OIM 9.1.0.1 :- Create User Operation with Approval.

Similar Messages

• Creating user accounts with OIDDAS and use them from the OS

  Hi,
  I have a customer that is experiencing an error creating user accounts from OIDDAS, and use that user accounts from the operating system.
  My customer is using OID/OAS4OS 10.1.4.2.0, and that version is not longer available to download, then, I will try in my own environment
  with OID/OAS4OS 10.1.4.3.0.
  And the question is the following: is supported to create user accounts with OIDDAS and expect that users can work with OAS4OS and be
  able to authenticate in the operating system?
  For the reference, SR# 7222351.993:
  Thanks,
  Luis Vivero.
  Edited by: LV in ORCL on Dec 11, 2008 6:47 AM

  Hi Jacco,
  I didn't see your post before.
  Nop, unfortulately I don't have a document with that. I just received that answer
  from development (related to the plugin for AD that is not certified, and DAS is
  not intended to work with OAS4OS).
  Anyway, about the plugin to work with AD, this is working for me; at least I tested
  it by configuring the plugin, I configured synchronization, the mapping file, I did
  the bootstrap, and the accounts that were bootstraped now shows the OS attributes
  on DAS.
  Regards,
  Luis Vivero.

• OIM Provisioning - Error during OID Create User Task

  Hi,
  I am getting the following error during OIM Provisioning to OID (Create User Task).
  I added few more attributes to the OID_USR form and then to the "OID User" Process Definition.
  Also, I added the Code/Decode Key Values in AttrName.Prov.Map.OID.
  DEBUG,08 Dec 2010 21:19:04,547,[XELLERATE.SERVER],Class/Method: tcDataBase/readPartialStatement entered.
  ERROR,08 Dec 2010 21:19:04,555,[XELLERATE.ADAPTERS],Class/Method: tcAdapterMappingUtility/getRunTimeVariable Mappings encounter some problems: No data available for variable having key = 350
  ERROR,08 Dec 2010 21:19:04,555,[XELLERATE.ADAPTERS],Class/Method: tcAdapterMappingUtility/getRunTimeVariable Mappings encounter some problems: No data available for variable having key = 350
  java.lang.Exception: No data available for variable having key = 350
  Earlier, before adding these attributes, the OID Create User Task was working. So I belive this is from the newly added attributes.
  Questions:
  - How to identity the attribute with this key? It looks like some of the attribute values that it gets during Run Time is not populated correctly. Any suggestions?
  - "key = 350"- Is there a database table that this gets stored? SPD? or anything else?
  Regards
  Vijay Chinnasamy

  @Keviin,
  I added 13 new attributes and corresponding "* Updated" Tasks.
  For all these, ProcessInstanceKey is mapped to Process Data -> Process Instance.
  I am going to validate the mappings again. Also, I noticed, some of the fields that I am prepopulating is not populated.
  Regards
  Vijay Chinnasamy

• How Do I Create User Account with "limited admin rights"?

  Hello;
  I would like to give a handful of users the ability to login to the DCC and enable them to add/delete/modify users and or hosts only, I.e. People and/or hosts.
  Is there anyway to:
  1.  Make a user with this admin capability?
  2.  Segregate the containers they are able to modify?
  Thanks to all in advance.

  BobM53, That would be needed regardless of what front end my users log in with, in my case I was looking for them to access the DIT via the DSCC/DCC, which is not possible.  Regardless, thank you for your reply, it is reassuring to know I am headed in the right direction.
  I am now looking towards installing something else like Apache Directory Studio, or some other GUI for users to manage the directory. 
  I will most likely create one or more ACI's to build groups, adding members to those groups as needed; each group being allowed to perform functions such as create users, lockout users, add/modify hosts, etc.
  I will most likely follow the steps outlined in:
  Directory Server Groups, Roles, and CoS - 11g Release 1 (11.1.1.7.0)
  Slightly OT, does anyone have a suitable and similar proven method to "lockdown" root accounts, and who has root access?
  Thank you

• Creating user starting with a numeric

  Hi,
  When I try to create a user like 1234a, identified by pwd, it is not allowing me to do that. Is there any kind of setting which prevent the user from creating a user like that.If I do a "1234a" it takes that and when I login I have to say "1234a".
  Appreciate your help
  Vinod

  U can't create a user starting with a numeric value. But as u mentioned
  we can create it like "123". But I dont think while connecting we have to mention it as "123". Instead you can connect as 123.

