OIM 11gr2 UNIX Connector SUDO user

Good Day!
I would like to ask on how can I configure the UNIX connector using a SUDO user?
I already have followed the documentation guide in setting up the SUDO user but I am getting this error:
org.identityconnectors.framework.common.exceptions.OperationTimeoutException: Command timed-out while waiting for: password
I'm not sure if I missed some steps?
Your reply is greatly appreciated.
Thanks!
Regards,
jeff

Was there any feedback to your SR coming from Oracle?
Because I have the same issue here.
Regards,
M

Similar Messages

  • OIM 11GR2 UNIX Connector Reconcile users from UNIX inquiry

    Good Day!
    I would like to ask whether there is a way in OIM that when I reconcile all new users from my UNIX server, OIM will also create the resource which this user is provisioned upon?
    Here is my scenario:
    1.) Freshly installed OIM 11GR2.
    2.) Installed UNIX connector on OIM 11GR2.
    3.) Configured UNIX TRUSTED Resource
    4.) Reconciled all the UNIX users into OIM. (New users are created since my OIM doesn't have any user)
    5.) The problem is when the new users are now created in OIM, they don't have entitlements or accounts linked to the UNIX server which they have been pulled upon.
    I would like to ask whether I need to configure something to have the entitlements/accounts linking possible?
    If not, what are the ways I can achieve this?
    The only way I can think of is have the UNIX users be created in a flat file first then load via GTC then have reconciliation to have OIM to link these users to UNIX which I believe should be able to do the scenario I am asking upon.
    Thanks in advance!
    Regards,
    Jeff

    By the way, checking target resource recon by default will not create new users when OIM is not able to establish a link.
    In my case, OIM doesn't have any users since this is a fresh install hence even running target resource at start will won't create the new users in OIM right?
    based from this:
    "You configure application (AD, OID, OVD, HR) etc in Target Resource Mode if that OIM is source of truth for user provisioning (All users are created in OIM and OIM then provision accounts in Application. Any changes in Application are reconciled back to OIM)."

  • Problem handling SMTP address with OIM 11gR2 Exchange connector

    Hello,
    I have a problem in regarding the primary SMTP address with the Exchange connector. The connector doesn't seem to be able to update it. Changing a user's primary SMTP address from its account details in OIM creates a new secondary address in Exchange. It does not change the current primary SMTP address. This does not look like a normal behavior... Any ideas on how to fix this?
    I'm using OIM 11gR2 with BP10 with AD 11.1.1.5.0A and Exchange 11.1.1.5.0.
    Thanks,
    --jtellier

    Yes, you can try out few things suggested in below thread
    Re: Exchange Provisioning
    The error looks like form exchange server side but still not sure about it.
    Meantime open Service Request with oracle about the same as I can see other developers are also facing same issue.

  • OIM 11gR2 - Identity console - Search Users Page.  Need to add employee number by default.

    Hi,
    I am new to oim 11gR2.  I have a requirement , to add the employee number field in the user search box. I do not want to use the Add Fields button to add the employee number search field.
    When any user goes to the search page, they must find the employee number field in the search box in addition to the other default fields like lastname, firstname, etc.  Is it achievable? Thanks in advance.  
    If possible.... can you please provide the steps to achieve it?.. thanks

    Karthik Perath
    Thanks for the answer....... but I guess you misread the question.  I am able to add new fields as columns to the search results table.  My problem is I want to add the searchable field to the query form.  Also, I do not want to use the Add Fields button (because that is a part of Saved Search which is Personalization and limited only to the creator) , I want the newly added searchable field. for example Employee Number ( which is not there by default)  to be made available to all the end users of Identity Self Service system..... Hope you got the problem... 

