose to assign only Role A. When he logs in He can see every single role. How to correct it so that he can see only Role A?
    Thank you for your time
    Maria

    Modify "All User Role Management Policy"

  • OIM 11g R2 Available Roles For Organizations Is Empty After XML Import

    Hi,
    When we exported Organizations in OIM via Deployment Manager and imported them back, available roles on Organizations are gone.
    To be exact; Hierarchical role assignments are gone, which are done using "include-sub-orgs" check while putting organizations to Roles.
    To understand the problem,
    We took a single organization, exported it, changed only organization name in the XML and imported it back. The results are the same.
    We included every possible dependency in the xml to see if this was the issue, apparently it wasn't.
    Furthermore,
    On the Role screens' Available Organization's tab, when we check the "include sub orgs" box, it works fine on manually added organizations. They are shown on Available Roles for the Organizations.
    But this doesn't work on imported organizations.
    Is there a trick to this in R2?
    How can we export-import the organizations and still see the available roles?
    Thanks,
    Erdogdu

    Hi All
    Any updates please . Can any one just update whether creating a custom attribute on User Profile adds the attribute in the list of attributes for membership rules for roles .
    Thanks
    Darshan

  • Restricting administrator tab to user created with default role OIM 11g R2

    Hi,
    I have a query, if we create a user in OIM 11g R2 without any admin role and then login to Self Service screen (Identity) with the newly created user, we can see the Administration Tab is visible to the user.
    Is this mean that by default user is having admin role assigned to him to do some of the admin activities.
    Please let me know how to control this behavior and not to show the Administration tab to the user until and unless he is having some admin roles assigned to him.
    Please help.

    You can hide Administration tab for normal users using EL's. By default users will get this tab when they login to identity console even though admin role is not assigned to them. But if you do any operation on any users, request will be raised accordingly.
    Check this link to configure EL's http://docs.oracle.com/cd/E27559_01/dev.1112/e27150/uicust.htm#autoId18

  • OIM synchronization organize information and role information

    How to use the OIM to synchronization organize information and role information from the Oracle database?
    thanks!

    Can you explain little bit about your use case ?

  • SOAP API integration problem with OIM 11g R1

    Hi,
    We're facing a problem when we are attempting to provision for a third party Web Service application in OIM 11g R1.
    During development and test running in an IDE environment, JDeveloper, the soap wsdl requests are triggered and a response is received successfully. However, when we shift the work and integrate it with OIM using design console, there seems to be an error indicating an invalid wsdl location. We have used the super class Exception, in try-catch block for handling of the exceptions. Please see the log message.
    Xl Home Dir :/oracle/Middleware/Oracle_IDM1/server
    Running CREATEUSERTASK
    Target Class = org.identityconnectors.Provisioning.QuickShareUserProvisioning
    URL : XXXXX
    User ID : XXXX
    Password : XXXX
    ERROR: Invalid wsdl location robi/XXXX_saved_wsdl.wsdl
    When we simply run the jar file from the command line, it gives us, java.lang.NoClassDefFoundError: javax/xml/rpc/Service
    [oracle@idmlab JavaTasks]$ java -jar archive1.jar
    URL : XXXXX
    User ID : XXXX
    Password : XXXX
    Exception in thread "main" java.lang.NoClassDefFoundError: javax/xml/rpc/Service
    at java.lang.ClassLoader.defineClass1(Native Method)
    at java.lang.ClassLoader.defineClassCond(ClassLoader.java:631)
    at java.lang.ClassLoader.defineClass(ClassLoader.java:615)
    at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:141)
    at java.net.URLClassLoader.defineClass(URLClassLoader.java:283)
    at java.net.URLClassLoader.access$000(URLClassLoader.java:58)
    at java.net.URLClassLoader$1.run(URLClassLoader.java:197)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
    at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
    at org.identityconnectors.Provisioning.QuickShareUserProvisioning.createUser(QuickShareUserProvisioning.java:41)
    at org.identityconnectors.Provisioning.QuickShareUserProvisioning.main(QuickShareUserProvisioning.java:215)
    Caused by: java.lang.ClassNotFoundException: javax.xml.rpc.Service
    at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
    at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
    ... 14 more
    Any help or suggestion, appreciated!
    Thanks
    Tamim Khan

