OIM 11gR2 : Retrieve status of task
Hello Experts,
I have successfully provisioned a user to AD and also a group to AD.
When the user gets provisioned, then a task called Create User runs in the AD User process definition and when a group gets provisioned, then a task called Create Group runs in the AD Group process definition.
In the case of successful provisioning, the task returns a successful response code i.e. C.
I have a situation in which i want to retrieve the response codes for these tasks in my code. Eg : When a user gets provisioned to AD, i want to fetch the successful response code of the Create User task of AD User process definition in my code i.e. through OIM APIs.
Kindly help me out.
Hello Experts,
I have successfully provisioned a user to AD and also a group to AD.
When the user gets provisioned, then a task called Create User runs in the AD User process definition and when a group gets provisioned, then a task called Create Group runs in the AD Group process definition.
In the case of successful provisioning, the task returns a successful response code i.e. C.
I have a situation in which i want to retrieve the response codes for these tasks in my code. Eg : When a user gets provisioned to AD, i want to fetch the successful response code of the Create User task of AD User process definition in my code i.e. through OIM APIs.
Kindly help me out.
Similar Messages
-
OIM 11gR2- Approved Requests remain in Operation Initiated Status
Hi,
We are using OIM 11gR2 and we are seeing the following behaviour whenver we request for Application Instance
1) End User logs in and requests for Application Instance.
2) The request is created and assigned to the manager for approval.
3) Manager logs in and approves the request.
4) The Requested resource is assigned to the user and the status of the resource is Provisioned. All the tasks in the Resource History are in Completed status.
5) If we see the status of the request, it remains in Operation Initiated status.
We expect the status of the Request to be Request Completed and not remain in Operation Initiated. We are sending a mail notification to the manager once resource is provisioned.
If we remove the notification part, the status of the Request is coming as Request Completed as expected. However with notification getting triggered we are getting problem.
Please suggest a solution.
Thanks and Regards,
Mayuri
Edited by: 943112 on Mar 11, 2013 7:09 AMUsually after the request is approved and if there is any pending task in provisioning it goes to 'Post Operation Processing Initiated' status. If 'Task to Object Status' mapping is not done properly the request stays in the same status even though all the tasks are completed.
check this link for various request status
http://docs.oracle.com/cd/E27559_01/user.1112/e27151/req_mangmnt_user.htm#BGBGIIDH
In your case it is going to 'Operation Initiated' status when notification is attached. Can you tell where have you triggered notification? In SOA approval task or in Provisioning process? If it is in SOA check whether proper status is returned to the callback webservice after that. Else if it is in provisioning check for task object status mapping. -
There is an approval workflow in my current 10g environment, where approval is assigned to a particular user after running a task assignment adapter. The java code inside my task assignment adapter has the logic which gives the approver key as output. Based on this the task is assigned to that particular approver. In OIM 11gr2 since the approval workflow happens in SOA side how can i perform my java logic there and route the approval based on that. Thanks.
You can obtain user key either using expression rules or if logic is complex, you can use java embedding task to add your java code inside composite. Refer link here:
http://docs.oracle.com/cd/E21764_01/doc.1111/e14309/soa_api.htm
Check section: 26.2.3 Updating the SOA Composite
regards,
GP -
Hello all,
I'm trying to set up an OIM 11gR2 instance to work with Active Directory with the Active Directory 11.1.1.5.0 connector. I've full installed both OIM and AD on separate servers, and I've installed the AD 11.1.1.5 connector on OIM. I have configured Active Directory properly (connector on OIM and the connector server on the AD server-side), and have set up the two IT Resources on OIM. I can run, for example, the Active Directory Organization Lookup Recon job and have it return results in the Lookup window.
My problem is that I cannot get it to provision to a user. I've created an Application Instance and Form for Active Directory, attached the Form, associated them with the appropriate resources (AD User), and added them to the Catalog, and then gone through the process of adding an account to the user, selecting the Application Instance, adding it to the cart, checking out, filling out the fields (Password, User ID, UPN, First Name, Last Name, Common Name, and Organization Name), and then submitting the request. This is all done as the xelsysadm admin user, but it still results with the account stuck on "Provisioning" because the "Create User" task failed due to a Connector Error (the reason stated is just a repeat of "Create Object" failed).
Anyone know what I'm missing here?
Thank you!