  • OIM 10g - custom connector - modify user

    Hi
    I am writing a custom connector for OIM 10g and looking out for modify request format. My application has roles which are managed by OIM. When I call 'modify user' to update user's role in the application, I want to have the information of old role and new role in the connector. Please let me know how can I get the information of old role for the provisioned resource. I want to log the information that at the time of 'modify user' which role was newly added and which role was deleted.
    Does anybody has information about how this can be implemented.
    Thanks

    Well , When you write a process task for adding/ removing the child table , you specify in the task configuration the child table name and trigger type (insert OR delete)..
    So when you add or remove operation from child process form in OIM, OIM know which task it has to trigger and you can put the logic to add /remove the role in the adapter attached to the task .
    Thanks
    Suren

  • OIM 11gR2: API to modify accounts

    Hi all,
    I would like to develop an event handler for OIM 11gR2 to modify a user account (for example Active Directory account) if some conditions are satisfied.
    I looked for proper API in Java API Reference for Oracle Identity Manager and I found the interface ProvisioningService.
    I already developed an event handler for test purpose that gets and prints account details and it works.
    My question is: can you provide me an example to use the API to modify an account correctly please?
    Thanks in advance,
    Daniele

    Find the act_key for this new organization and then use the UserManager api to update the act_key for all the accounts.

  • OIM 11gR2 user not provisioning to Active Directory (11.1.1.5 connector)

    Hello all,
    I'm trying to set up an OIM 11gR2 instance to work with Active Directory with the Active Directory 11.1.1.5.0 connector. I've full installed both OIM and AD on separate servers, and I've installed the AD 11.1.1.5 connector on OIM. I have configured Active Directory properly (connector on OIM and the connector server on the AD server-side), and have set up the two IT Resources on OIM. I can run, for example, the Active Directory Organization Lookup Recon job and have it return results in the Lookup window.
    My problem is that I cannot get it to provision to a user. I've created an Application Instance and Form for Active Directory, attached the Form, associated them with the appropriate resources (AD User), and added them to the Catalog, and then gone through the process of adding an account to the user, selecting the Application Instance, adding it to the cart, checking out, filling out the fields (Password, User ID, UPN, First Name, Last Name, Common Name, and Organization Name), and then submitting the request. This is all done as the xelsysadm admin user, but it still results with the account stuck on "Provisioning" because the "Create User" task failed due to a Connector Error (the reason stated is just a repeat of "Create Object" failed).
    Anyone know what I'm missing here?
    Thank you!
    Edited by: 939908 on Nov 12, 2012 6:36 AM

    Hey 833249, thanks for your reply
    The organization field attribute is filled in correctly, in that the OU I selected exists in AD.
    These are the errors listed in the connector server log:
    +11/9/2012 9:07:07 PM <ERROR>: Class-> ActiveDirectoryUtils Method -> GetDirectoryEntry, Message -> Exception occured during the creation of directory entry.+
    +11/9/2012 9:07:07 PM <ERROR>: Class-> ActiveDirectoryUtils Method -> GetDirectoryEntry, Message -> Exception Message : Logon failure: unknown user name or bad password.+
    +11/9/2012 9:07:08 PM <ERROR>: Class-> ActiveDirectoryUtils Method -> GetDirectoryEntry, Message -> Exception Stack Trace : at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)+
    at System.DirectoryServices.DirectoryEntry.Bind()
    at System.DirectoryServices.DirectoryEntry.get_NativeObject()
    at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryUtils.GetDirectoryEntry(String path, ActiveDirectoryConfiguration configuration) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryUtils.cs:line 1423
    +11/9/2012 9:07:08 PM <ERROR>: Class-> ActiveDirectoryConnector Method -> Create, Message -> Encountered Excetion: Unable to get the Directory Entry+
    +11/9/2012 9:07:08 PM <ERROR>: Class-> ActiveDirectoryConnector Method -> Create, Message -> Stack Trace: at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryUtils.GetDirectoryEntry(String path, ActiveDirectoryConfiguration configuration) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryUtils.cs:line 1456+
    at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryUtils.DirectoryEntryExists(String path) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryUtils.cs:line 1512
    at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryConnector.Create(ObjectClass oclass, ICollection`1 attributes, OperationOptions options) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryConnector.cs:line 219
    ConnectorServer.exe Error: 0 : Org.IdentityConnectors.Framework.Common.Exceptions.ConnectorException: Unable to get the Directory Entry
    at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryConnector.Create(ObjectClass oclass, ICollection`1 attributes, OperationOptions options) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryConnector.cs:line 368
    at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.CreateImpl.Create(ObjectClass oclass, ICollection`1 attributes, OperationOptions options) in c:\ADE\aime_icf\icf\framework\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 388
    at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.ConnectorAPIOperationRunnerProxy.Invoke(Object proxy, MethodInfo method, Object[] args) in c:\ADE\aime_icf\icf\framework\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 244
    at ___proxy1.Create(ObjectClass , ICollection`1 , OperationOptions )
    at Org.IdentityConnectors.Framework.Impl.Server.ConnectionProcessor.ProcessOperationRequest(OperationRequest request) in c:\ADE\aime_icf\icf\framework\dotnet\FrameworkInternal\Server.cs:line 609
    I'm not sure why the username/password error could be occurring, as those fields in the AD IT Resource are correct (I've run AD recon jobs that have connected properly). Is there something I'm missing?