    Hi Kevin,
    Thanks a lot for the response. But, when i deployed the composite SAR in to the server from Jdeveloper, i checked the option to "Overwrite any existing composite with same revision ID". SO, i used the same revision ID (Say 1.0), will this also need to be disabled?
    Thanks,
    Srini

  • OIM 11G, DSML integration failing  with null pointer exception

    Hi,
    we are facing the similar probelm while sending a request from TIBCO BW to OIM 11G (Which is weblogic)
    The below request from TIBCO is not working and thowing a NULL POINTER EXCEPTION
    <?xml version="1.0" encoding="UTF-8"?>
    <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
    <SOAP-ENV:Header>
    <ns:OIMUser xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns="http://xmlns.oracle.com/OIM/provisioning" xmlns:ns0="http://schemas.xmlsoap.org/soap/envelope/">
    <ns:OIMUserId>xelsysadm</ns:OIMUserId>
    <ns:OIMUserPassword>Welcome123</ns:OIMUserPassword>
    </ns:OIMUser>
    </SOAP-ENV:Header>
    <SOAP-ENV:Body>
    <ns0:processRequest xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns0="http://xmlns.oracle.com/OIM/provisioning">
    <sOAPElement xmlns="">
    <ns:modifyRequest xmlns:ns="urn:oasis:names:tc:SPML:2:0" xmlns:ns0="http://schemas.xmlsoap.org/soap/envelope/" returnData="data">
    <ns:psoID ID="Users:21"/>
    <ns:modification name="Users.User ID" operation="add">
    <ns:value>Richard1</ns:value>
    </ns:modification>
    </ns:modifyRequest>
    </sOAPElement>
    </ns0:processRequest>
    </SOAP-ENV:Body>
    </SOAP-ENV:Envelope>
    But if we change the <sOAPElement xmlns=""> to <sOAPElement> (removing the empty namespace) we can able to fire this soap.
    Could you please let me know are there any patch, workaround for this issue.
    Thanks
    Madhu

    I don't think OIM 11g supports DSML profile and may be that's the reason you are getting NPE.
    See: http://docs.oracle.com/cd/E14571_01/doc.1111/e14309/spmlapi.htm#CHDCBJAI
    It states:
    "SPML has two profiles: the XSD profile and the DSML profile. This release of Oracle Identity Manager makes use of the XSD profile."

  • OIM 11g R2 - Developing ManagedBean

    Hi all,
    I'm very very newbie about ADF.
    I'm trying to develop a ManagedBean to show components on OIM web interface conditionally. I found this doc http://docs.oracle.com/cd/E27559_01/dev.1112/e27150/uicust.htm#BABFFACA and I followed the tutorial.
    My requirement is exactly the one explained in chapter "*30.10.5.1 Showing Components Conditionally*" (http://docs.oracle.com/cd/E27559_01/dev.1112/e27150/uicust.htm#BABFAEIE), but I have a problem: at steps 2 and 3, when I try to use FacesUtils class methods "+partialRender+" and "+getListBindingValue+" I get and error. It seems that the auto imported class oracle.iam.ui.platform.utils.FacesUtils does not have these methods.
    I try to look for other jars on OIM server containing the class FacesUtils, but without success.
    I searched on the web and I found this doc http://docs.oracle.com/cd/E27559_01/dev.1112/e27150/facesutils.htm talking about FacesUtils class in OIM 11g R2 (my version) and in the code snippet provided I can find the methods mentioned above.
    To workaround the problem, I created a class FacesUtils in my project (copying the java code snippet provided in the last document) and use it in my ManagedBean, but which is the right solution? I mean where can I find the library containing the correct FacesUtils class?
    Thanks in advance,
    Daniele

    Hi guys,
    sorry for the wrong information....There isn't any jar named ADFSpyke.jar in the original oracle.iam.ui.custom-dev-starter-pack.war.
    In mine it was there because a colleague create it without tell me.
    Sorry again for the mistake.
    P.S. Anyway if you need the FacesUtils class, you can create it copying it from here http://docs.oracle.com/cd/E27559_01/dev.1112/e27150/facesutils.htm (as mentioned in my first post)
    To workaround the problem, I created a class FacesUtils in my project (copying the java code snippet provided in the last document) and use it in my
    ManagedBean, but which is the right solution? I mean where can I find the library containing the correct FacesUtils class?Bye
    Daniele