Edited by: 939908 on Nov 12, 2012 6:36 AMHey 833249, thanks for your reply
The organization field attribute is filled in correctly, in that the OU I selected exists in AD.
These are the errors listed in the connector server log:
+11/9/2012 9:07:07 PM <ERROR>: Class-> ActiveDirectoryUtils Method -> GetDirectoryEntry, Message -> Exception occured during the creation of directory entry.+
+11/9/2012 9:07:07 PM <ERROR>: Class-> ActiveDirectoryUtils Method -> GetDirectoryEntry, Message -> Exception Message : Logon failure: unknown user name or bad password.+
+11/9/2012 9:07:08 PM <ERROR>: Class-> ActiveDirectoryUtils Method -> GetDirectoryEntry, Message -> Exception Stack Trace : at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)+
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_NativeObject()
at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryUtils.GetDirectoryEntry(String path, ActiveDirectoryConfiguration configuration) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryUtils.cs:line 1423
+11/9/2012 9:07:08 PM <ERROR>: Class-> ActiveDirectoryConnector Method -> Create, Message -> Encountered Excetion: Unable to get the Directory Entry+
+11/9/2012 9:07:08 PM <ERROR>: Class-> ActiveDirectoryConnector Method -> Create, Message -> Stack Trace: at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryUtils.GetDirectoryEntry(String path, ActiveDirectoryConfiguration configuration) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryUtils.cs:line 1456+
at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryUtils.DirectoryEntryExists(String path) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryUtils.cs:line 1512
at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryConnector.Create(ObjectClass oclass, ICollection`1 attributes, OperationOptions options) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryConnector.cs:line 219
ConnectorServer.exe Error: 0 : Org.IdentityConnectors.Framework.Common.Exceptions.ConnectorException: Unable to get the Directory Entry
at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryConnector.Create(ObjectClass oclass, ICollection`1 attributes, OperationOptions options) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryConnector.cs:line 368
at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.CreateImpl.Create(ObjectClass oclass, ICollection`1 attributes, OperationOptions options) in c:\ADE\aime_icf\icf\framework\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 388
at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.ConnectorAPIOperationRunnerProxy.Invoke(Object proxy, MethodInfo method, Object[] args) in c:\ADE\aime_icf\icf\framework\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 244
at ___proxy1.Create(ObjectClass , ICollection`1 , OperationOptions )
at Org.IdentityConnectors.Framework.Impl.Server.ConnectionProcessor.ProcessOperationRequest(OperationRequest request) in c:\ADE\aime_icf\icf\framework\dotnet\FrameworkInternal\Server.cs:line 609
I'm not sure why the username/password error could be occurring, as those fields in the AD IT Resource are correct (I've run AD recon jobs that have connected properly). Is there something I'm missing? -
Pre populate adapter in OIM 11gr2 not triggered in database
Hello,
Folowing is the steps for creation of pre populated adapter in OIM
** we have created one form in OIM which is provisioned to Database**
Steps
· Installed GTC connector for Database Web App 9.*
· Created new user and Table in Database
· Created IT resource for Database
· Created Sandbox, App Instance and Form, published sandbox
· Started catalog synchronization job scheduler
· Created user and and request account to app instance.
* select application instance to catalog and checkout.
** we have created adapter as per the following link
http://idmrockstar.com/blog/2009/08/how-to-create-a-prepopulate-adapter-in-oim/
create a pre populated adapter that will populate the firstname of user in email using java class
source code:
public class AdapterClass{
public String email( String fname )
return fname;
Steps:
1) In the design console I have open the Adapter Factory and create a new adapter name :firstname
adapter type: pre-populate rule generator
click on save
2) select variable list tab:
variable name:Firstname
type:String
Map to : Resolve at runtime
click on save
3) select Adapter Task tab
* click add and select logical task
* select SET VARIABLE and click continue
* Operand Type:variable
* Operand Qualifier : FIrstname
click save and save the adapter
4) compile the java class into jar file and move the jar file into OIM_HOME\server\JavaTasks
5)Create a new Adapter with the following"
Adapter name:Email
Adapter type: Pre-populate rule Generator
click save
6) select variable list tab:
variable name: var1
Type:String
Map to:Resolve at runtime and click save
7) select Functional Task tab:"
select java click continue
select the following information:
Task name:email
Api source: JavataskJar:Adapterclass.jar( the jar file which you have create)
application api: adapteclass
click save
8) In the Application method parameters,select the first input: String
Cange Map to:Adapter variables
Set the name to:var1 and click save
9) select the output:STring
change map to:Adapter variables
set name to: return variable
10) click save and save the adapter and click on Build
Adapter is now build the next step isto join it to the form
** join the adapter to the form**
Steps:
1) click on form designer and search the related form which we have created
2) In the respective form click on create a new version and create a new version
3) and then click on Pre populate tab and click on ADD
4)select adapter field to firstname
Rule : default
Adapter : Firstname
and click on save
5) In the adapter variable field click on firstname and fill the following
map to: Process data
Qualifier : firstname
6) Repeat steps 3 to 5 to map the email adapter
7) click on save.