• Newly created user packages with no admin rights

  Hi all,
  Have already opened a ticket with Novell on this one as i've never seen it before...
  Have upgraded a site to ZFD7 SP1 IR2 using the iso's from the Novell site, so it's a full upgrade install, everything went perfectly on the server, consoleone snapins upgraded fine and all
  however, if I try and create a user package with consoleone from the server, it hangs and never completes and I end up with packages with no rights for any users, so i'm unable to edit, delete or do anything with them
  also tried using a workstation with IR4 snapins which gives the same result, using a spare consoleone with earlier zfd7 snapins I can create packages with no issues
  Anyone run into this before and will we be able to get rid of these objects from the tree?
  And are the IR4 snapins not compatable with IR2?

  gleach1,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• Work Orders are been creating two Operations with no Hours

  Hi Team,
  We have recently changed to configuration settings so that Notification would be created automatically along with the Orders.
  Due to this, whenever we try to change the Old orders (which were created before configuration changes), a new operation line is been updated. This new operation line doesnt has any Hours, only the description of the Work Order is been copied.
  Request your quick thoughts on how we can avoid the second operation line being created.
  Thanks & Regards,
  Sindhu

  I would recommend posting whatever sample code you have so far.  You may be making this much more complicated than it really is.
  What are your inputs?  Are they strings with the characters B and 5?  Is it a single string character of ASCII value hexB5?  Is it a numeric integer?  If it is an integer, what is its numeric representation I8, U8, I16, U16 ....?
  If they are integers with a hex display setup, you would be able to directly OR them together.
  Ravi0709 wrote:
  2) I have one more doubt but not related to above question........we can change the display(indicator) according to our requirements......like normal, hex, binary etc.....but how to make use of same changed radix no. in futher ckt........!!!!!!
  What does "ckt" mean?  Remember, the format and precision just determine how the value is displayed.  And the radix is just a visual indicator of the format.  They still have the same value no matter how it is displayed.
  Message Edited by Ravens Fan on 10-16-2007 09:38 AM
  Attachments:
  Example_BD.png ‏2 KB

• Creating pages,item WITH approval.

  Hi,
  I found out how to create a page and add an item to that page automatically. But now I need to find out how to use this with approval.
  1) I noticed that approval only exists on the item level and not the page level. Is this correct?
  2) How can I make that the page/item I create automatically, has to be approved? The approval will be done in a normal way, through the existing approval portlet. Normally one should enable approval control on the page, create a user and give this user the 'manage items with approval' rights, all items published by this user, will not be published before approval.
  Can someone provide an example, on how to mark an item for approval programmatically?
  The function add_item contains a parameter 'p_author - Author of the item.'. Can this be used, as I enable the author to 'manage items with approval'?
  Cheers
  B.
  Message was edited by:
  Ratjeuh