  • OIM 11.1.1.5.0 BP02 Generic UNIX Connector Configuration Problem

    I have an inquiry regarding the configuration of the Generic UNIX Connector on 11.1.1.5 of OIM. Basically, when I try to do Primary Group Recon and Shell Recon, I get an error saying:
    Oracle.iam.connectors.icfcommon.exceptions.IntegrationException: The value for a key [Host] is not defined in the provided map.
    I have followed the documentation of the UNIX guide connector and also created an attribute in OIM Design Console called privateKey[LOADFROMFILE] containg a value of file:\\\home\oracle\Oracle\Middleware\Oracle_OIM1\server\ConnectorDefaultDirectory\SSH\config\oim_rsa.
    I also tried to provisioned a user with the UNIX resource but I get an error message saying:
    Running CREATEUSER
    Target Class = oracle.iam.connectors.icfcommon.prov.ICProvisioningManager
    <Jul 2, 2012 6:20:32 PM PHT> <Error> <ORACLE.IAM.CONNECTORS.ICFCOMMON.PROV.ICPROVISIONINGMANAGER> <BEA-000000> <oracle.iam.connectors.icfcommon.prov.ICProvisioningManager : createObject : Error while creating user
    oracle.iam.connectors.icfcommon.exceptions.IntegrationException: The value for a key [Host] is not defined in the provided map.
    at oracle.iam.connectors.icfcommon.util.MapUtil.getRequiredValue(MapUtil.java:94)
    at oracle.iam.connectors.icfcommon.ConnectorFactory.createConnectorFacade(ConnectorFactory.java:122)
    at oracle.iam.connectors.icfcommon.prov.ICProvisioningManager.init(ICProvisioningManager.java:133)
    at oracle.iam.connectors.icfcommon.prov.ICProvisioningManager.init(ICProvisioningManager.java:141)
    at oracle.iam.connectors.icfcommon.prov.ICProvisioningManager.createObject(ICProvisioningManager.java:253)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpUNIXCREATEUSER.CREATEUSER(adpUNIXCREATEUSER.java:109)
    at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpUNIXCREATEUSER.implementation(adpUNIXCREATEUSER.java:54)
    at com.thortech.xl.client.events.tcBaseEvent.run(tcBaseEvent.java:196)
    at com.thortech.xl.dataobj.tcDataObj.runEvent(tcDataObj.java:2492)
    at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(tcScheduleItem.java:2917)
    at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(tcScheduleItem.java:547)
    at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:602)
    at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:474)
    at com.thortech.xl.ejb.beansimpl.tcProvisioningOperationsBean.retryTasks(tcProvisioningOperationsBean.java:4042)
    at Thor.API.Operations.tcProvisioningOperationsIntfEJB.retryTasksx(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.oracle.pitchfork.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:34)
    at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
    at com.oracle.pitchfork.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:42)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
    at $Proxy329.retryTasksx(Unknown Source)
    at Thor.API.Operations.tcProvisioningOperationsIntfEJB_4xftoh_tcProvisioningOperationsIntfRemoteImpl.__WL_invoke(Unknown Source)
    at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
    at Thor.API.Operations.tcProvisioningOperationsIntfEJB_4xftoh_tcProvisioningOperationsIntfRemoteImpl.retryTasksx(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
    at $Proxy167.retryTasksx(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:198)
    at $Proxy328.retryTasksx(Unknown Source)
    at Thor.API.Operations.tcProvisioningOperationsIntfDelegate.retryTasks(Unknown Source)
    at com.thortech.xl.webclient.actions.ResourceProfileProvisioningTasksAction.retryTasks(ResourceProfileProvisioningTasksAction.java:702)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:269)
    at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(tcLookupDispatchAction.java:133)
    at com.thortech.xl.webclient.actions.tcActionBase.execute(tcActionBase.java:894)
    at com.thortech.xl.webclient.actions.tcAction.execute(tcAction.java:213)
    at org.apache.struts.chain.commands.servlet.ExecuteAction.execute(ExecuteAction.java:58)
    at org.apache.struts.chain.commands.AbstractExecuteAction.execute(AbstractExecuteAction.java:67)
    at org.apache.struts.chain.commands.ActionCommandBase.execute(ActionCommandBase.java:51)
    at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
    at org.apache.commons.chain.generic.LookupCommand.execute(LookupCommand.java:305)
    at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
    at org.apache.struts.chain.ComposableRequestProcessor.process(ComposableRequestProcessor.java:283)
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:462)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at com.thortech.xl.webclient.security.CSRFFilter.doFilter(CSRFFilter.java:76)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.iam.platform.auth.web.PwdMgmtNavigationFilter.doFilter(PwdMgmtNavigationFilter.java:121)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.iam.platform.auth.web.OIMAuthContextFilter.doFilter(OIMAuthContextFilter.java:108)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
    at java.security.AccessController.doPrivileged(Native Method)
    at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
    at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
    at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
    at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
    at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3730)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3696)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
    >
    I would like to ask if there some configuration step I have missed upon which causes this error?
    Thanks in advance!