Now we have done with all the steps and now we have created one User submit the user
we have click on request acounts ---> search the catalog and select the application instance (select the app instance "database provisioning") ---> add to cart ---> and check out ---> fill the form leaving email field --> ready to submit ---> submit
now we have check this user in database but still pre populated fields are not reflected. since this not working so we have found the other three links
Re: OIM 11gR2 - Prepopulate Field Empty Problem
http://fusionsecurity.blogspot.in/2013/01/populating-request-attributes-in-oim.html
http://identityandaccessmanager.blogspot.in/2011/07/prepopulate-adapter-in-oim-11g.html
according to these links they mention to implements the prepopulationadapter interface into the java class and create the plugin.xml for the class which we have used in jar.
so we prepared a plugin.xml
<?xml version="1.0" encoding="UTF-8" ?>
<oimplugins xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<plugins pluginpoint="oracle.iam.request.plugins.PrePopulationAdapter">
<plugin pluginclass= "com.oracle.demo.iam.prepop.plugin.UserLoginPrePop" version="1.0" name="UserLoginPrePop">
<metadata name="PrePopulationAdapater">
<value> My_users::email</value>
</metadata>
</plugin>
</plugins>
</oimplugins>
and the java class which implements "PrePopulationAdapter".
they mention to put that jar into one directory named "lib"and paste the xml and lib folder into the OIM_HOME\server\plugin
BUt we stuck on how to configure the adapter or what is the next steps for the above process. or there is something that we have missed in the process
please do reply its urgent
Regards,
Tushar Palekarhii i have followed all your steps regarding the pre populated adapter ,but no luck.
java code :
package com.oracle.demo.iam.prepop.plugin;
import java.io.Serializable;
import oracle.iam.request.plugins.PrePopulationAdapter;
import oracle.iam.request.vo.RequestData;
public class Userfname implements PrePopulationAdapter {
public Serializable prepopulate(RequestData requestData){
String fname = "xyz";
System.out.println("Returning fname ==== " + fname );
return fname ;
2)i have create a jar for this code and paste it into lib folder.
3) i have create a plugin.xml
<?xml version="1.0" encoding="UTF-8" ?>
<oimplugins xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<*plugins pluginpoint="oracle.iam.request.plugins.PrePopulationAdapter">*
*<plugin pluginclass= "com.oracle.demo.iam.prepop.plugin.Userfname" version="1.0" name="Userfname">*
*<metadata name="PrePopulationAdapater">*
*<value>register::LAST_NAME</value>*
*</metadata>*
*</plugin>*
*</plugins>*
*</oimplugins>*
4)i register the plugin using ant -f pluginregistration.xml register
5)i have restartthe oim server and then i create a user using the same app instatnce in which i have create the form(ie.register),and
request acount-->select app instance ---> add to cart
but the last name xyz as per the java code is not reflected in the dadbase table.
please help
tushar palekar -
Replicating the app functionality from OIM 10g to OIM 11gR2
Hi,
I have a resource object with an object form and a process form and approval, provisioning configured in OIM 10g design console. Provisioning is manual provisioning assigned to a particular group based on a task assignment adapter. For replicating the same in OIM 11gR2 i followed the following steps.
1. Created a Resource object in Design console.
2. Created a dummy IT Resource ( Since while creating app instance it is having IT Resource as Mandatory field. * Is there any way to skip this as i do not have any IT resource in my original app as it is going for manual provisioning?)*
3. Created a process form in Design Console with the same fields as present in my 10g app process form.
4. Now i need to Create an app instance and select the created resource object and IT resoource. Also i need to create a form associated with the app instance in which i will add the fields as present in the object form in my 10g app. ( Here i am not understanding how data will flow from object form to process form since there is no data flow mapping here)
5. Other steps like creating the SOA composite with human tasks and deploying it and after that creating approval policies is pretty much clear.