  Even If I bypass the public user problem and do the following:
  -- create new page
      l_new_page_id := wwsbr_api.add_folder(  p_caid             => l_caid,
                                              p_name             => l_uppertext,
                                              p_display_name     => l_text,
                                              p_type_id          => wwsbr_api.FOLDER_TYPE_CONTAINER,
                                              p_type_caid        => wwsbr_api.SHARED_OBJECTS
      -- Process cache invalidation messages.
      wwpro_api_invalidation.execute_cache_invalidation;
      portal.wwctx_api_private.set_context( p_user_name => 'NEEDAPP', p_password => 'dummy');
      -- create new item
      l_text_item := 'This is a new item on the new page';
      l_new_item_master_id := wwsbr_api.add_item( p_caid              =>  l_caid,
                                                  p_folder_id         => l_new_page_id,
                                                  p_display_name      => 'This is the display name',
                                                  p_type_id           => wwsbr_api.ITEM_TYPE_TEXT,
                                                  p_type_caid         => wwsbr_api.SHARED_OBJECTS,
                                                  p_region_id         => 0,
                                                  p_text              => l_text_item
      -- Process cache invalidation messages.
      wwpro_api_invalidation.execute_cache_invalidation;
      wwctx_api.clear_context;
      owa_util.redirect_url(curl => l_back_url || '&' || l_reference_path || '.p_text=' || l_text);So, I change the context in my code to make sure that the item is created by the user NEEDAPP. This works, the page is created first (by the user who invoked the portlet) and an item is placed on the page. I can even see the item showing up in my 'PENDING ITEMS LIST' for approval.
  BUT
  After the procedure I am NOT redirected to the page where I submitted the form bu instead I get an error:
  Fout: De listener heeft het volgende bericht geretourneerd: 503 Service Unavailable
  What is the problem?

• Create user profile with custom desktop settings

  Hello everyone. I was wanting to create a new user profile called Testing and make it so that the account is only able to see 2 desktop icons.
  Here is the problem I'm having. I have setup the default user as well as the All user profile to have specific icons on the desktop. These icons are coming from /ALL USERS which means if I delete them they go away for everyone. How can I make it so that this user profile only sees the 2 icons requested but doesn't affect the ALL USERS or Default User profiles ? Thanks for any solutions.

  xsisbest,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• Create users radius with privilege levels

  hello
  i have a question.. i want to build a test network with some switches and routers
  but i want to be able to control the users..
  and with control i mean, don't let them to be able to delete the flash: or to delete some nat translations.
  is there a way to do this? and i going to use of a windows server 2008 R2 with radius
  thanks allot

  Hi,
  This link answers your question.
  http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00800949d5.shtml
  aaa authori command is not reqd.
  Regards,
  ~JG
  Do rate helpful posts

• OIM 11g error while creating users on screen

  Hi All,
  while creating the users in OIM on screen following error is thrown in the web console.
  An error occurred while performing create user operation. An error occurred while executing the kernel event handler.
  please find the OIM server logs below.
  <Connection for pool "oimOperationsDB" closed.>
  ####<Sep 5, 2012 11:22:30 AM IST> <Info> <Health> <blr-idm-app01.wipro.com> <oim_server1> <weblogic.GCMonitor> <<anonymous>> <> <4c00c82b0a97856d:-1e040449:1399130671f:-8000-000000000000008f> <1346824350538> <BEA-310002> <16% of the total memory in the server is free>
  <Connection for pool "mds-oim" closed.>
  <Connection for pool "mds-owsm" closed.>
  <Connection for pool "oimJMSStoreDS" closed.>
  <Created "1" resources for pool "mds-owsm", out of which "1" are available and "0" are unavailable.>
  <Created "1" resources for pool "mds-oim", out of which "1" are available and "0" are unavailable.>
  Thanks,
  Power.

  You can increase the connection pool size for data source "oimOperationsDB" through Web-logic Admin console.
  See if you still get error then the issue is not with connection pool .

• How to create a duplicate of the Manager ID field in the Create user menu

  Hi,
  I´m trying to create a duplicate of the Manager ID field in the Create user menu (with a different label). I need to add it a field with the same funtionality of the Manager ID field (search users with filters) but I don´t know how.
  I try to made a new adapter using the Thor.API.Operations.tcUserOperationsIntf but it don´t let me to map the input parameters.
  Also I try to assing an existent Lookup to a new UDF, but I couldn´t find the correct one.
  Did anybody do that??
  Thanks!