    Thanks for the reply! found out that I populated Connector Server with a value hence it was giving out this error. Thanks!
    Edited by: 940359 on Jul 2, 2012 9:08 PM

  • Uninstall AD Connector in oim 11gR2

    Hi,
    I want to uninstall AD connector (.NET version 11.1.1.5.0) from oim 11gR2. For this, i run uninstallConnector.sh but i got this error . Do you have any idea ?
    Thanks.
    DEBUG,27 Nov 2012 11:32:07,475,[ConnectorUninstall.log],Executing the Prepared Statement for the ResourceObject: AD Group
    DEBUG,27 Nov 2012 11:32:07,476,[ConnectorUninstall.log],Successfully executed the Prepared Statement for the ResourceObject: AD Group
    DEBUG,27 Nov 2012 11:32:07,476,[ConnectorUninstall.log],Executing the Prepared Statement for the ResourceObject: AD Organizational Unit
    DEBUG,27 Nov 2012 11:32:07,477,[ConnectorUninstall.log],Successfully executed the Prepared Statement for the ResourceObject: AD Organizational Unit
    DEBUG,27 Nov 2012 11:32:07,477,[ConnectorUninstall.log],Executing the Prepared Statement for the ResourceObject: AD User
    DEBUG,27 Nov 2012 11:32:07,478,[ConnectorUninstall.log],Successfully executed the Prepared Statement for the ResourceObject: AD User
    DEBUG,27 Nov 2012 11:32:07,478,[ConnectorUninstall.log],Executing the Prepared Statement for the ResourceObject: AD User Trusted
    DEBUG,27 Nov 2012 11:32:07,478,[ConnectorUninstall.log],Successfully executed the Prepared Statement for the ResourceObject: AD User Trusted
    DEBUG,27 Nov 2012 11:32:07,479,[ConnectorUninstall.log],Exiting Method: checkAndPrintAttestationTask of Class: UninstallUtility
    DEBUG,27 Nov 2012 11:32:07,479,[ConnectorUninstall.log],Entering Method: deleteReconciliationData of Class: UninstallUtility
    DEBUG,27 Nov 2012 11:32:07,479,[ConnectorUninstall.log],Getting ReconConfigService instance.
    DEBUG,27 Nov 2012 11:32:07,500,[ConnectorUninstall.log],Successful in getting ReconConfigService instance.
    *DEBUG,27 Nov 2012 11:32:07,501,[ConnectorUninstall.log],Deleting the reconciliation profile for the resource object: AD Group*
    Exception in thread "main" oracle.iam.reconciliation.exception.ConfigException: oracle.mds.core.MetadataNotFoundException: MDS-00013: no metadata found for metadata object "/db/AD Group"
    at oracle.iam.reconciliation.impl.config.CoreProfileManagerImpl.getProfileFromMDS(CoreProfileManagerImpl.java:395)
    at oracle.iam.reconciliation.impl.config.CoreProfileManagerImpl.getProfile(CoreProfileManagerImpl.java:381)
    at oracle.iam.reconciliation.impl.config.ProfileManagerImpl.getProfile(ProfileManagerImpl.java:163)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
    at oracle.iam.platform.utils.DMSMethodInterceptor.invoke(DMSMethodInterceptor.java:25)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
    at $Proxy439.getProfile(Unknown Source)
    at oracle.iam.reconciliation.impl.ReconConfigServiceImpl.deleteProfile(ReconConfigServiceImpl.java:54)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
    at oracle.iam.platform.utils.DMSMethodInterceptor.invoke(DMSMethodInterceptor.java:25)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
    at $Proxy438.deleteProfile(Unknown Source)
    at oracle.iam.reconciliation.api.ReconConfigServiceEJB.deleteProfilex(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.oracle.pitchfork.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:34)
    at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
    at com.oracle.pitchfork.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:42)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
    at $Proxy437.deleteProfilex(Unknown Source)
    at oracle.iam.reconciliation.api.ReconConfigService_66l8sr_ReconConfigServiceRemoteImpl.__WL_invoke(Unknown Source)
    at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
    at oracle.iam.reconciliation.api.ReconConfigService_66l8sr_ReconConfigServiceRemoteImpl.deleteProfilex(Unknown Source)
    at oracle.iam.reconciliation.api.ReconConfigService_66l8sr_ReconConfigServiceRemoteImpl_WLSkel.invoke(Unknown Source)
    at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:667)
    at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
    at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:522)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
    at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:518)
    at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
    Caused by: oracle.mds.core.MetadataNotFoundException: MDS-00013: no metadata found for metadata object "/db/AD Group"
    at oracle.mds.core.MetadataObject.getBaseMO(MetadataObject.java:1331)
    at oracle.mds.core.MDSSession.getBaseMO(MDSSession.java:3200)
    at oracle.mds.core.MDSSession.getMetadataObject(MDSSession.java:1190)
    at oracle.mds.core.MDSSession.getMetadataObject(MDSSession.java:1136)
    at oracle.iam.reconciliation.impl.config.CoreProfileManagerImpl.getProfileFromMDS(CoreProfileManagerImpl.java:390)
    ... 60 more