Please clarify whether the steps are correct and also the queries which i have posted in between. Thanks in advance.
Regards,
Durgaprasad
Edited by: Durgaprasad on Jan 17, 2013 3:38 AMThanks Gyanprakash. Wll disconnected resource trigger our custom approval process if we select the resource name properly in scope in operational level approval policy. Have you tried a disconnected resource with your custom approval process. Because i read the following lines in admin guide
Oracle Identity Manager supports provisioning of disconnected resources by using the SOA worklist for manual provisioning of disconnected resources. After the role-based provisioning decision or SOA request approval is complete and the corresponding application instance is determined to be a disconnected application instance, a new SOA workflow is started. This new SOA workflow is assigned to the manual provisioning administrator.
So i thought disconnected app instance will have its own approval process configured during the creation and it will route accordingly. So just wanted to clarify how to make disconnected app instance to trigger our approval. will approval policay take care of it as i am going to select the name of the disconnected app in the scope field. -
OIM 11gR2 : User groups not visible on UI
Hello Experts,
I have a requirement in which i need to assign the user provisioned to AD to some group(s) depending upon certain conditions like BU, Location etc. I created a Process Task adapter for the same and am able to successfully assign the users to the desired groups.
But i am able to check for this validity from the Backend only.
Ideally the groups assigned to the user must be visible after following these steps:
*1. Search for a user provisioned to AD.
2. Go the the Accounts tab.
3. Click on the AD account (to which the user has been provisioned)
4. A process form is displayed in the lower half of the webpage which also shows the information regarding the groups assigned to the User. But the groups are not getting displayed.*
Kindly Help.
Edited by: IDM_newbie on Jan 24, 2013 11:24 PMBut sir, the groups are listed under the Accounts tab. Is there any schedule job provided by OIM 11gR2 which results in the display of Groups assigned to the user as well under the Accounts tab ?
Edited by: IDM_newbie on Jan 25, 2013 1:51 AM -
OIM 11gR2 : Problem while starting managed server
Hello Experts,
I ran config.sh in order to extend my schema to include APM (Authorization Policy Manager) in OIM 11gR2.
After that i took a restart of the servers. When i am trying to start the managed servers they're not starting in the RUNNING mode. Instead they're starting in the ADMIN mode.
The logs are showing the following error :
Internal Exception: java.sql.SQLException: Listener refused the connection with the following error:
ORA-12505, TNS:listener does not currently know of SID given in connect descriptor
Kindly help me out.1. yes you can check if the nodemanage is running using the following ways.
For linux env:-
a. Check if the JAVA process for nodemanager is running ps -ef | grep java and see the nodemanager process else /usr/sbin/lsof -i:$port (port of nodemanager).
b. Login to Admin Console --> Environment --> Machines --> Click on Machines --> Nodemanager --> Monitoring will give you nodemanager status from Admin console.
c. use nm() command with WLST
Example:
wls:/mydomain/serverConfig> nm()
Currently connected to Node Manager that is monitoring the domain "mydomain"
wls:/mydomain/serverConfig> nm()
Not connected to any Node Manager
wls:/mydomain/serverConfig>
To see if WLST connects to nodemanager or not?
help('nmLog') --> to check the nm logs
2. To start the nodemanager using WLST here are the commands
Example:
For single managed Server
wls:/mydomain/serverConfig> start('myserver', 'Server', block='false')
Starting server 'myserver' ...
The server 'myserver' started successfully.
wls:/mydomain/serverConfig>
For Cluster
wls:/mydomain/serverConfig> start('mycluster', 'Cluster')
Starting the following servers in Cluster, mycluster: MS1, MS2, MS3...
All servers in the cluster mycluster are started successfully.
wls:/mydomain/serverConfig> -
Account stuck in Provisioning state in OIM 11gR2
Hello,
In OIM 11gR2, when provisioning fails, the application still shows in the accounts tab of the user, but it is stuck in the "Provisioning" state. I don't know if it's standard behavior, but it always does this for me. When this problem occurs, the only way I have found to remove the entry from the applications list is to completely delete the application instance and re-create it. Is there a cleaner way of removing the stuck account ? The "Remove Account" button does nothing for me.