  Hi Kevin,
  First I created a a user defined field called USR_UDF_CONDUCTOR (Lookupfield type).
  Then I added the following lines to de FormMetaData.xml file:
  </Attribute name="-750" label="global.label.conductor" displayComponentType="LookupField" variantType="long" dataLength="50" map="USR_UDF_CONDUCTOR">
  <ValidValues lookupMethod="findUsersFiltered" operationClass="Thor.API.Operations.tcUserOperationsIntf" displayColumns="Users.User ID,Users.Last Name,Users.First Name" selectionColumn="Users.User ID"/>
  </Attribute>
  <AttributeReference editable="true" optional="true">-750</AttributeReference>
  When I try yo Create a new user, the OIM System Administrator returns a System Error.

• Creating user in oracle through JDBC

  I m trying to create a user in oracle through jdbc. When I m creating user through SQL plus I m able to do it successfully but when I m doing it through java code I can see that user�s entry in dba_users & dba_role_privs tables.But when I am trying to drop that user I get message �User doesn�t exist�. Also when I am trying to logged in through the newly created user (one that I have created through code)in SQL Plus , I get error �ORA-01017: invalid username/password ; logon denied�.If user doesn�t exist then how can I see it�s entry in dba_users & dba_role_privs?? One more thing �. I can drop that user through code but not using SQL Plus.
  This is the code�.In this code I have logged in using system-manager & I m trying to create user test88 with password test88.I am granting 3 roles to this user Connect , Resource & DBA same as Scott �Tiger. Please help.
  import java.sql.Connection;
  import java.sql.DriverManager;
  import java.sql.SQLException;
  import java.sql.Statement;
  public class OracleDB1 {
  public static final String isSUCCESS = "SUCCESS";
  public static final String isORACLE = "ORACLE";
  public static final String isFail = "ERROR";
  public String dbDriver;
  public String dbURL;
  public String dbUserName;
  public String dbName;
  public String dbPassword;
  public String dbType;
  private Connection con;
  private Statement stmt;
  * @param s Username
  * @param s1 Indentified by
  * @param s2 tablespace
  * @param s3
  * @return
  * @throws SQLException
  * @throws ClassNotFoundException
  public String createUserOracle(String s, String s1, String s2, String s3)
  throws SQLException, ClassNotFoundException {
  System.out.println("Creating user method ");
  String s4 = "";
  if (!s2.equals("")) {
  if (!s3.equals("")) {
  s4 = new String("CREATE USER \"" + s + "\" IDENTIFIED BY \""
  + s1 + "\" DEFAULT TABLESPACE " + s2 + " QUOTA " + s3
  + " ON " + s2);
  else {
  s4 = new String("CREATE USER \"" + s + "\" IDENTIFIED BY \""
  + s1 + "\" DEFAULT TABLESPACE " + s2
  + " TEMPORARY TABLESPACE TEMP QUOTA UNLIMITED ON " + s2);
  else {
  s4 = new String("CREATE USER \"" + s + "\" IDENTIFIED BY \"" + s1
  + "\"");
  try {
  con = this.init();
  System.out.println("The new user statemeent " + s4);
  stmt = con.createStatement();
  System.out.println("The new user statemeent " + s4);
  stmt.execute(s4);
  System.out.println("the info success "+stmt.SUCCESS_NO_INFO);
  stmt.close();
  } finally {
  if (null != con) {
  con.close();
  return "SUCCESS";
  public String grantRightsOracle(String s)
  throws SQLException, ClassNotFoundException
  String s1 = new String("GRANT connect , resource , dba to \"" + s + "\"");
  try
  con=this.init();
  stmt = con.createStatement();
  System.out.println("granting "+s+"with the connect priveleges");
  stmt.execute(s1);
  stmt.close();
  finally
  if(null != con)
  this.close(con);
  return "SUCCESS";
  public Connection init() throws SQLException, ClassNotFoundException {
  System.out.println("initialising");
  Class.forName("oracle.jdbc.driver.OracleDriver");
  dbURL = "jdbc:oracle:thin:@localhost:1521:priya";
  con = DriverManager.getConnection(dbURL, "system", "manager");
  return con;
  public void close(Connection connection) throws SQLException {
  if (!connection.isClosed()) {
  connection.close();
  public String disableUserOracle(String s) throws SQLException,
  ClassNotFoundException {
  String s1 = "REVOKE CONNECT, RESOURCE, SELECT ANY TABLE FROM \"" + s
  + "\"";
  try {
  con = this.init();
  stmt = con.createStatement();
  stmt.execute(s1);
  stmt.close();
  } finally {
  if (null != con) {
  this.close(con);
  return "SUCCESS";
  public String deleteUserOracle(String s) throws SQLException,
  ClassNotFoundException {
  String s1 = new String("DROP USER \"" + s + "\" CASCADE");
  try {
  con = this.init();
  stmt = con.createStatement();
  stmt.execute(s1);
  stmt.close();
  } finally {
  if (null != con) {
  this.close(con);
  return "SUCCESS";
  public static void main(String args[]) {
  String s = "";
  OracleDB1 oracleoperations = new OracleDB1();
  try {
  System.out.println("creating user");
  s = oracleoperations.createUserOracle("test88", "test88", "", "");
  System.out.println("creating user is " + s);
  s=oracleoperations.grantRightsOracle("test88");
  System.out.println("granting rights" + s);
  //s=oracleoperations.deleteUserOracle("test88");
  //System.out.println("deleting user" + s );
  } catch (Exception exception) {
  exception.printStackTrace();