    Yes, i did.
    I created profile from design console for AD Resource objects. Then i am getting this error;
    ey = atr.apd_key AND atr.atr_key = apt.atr_key AND apt.apt_key = atd.apt_key AND atd.oiu_key = oiu.oiu_key AND oiu.obi_key = obi.obi_key AND obi.obj_key = obj.obj_key AND obj.obj_name = ?
    DEBUG,27 Nov 2012 13:08:07,589,[ConnectorUninstall.log],Executing the Prepared Statement for the ResourceObject: AD Group
    DEBUG,27 Nov 2012 13:08:07,590,[ConnectorUninstall.log],Successfully executed the Prepared Statement for the ResourceObject: AD Group
    DEBUG,27 Nov 2012 13:08:07,590,[ConnectorUninstall.log],Executing the Prepared Statement for the ResourceObject: AD Organizational Unit
    DEBUG,27 Nov 2012 13:08:07,591,[ConnectorUninstall.log],Successfully executed the Prepared Statement for the ResourceObject: AD Organizational Unit
    DEBUG,27 Nov 2012 13:08:07,591,[ConnectorUninstall.log],Executing the Prepared Statement for the ResourceObject: AD User
    DEBUG,27 Nov 2012 13:08:07,592,[ConnectorUninstall.log],Successfully executed the Prepared Statement for the ResourceObject: AD User
    DEBUG,27 Nov 2012 13:08:07,593,[ConnectorUninstall.log],Executing the Prepared Statement for the ResourceObject: AD User Trusted
    DEBUG,27 Nov 2012 13:08:07,594,[ConnectorUninstall.log],Successfully executed the Prepared Statement for the ResourceObject: AD User Trusted
    DEBUG,27 Nov 2012 13:08:07,594,[ConnectorUninstall.log],Exiting Method: checkAndPrintAttestationTask of Class: UninstallUtility
    DEBUG,27 Nov 2012 13:08:07,594,[ConnectorUninstall.log],Entering Method: deleteReconciliationData of Class: UninstallUtility
    DEBUG,27 Nov 2012 13:08:07,594,[ConnectorUninstall.log],Getting ReconConfigService instance.
    DEBUG,27 Nov 2012 13:08:07,622,[ConnectorUninstall.log],Successful in getting ReconConfigService instance.
    *DEBUG,27 Nov 2012 13:08:07,622,[ConnectorUninstall.log],Deleting the reconciliation profile for the resource object: AD Group*
    Exception in thread "main" oracle.iam.reconciliation.exception.ConfigException: Path :: /db/RA_ADGROUPA80D3C22.xml
    at oracle.iam.reconciliation.impl.config.CoreProfileManagerImpl.removeFromMDS(CoreProfileManagerImpl.java:364)
    at oracle.iam.reconciliation.impl.config.CoreProfileManagerImpl.removeStagingEntityDef(CoreProfileManagerImpl.java:346)
    at oracle.iam.reconciliation.impl.config.CoreProfileManagerImpl.remove(CoreProfileManagerImpl.java:314)
    at oracle.iam.reconciliation.impl.config.ProfileManagerImpl.remove(ProfileManagerImpl.java:154)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    Thanks.

  • Provisioning users to AD groups in OIM 11gR2

    I could use some advice on how to resolve this issue I am having.