Thanks,
--jtellierRajiv Dewan wrote:
BDW, if something goes wrong while doing provisioning then you can retry the rejected task (after fixing the issue) instead of initiating provisioning again with new instance. It will mark your existing incomplete instance as PROVISIONED.Oh, thanks, I had not realized that...
--jtellier -
OIM 11gR2: Screen customization, file upload
Going through the documentation for OIM 11gR2, we are very excited for the customization capabilities (based on ADF it seems) for the screens.
One of the things we have always wanted to do is to allow users to upload pictures of themselves in the self-service interface. The pictures would then be sent to the LDAP, where we have our enterprise employee directory.
With 11gR2, how would we go about adding a webcomponent element that would allow a user to choose a JPEG on their local machine, and upload it to OIM to be included in their profile?
Thank you.OIM still doesn't support this feature. You can have custom UDF in which you can put path of image and then internally have a separate table with userkey and image file(blob) mapping. But it'll be a complex task. Or you can do UI customizations.
regards,
GP -
OIM 11gR2 : recon matching multi-value attribute
Hi, OIM Gurus,
The basic recon matching rule works very well, but business want to matching against users multi-value attribute, for example, one of the multiple AD accounts of user.
Can anyone tell me how this can be done in OIM 11gR2 BP7.Rajiv, you are right. I choose the "Reconciliation Create/Update/Delete Received" tasks as I could not make Kevin's suggestion work. Here is what I did and failed to trigger the custom adapter.
(1) I created a task called "Child Table UD_MYAuth row updated" and attach my custom-adapter to it.
(2) I found "Reconciliation Update Received" task is called whenever there is a change in multi value attributes and is called by "Target Recon", which update the multivalue in child table UD_MYAuth.
In this task I mentioned the child table (UD_MYAuth) and trigger type as 'update'. The idea was to trigger the exclusive child-table related task created in step-1 from this "recon update Rcvd" task.
(3) To test this setup, I changes the multi-valued data of a user in LDAP and ran the "Target Recon". I found that adapter code was not executed, that means "Child Table UDMYAuth row updated" task was not called.
Since I have mentioned the child table and trigger type in "Recon Update Rcvd" task, should not it trigger "child table xxx row updated" task ? I could not make it work. -
Webservice Client is not working in OIM 11gR2
Hi,
We have created a web client using Axis 1.6.2 and using it in OIM 11gR2 for Request Validator Plugin. But we are getting issue that org.apache.axiom.om.OMAbstractFactory. getOMFactory() is not found. When we checked the JARs in class path we found that OIM Already has lower version of axiom1.2.5 in its class path under oim.ear which doesn't contain this method however Axis1.6.2 contains the newer version which contain this method. Does anybody has any idea how to override OIM default classpath JAR file and force it to read the library files available under plugin?Hi
I am facing similar issue but with Custom Adapter . I copied the axis jars under the JavaTasks folder but it does not help.
I then copied them under the oim.ear/APP_INF/lib and restarted the OIM managed server but somehow even that does not help.
I get following error.
Caused by: java.lang.NoSuchMethodError: org/apache/axiom/om/OMAbstractFactory.getMetaFactory()Lorg/apache/axiom/om/OMMetaFactory;
at org.apache.axiom.om.OMXMLBuilderFactory.createOMBuilder(OMXMLBuilderFactory.java:150)
at org.apache.axiom.om.OMXMLBuilderFactory.createOMBuilder(OMXMLBuilderFactory.java:133)
at org.apache.axiom.om.OMXMLBuilderFactory.createOMBuilder(OMXMLBuilderFactory.java:104)
at org.apache.axis2.util.XMLUtils.toOM(XMLUtils.java:590)
at org.apache.axis2.util.XMLUtils.toOM(XMLUtils.java:575)
at org.apache.axis2.deployment.DescriptionBuilder.buildOM(DescriptionBuilder.java:97)
at org.apache.axis2.deployment.AxisConfigBuilder.populateConfig(AxisConfigBuilder.java:90)
at org.apache.axis2.deployment.DeploymentEngine.populateAxisConfiguration(DeploymentEngine.java:857)
at org.apache.axis2.deployment.FileSystemConfigurator.getAxisConfiguration(FileSystemConfigurator.java:116)
at org.apache.axis2.context.ConfigurationContextFactory.createConfigurationContext(ConfigurationContextFactory.java:64)
at org.apache.axis2.context.ConfigurationContextFactory.createConfigurationContextFromFileSystem(ConfigurationContextFactory.java:210)
at org.apache.axis2.client.ServiceClient.configureServiceClient(ServiceClient.java:151)
Any pointer on how I can try to resolve it.