  • OIM 11g: Issue while evaluating rule for Role Membership

    Hello All,
    I have configured few General Rules using 2 of our User Defined Fields, these general rules are used to determine role membership.
    What we observed that once "Identity Status" attribute is set to "Disabled" for OIM User Profile then OIM stops evaluating these configured General Rules for Role Membership.
    Env Details:
    Product Version: Oracle Identity Manager 11.1.1.5.0
    App Server: WebLogic Server Version: 10.3.5.0
    OS: Red Hat Enterprise Linux Server release 5.5
    Database: Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64 bit
    Please let me know if any of you have encounter this issue and if there is any workaround available for it.
    Thanks,
    Shyam

    Re: OIM11g: Resource not revoked if the Identity Status is DISABLED
    XL.EvaluateMembershipForInactiveUser
    Workaround:
    You can make you of Event Handler and assign that group with APIs.

  • Rule based Role membership in OIA is not pushing to OIM

    Hi All,
    Rule based Role membership in OIA is not pushing to OIM due to error as
    00:01:38,055 DEBUG [DBIAMSolution] Group Role container for JDE.JDE_BHRUSRTT found...
    00:01:38,144 ERROR [DBIAMSolution] Error Occured while adding users to role
    Thor.API.Exceptions.tcAPIException: Error occurred while find User information: USER_NOT_FOUND
    at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:234)
    at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:348)
    at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:259)
    at Thor.API.Operations.tcGroupOperationsIntf_13pobh_tcGroupOperationsIntfRemoteImpl_1035_WLStub.getAllMemberUsersx(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
    at $Proxy396.getAllMemberUsersx(Unknown Source)
    at Thor.API.Operations.tcGroupOperationsIntfDelegate.getAllMemberUsers(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Meth
    Any one can help will be appreciate...
    Thanks
    Bikas
    Edited by: Bikas Mandal on Mar 27, 2013 6:15 AM

    Try these steps and let me know what you see:
    Login to OIA > Administration > Configuration > Workflows
    Select Role membership create workflow
    And check if you have added OIM provisioning server in the Step5 of the workflow.
    Cheers,
    Vamsi.

  • Regarding Authorization policy and Roles in OIM 11g

    Hi,
    In OIM 11g Admin interface, is there a way to find out what all authorization polices, a role has been assigned to ?.
    I am asking this because, if you search for a user, you will know what all roles he is a member of, and similarly if you search for a role, you will know who all users are members of that role.
    Similarly, if you search for a Authorization policy, you will know what are roles are assigned to this policy. But if I search for a role, I am not able to find what all authorization policies has been assigned to this role.
    Looking forward to hearing from you,
    Many thanks in advance

    I understand your concern. But, this feature has not been available
    --nayan                                                                                                                                                                                   

  • Role management in OIM 11g.