    Using the Active Directory connector (11.1.1.5) in our OIM 11gR2 development environment I can successfully provision OIM users to our AD resource. I have successfully run the org and group lookup recons, and provisioned users do go into the correction ou in AD.
    However when I select which groups a user should be a member of in the ADUSERC child form (via the lookup), the user is not provisioned with the correct group membership in AD.
    A separate issue is how to map the objectClass in AD in the ProvAttrMap; could anyone point me in the direction of how to go about that?
    Thanks

    The ObjectClass should be configured in this lookup Lookup.Configuration.ActiveDirectory
    Check below
    http://docs.oracle.com/cd/E22999_01/doc.111/e20347/extnd_func.htm#sthref221
    4.6 Configuring the Connector for User-Defined Object Classes

  • Deploying the UNIX connector in OIM

    Hi All
    Am trying to deploy the UNIX connector for OIM. The connector is deployed to connect to Red hat Linux 3.0 but am having difficulties in confinguring ssh. Am using the documetation provided by the connector. But when i try to test for connectivity it is always asking for the passphrase and sometimes the root user password
    Is there another doc that i can use to configure the same?
    Or does any one know of a proper way?
    Please.
    Thank you.

    Thanks for the heads up atleast now after changing the shell to $ and not using the private key we were able to see some progress from jboss even though when try to provision the user, the user is not being created. The promising message we are getting from
    [STDOUT] Target Class = com.thortech.xl.integration.telnetssh.helper.SSHProvisioning
    [TELNETSSH] Setting targetEnglishLocale:export LANG=en_US.UTF-8
    [TELNETSSH] ***SSHRecon:Init: Entered Method
    [TELNETSSH] ***SSHRecon:execute: Entered Method
    [TELNETSSH] Setting targetEnglishLocale:export LANG=en_US.UTF-8
    [TELNETSSH] in ssh
    [TELNETSSH] TelnetSSHUtil/executeCommand :login success
    [TELNETSSH] in ssh
    [TELNETSSH] TelnetSSHUtil/executeCommand :login success
    [TELNETSSH] in ssh
    [TELNETSSH] TelnetSSHUtil/executeCommand :login success
    [TELNETSSH] in ssh
    [TELNETSSH] TelnetSSHUtil/executeCommand :login success
    [TELNETSSH] in ssh
    [TELNETSSH] TelnetSSHUtil/executeCommand :login success
    [TELNETSSH] Recon Ends
    [STDOUT] Running SSHCREATEUSER
    [STDOUT] Target Class = com.thortech.xl.integration.telnetssh.helper.SSHProvisioning
    [TELNETSSH] Setting targetEnglishLocale:export LANG=en_US.UTF-8
    [STDOUT] Running SSHCREATEUSER
    [STDOUT] Target Class = com.thortech.xl.integration.telnetssh.helper.SSHProvisioning
    [TELNETSSH] Setting targetEnglishLocale:export LANG=en_US.UTF-8
    But was unable to verify that the allow root login was set. How do i verify this and where?
    Thanks