Regards
Abhinav -
Steps to develope user name generation event handler in OIM 11gR2
Friends,
Can you please provide me steps to develop user name generation event handler in oim 11gR2?
Thanks,
ChakriThanks for providing the detailed steps. This is waht i was looking for.
I will follow these steps and let you know the results.
Thanks for your support. -
Need information on OAM 11gR2 protecting OIM 11gR2
Hi All,
I need to implement a solution wherein I have to protect OIM 11gR2 application using OAM 11g2.
So in this case the identity store for OIM is the normal Oracle database and we have used the generic LDAP connector to provision the users to a LDAP directory which is the identity store for OAM.
I have gone through the OIM integration with OAM and it talks about a lot of steps involving extension of the identity store for both OIM and OAM,(Integrating Access Manager and Oracle Identity Manager - 11g Release 2 (11.1.2))
In my case I don't need the features like centralized password management functionality...we only want to protect the OIM application.
So is it possible to enable SSO without
1)Externalizing the identity store of OIM to the LDAP directory which is the identity store for OAM,and hence not running the LDAP sync utility
Also can you please guide me to a document that specifies the steps.
ThanksHi Thiago,
Thanks for your replies.
Yes, I followed certification matrix and tried to install 11.1.1.6 only on wlserver 10.3.6.
Can you please eloborate on the below points? Or If there are any urls for detailed steps, please provide them.
-What you have to do:
+2.1-On Application Server Navigator you can create types of connection:+
+2.2-Integrated WLS option+
+2.3-Standalone WLS option+
+2.4-This first option you can install a local standalone WLS 10.3.6 server on your environment, then create a separate "integrated WLS" connection to the standalone server.+
+2.5-Then go to your Application's properties through the Application menu -> Application Properties -> Run -> Bind to Integration Application Server option you can the brand new option created WLS server connection to work with your application.+
+3.0- Don't forget that you need to install the ADF Runtimes for the server to be able to work with ADF applications+ -
Hi Guys,
I have installed oim 11gR2 with LDAP Sync enabled to OUD 11g 11.1.1.5.
When i create user or role from oim it is getting created in OUD which is fine.
When i create user in OUD, the user is created in OIM which is also fine.
But, when i create the role in oud, the role is not created in OIM. When i run the LDAP Role full reconciliation it is getting the role to oim but it is in Data received state. When i tried to process the event using the API, i got the message
"java.lang.NullPointerException at oracle.iam.reconciliation.dao.ReconActionDao.executeRoleMatch(ReconActionDao.java:1003) at oracle.iam.reconciliation.impl.RoleHandler.executeSingleEventMatch(RoleHandler.java:231) at oracle.iam.reconciliation.impl.EntityTypeHandler.match(EntityTypeHandler.java:58) at oracle.iam.reconciliation.impl.ActionEngine.processEvent(ActionEngine.java:166) at oracle.iam.reconciliation.impl.ReconOperationsServiceImpl.processReconciliationEvent(ReconOperationsServiceImpl.java:1216) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149) at oracle.iam.platform.utils.DMSMethodInterceptor.invoke(DMSMethodInterceptor.java:25) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at $Proxy328.processReconciliationEvent(Unknown Source) at Thor.API.Operations.tcReconciliationOperationsIntfEJB.processReconciliationEventx(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310) at com.bea.core.repa"
Any ideas?
Thanks a lotCan you check if you can see the parameters for Directory Server in IT Resource Directory Server ?
Maybe you are looking for
-
Windows 8.1 with my f 300,all in one series
I am unable to use my F300 all in one series with my windows 8.1 laptop.please help
-
How do you avoid the ORA-01555 error in oracle 8i?
please give me examples.
-
Creating BusinessPartner with both mail to and bill to address
Hi, I am having problem creating a business partner with both mail to and bill to address. I want to create two instances (lines) in BPAddresses; one with mial to address and another with bioll to address. But I still get the error code -5002 with th
-
OS 10.4.11 where is the patch for the latest security??
Where is the patch that Apple announced today? OS 10.4.11 I know it's an old Mac, but...
-
It just sits there thinking or sometimes doesn't even show itself thinking. The submit buttons are unresponsive for login pages, etc. If I copy/paste the links into another browser they work fine so it's clearly safari. Because safari is my default b