    Hi All,
    I am working on OIM 11g PS1.
    In this I want to give some of the users in OIM ability to manage the roles in OIM and view and modify the role and role membership.
    For this the simplest way is to add the user to role 'Role Administrators'.
    Now when I login with user, then this user is able to modify the role, view hierarchy, view and modify membership rule, Data Object permissions but when clicks on 'Members' tab then it throws the error and does not show the members and same error comes when it tries to assign new users in role.
    The same behavior happens for the role owner as well. When the role owner of a role logs in and try to view the members of its own role the same things happens. I have pasted the error below:
    Please suggest if anyone else has come across this issue and is there any step that I may be missing in my configuration.
    The error that comes on GUI:
    "ADF_FACES-60097: For more information, please serr the server's error log for an entry beginning with: ADF_FACES-60096:Server Exception during PPR, #8"
    Error in Weblogic logs:
    "<Dec 1, 2011 10:34:48 AM EST> <Warning> <oracle.adfinternal.view.faces.lifecycle.LifecycleImpl> <BEA-000000> <ADF_FACES-60098:Faces lifecycle receives unhandled excepti
    ons in phase INVOKE_APPLICATION 5
    javax.el.ELException: java.lang.NullPointerException
    at com.sun.el.parser.AstValue.invoke(Unknown Source)
    at com.sun.el.MethodExpressionImpl.invoke(Unknown Source)
    at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcastToMethodExpression(UIXComponentBase.java:1300)
    at org.apache.myfaces.trinidad.component.UIXShowDetail.broadcast(UIXShowDetail.java:154)
    at oracle.adf.view.rich.component.rich.layout.RichShowDetailItem.broadcast(RichShowDetailItem.java:192)
    at oracle.adf.view.rich.component.fragment.UIXRegion.broadcast(UIXRegion.java:148)
    at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:102)
    at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:92)
    at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:361)
    at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:96)
    at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:96)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.broadcastEvents(LifecycleImpl.java:902)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:313)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:186)
    at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.help.web.rich.OHWFilter.doFilter(Unknown Source)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:106)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
    at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177)
    at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.iam.platform.auth.web.PwdMgmtNavigationFilter.doFilter(PwdMgmtNavigationFilter.java:121)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.iam.platform.auth.web.OIMAuthContextFilter.doFilter(OIMAuthContextFilter.java:107)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:175)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
    at java.security.AccessController.doPrivileged(Native Method)
    at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
    at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
    at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
    at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
    at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    Caused By: java.lang.NullPointerException
    at oracle.iam.consoles.rolemgmt.utils.PagingUtils.addPagedRoleMembersData(PagingUtils.java:199)
    at oracle.iam.consoles.rolemgmt.tf.details.RoleDetailsBean.initializeRoleMembers(RoleDetailsBean.java:652)
    at oracle.iam.consoles.rolemgmt.tf.details.RoleDetailsBean.loadRoleMembersTab(RoleDetailsBean.java:521)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.sun.el.parser.AstValue.invoke(Unknown Source)
    at com.sun.el.MethodExpressionImpl.invoke(Unknown Source)
    Thanks,
    Sneha

    Hi,
    I found the resolution for this, so I thought I would share it here with everyone.
    I role owners or any user in role "Role Administrators" were not able to view the members of the role though they had the authorization policies enabled and everything setup.
    To enable the view of role membership please follow the steps below:
    1. Login as XELSYSADM
    2. Goto Administration and search for the org which the users are assigned to
    3. Open the org details
    4. Click "Administrative Roles"
    5. Click "Assign"
    6. Choose either "ALL USERS" or your role which you created, set the permissions as you wish and click "Assign"
    This will really solve the issue.
    Thanks,
    Sneha.

  • Membership Rule in OIM

    i want to create a membership rule that would encapsulate my business logic but not auto-assign a role to a user. basically, looking to execute the rule via the OIM apis and have it provide back a boolean response.
    is this possible?
    thanks

    Don't think so, why not have the business logic put into the java client itself. There are multiple ways there to make it generic and configurable at java end. If you are on 11g then probably try using the Business Rules feature of BPM which comes shipped with BPEL in 11G. You can have java clients for Oracle Business Rules and that would plug into OIMs framework too.
    -Bikash

Maybe you are looking for

  • How to save a JPG in 256 colors?

    I'm using Photoshop CS2. 1. How to save a JPG in 256 colors? 2. Is there a way to see an image properties? -- I want to know if that image is in 256 color or not...

  • Where to buy a ADC to VGA adaptor

    Im looking for one to pick up at a store. Does anyone know who might carry a ADC to VGA adaptor?

  • Changing computer that syncs apple tv w/out having to delete all media

    I just bought a new computer and want to use the new computer to sync without having to erase and recopy everything on the apple tv, which would take days given the amount of media I have. All of the media that I have on itunes and sync with my Apple

  • Type mismatch errors in 10g

    I have migrated an 8i database to 10g 10.2.0.3. I am getting a compile error on a procedure which is now INVALID referencing a package which compiles ok and is VALID. The compile error I get on the procedure is: PLS-00386: type mismatch found at 'PIO

  • Moving Folders to PSE 8

    How do you move folders of pictures (not in other versions of PSE) to PSE 8. I am able to convert catalogs, however I don't know how to simply import all the pictures I have in folders to PSE. Thank you so much for any help. Una