  • Steps to develope user name generation event handler in OIM 11gR2

    Friends,
    Can you please provide me steps to develop user name generation event handler in oim 11gR2?
    Thanks,
    Chakri

    Thanks for providing the detailed steps. This is waht i was looking for.
    I will follow these steps and let you know the results.
    Thanks for your support.

  • OIM 11gR2 Add combo box UDF on Create User Form

    Hi.
    We have created a new UDF on user form. It is a lookup field and has the following lookup associated: "Lookup.Users.Continente"
    "Lookup.Users.Continente" has two values, both of them checked as Enabled.
    From the form designer all the values are displayed when selecting one default value so it is reading correctly from the lookup.
    We published the sandbox after this.
    Then we created a new sandbox and tried to add that field to the Create User Page. We went to "Create User Page", customize it and add content from "Data Component - Catalog" -> "userVO" -> Select the UDF, clicked on "Add" and selected "ADF Select One Choice".
    A new combobox is added but no values are shown. We have plublished the sandbox, restarted OIM, purged cache, etc... but it still shows an empty combo box. We have also tried adding it as "ADF Input List of values" but it does not add the field to the create user page.
    Any ideas of what are we doing wrong?
    The idea is very simple, just create a field with the same behaviour as, for example,  "User Type" field. A combobox that displays the enabled values from a lookup...
    We have also tried creating the UDF cheking the searchable option, searchable picklist and all the possible combinations.
    Thanks in advance!!

    oim version is oim 11gR2 with BP4

  • OIM 11gR2 - custom attribute with illegal binding on Create User form in published sandbox

    Hi,
    I think I have managed to paint myself into a corner!
    In OIM 11gR2 I have added a number of custom attributes to the "User Form" - some Text-, some Lookup-type attributes.
    While customizing the "Create User" page within a sandbox and adding a SelectOneChoice item and fiddling around with its binding, I was distracted by a phone call and the browser timed out.
    The binding property on the new item is now not correct and the sandbox has unfortunately been published, and I am now unable to enter the "Create User" page - when I try, I get the following:
    <Sep 23, 2013 2:39:11 PM CEST> <Warning> <oracle.adf.view.rich.component.fragment.UIXRegion> <ADF_FACES-00009> <Error processing viewId: /user/createView URI: /oracle/iam/ui/runtime/form/view/pages/userCreateForm.jsff actual-URI: /oracle/iam/ui/runtime/form/view/pages/userCreateForm.jsff.
    javax.el.PropertyNotFoundException: Target Unreachable, 'ekstraresource1__c' returned null
            at com.sun.el.parser.AstValue.getTarget(AstValue.java:108)
            at com.sun.el.parser.AstValue.isReadOnly(AstValue.java:149)
            at com.sun.el.ValueExpressionImpl.isReadOnly(ValueExpressionImpl.java:248)
            at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer._getUncachedReadOnly(EditableValueRenderer.java:486)
            at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.cacheReadOnly(EditableValueRenderer.java:416)
            at oracle.adfinternal.view.faces.renderkit.rich.LabeledInputRenderer.beforeEncode(LabeledInputRenderer.java:128)
            at org.apache.myfaces.trinidad.render.CoreRenderer.encodeEnd(CoreRenderer.java:340)
    <Sep 23, 2013 2:39:11 PM CEST> <Warning> <oracle.adf.view.rich.component.fragment.UIXRegion> <ADF_FACES-00009> <Error processing viewId: /catalog-tf/cart-details URI: /oracle/iam/ui/catalog/pages/cart-details.jsff actual-URI: /oracle/iam/ui/catalog/pages/cart-details.jsff.
    javax.el.PropertyNotFoundException: Target Unreachable, 'ekstraresource1__c' returned null
            at com.sun.el.parser.AstValue.getTarget(AstValue.java:108)
            at com.sun.el.parser.AstValue.isReadOnly(AstValue.java:149)
            at com.sun.el.ValueExpressionImpl.isReadOnly(ValueExpressionImpl.java:248)
            at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer._getUncachedReadOnly(EditableValueRenderer.java:486)
            at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.cacheReadOnly(EditableValueRenderer.java:416)
            at oracle.adfinternal.view.faces.renderkit.rich.LabeledInputRenderer.beforeEncode(LabeledInputRenderer.java:128)
            at org.apache.myfaces.trinidad.render.CoreRenderer.encodeEnd(CoreRenderer.java:340)
    Caused By: java.io.IOException: javax.el.PropertyNotFoundException: Target Unreachable, 'ekstraresource1__c' returned null
            at oracle.adfinternal.view.page.editor.renderkit.PageCustomizableRenderer.encodeAll(PageCustomizableRenderer.java:764)
            at oracle.adf.view.rich.render.RichRenderer.encodeAll(RichRenderer.java:1396)
            at org.apache.myfaces.trinidad.render.CoreRenderer.encodeEnd(CoreRenderer.java:341)
            at org.apache.myfaces.trinidad.component.UIXComponentBase.encodeEnd(UIXComponentBase.java:767)
            at javax.faces.component.UIComponent.encodeAll(UIComponent.java:937)
            at org.apache.myfaces.trinidad.render.CoreRenderer.encodeChild(CoreRenderer.java:405)
    etc.
    Of course the sandbox should not have been published - but it is - and I am stuck trying to figure out how to somehow undo this mess.
    Is it possible to clean up this mess by diving to the database and removing some rows from the right tables - or perform some other operations undo my mistake?
    Thanks in advance,
    - Tom

    oim version is oim 11gR2 with BP4

  • OIM 11gR2 : User groups not visible on UI

    Hello Experts,
    I have a requirement in which i need to assign the user provisioned to AD to some group(s) depending upon certain conditions like BU, Location etc. I created a Process Task adapter for the same and am able to successfully assign the users to the desired groups.
    But i am able to check for this validity from the Backend only.
    Ideally the groups assigned to the user must be visible after following these steps:
    *1. Search for a user provisioned to AD.
    2. Go the the Accounts tab.
    3. Click on the AD account (to which the user has been provisioned)
    4. A process form is displayed in the lower half of the webpage which also shows the information regarding the groups assigned to the User. But the groups are not getting displayed.*
    Kindly Help.
    Edited by: IDM_newbie on Jan 24, 2013 11:24 PM

    But sir, the groups are listed under the Accounts tab. Is there any schedule job provided by OIM 11gR2 which results in the display of Groups assigned to the user as well under the Accounts tab ?
    Edited by: IDM_newbie on Jan 25, 2013 1:51 AM

Maybe you are looking for

  • Creating a WSDL from a perfectly working Logical DS in ALDSP 3.2

    i am just running to a small issue, i have a created a group of logical Data services. each having its own functionality. it is tested several times and is in fine working condition. i have to create a WSDL from this. these were the steps i followed.

  • Create a pdf from Flash

    I am developing a Flash/Flex based web tool that needs to output a pdf(which will contain dynamically created graphs) that will then be stitched to other pdfs and delivered as a single pdf. Does anyone have any suggestions about where I should start

  • I cant receive sms

    I cant receive sms. When this first happened, I tried to reset my phone and it worked. But after a few days, I cant receive sms again. I tried to transfer my sim card to a different device and I was able to receive sms there.

  • Displaying paths of referenced images

    I would like to see the path to the finder of my referenced images. Not one by one, using "Show in Finder" nor using "Locate refrenced files", but as Metadata. Is there a way to display this information? Other posibility would be to display it in the

  • New Page triggering in SMARTFORMS

    hi all According to my requirement if the subarea of the person changes it should trigger the new-page. I have written the new-page command in Event on sort begin. It is triggering when the subarea changes but the last record of previous subarea is r