  I read that by default, JDBC uses an operation mode called auto-commit. This means that every update to the database is immediately made permanent.Still for this program I have tried connection.commit() also , Still it is not working.
  I think that problem is not with commit otherwise I shouldn't be able to see that newly created user entry in these tables from Sql Plus:-
  1)DBA_ROLE_PRIVS
  2) DBA_USERS
  3) DBA_sys_privs
  Ya but these is no entry in DBA_OBJECTS table for this user.

• Create User With JMX

  Attempting to invoke the createUser operation (using Version 10.0) is resulting in:
  Runtime Exception while calling invoke. Invoking management operations on Realm, UserLockoutManager and Security Provider MBeans via Edit MBeanServer is illegal.
  I can see nothing in the docs that says this opertaion is not permitted. Is there an example somewhere of code that successfully does this in case I'm missing something?

  Hi Gabi,
  oops, sent that previous post by accident before I was done... <grin>
  Here is how you want to do it programmatically
  BasicRealm realm = Security.getRealm(); //weblogic.sercurity.acl
  ListableRealm realmDump = null;
  //cast the realmDump to ListableRealm so we can call methods like newUser, newGroup, etc.
  try {
  realmDump = (ListableRealm)realm;
  } catch (Throwable t) {
  System.out.println("Could not cast realm to realmdump -- the realmClass is not a
  ListableRealm");
  out.print("Could not cast realm to realmdump -- the realmClass is not a
  ListableRealm");
  //now you can call any ListableRealm method off of realmDump
  //for example....
  Enumeration enum = realmDump.getGroups();
  That should do it. You could put that code in a servlet or JSP and it will work just fine.
  I'm not sure exactly what packages you need to import, other than the fact that
  weblogic.security.* will be a must
  Cheers,
  Joe Jerry
  Gabi wrote:
  Hi,
  In a production environment, where there is a need to set the environment in a
  transparent way (to the user), is it possible to create User/Group/ACL programmatically?
  that is, for instance, using the management extension (JMX) to get a security
  MBean with a "create user" operation.
  cheers,
  Gabi,

• How to delete line item in a Work Order (only a line created in operation)

  Hi,
  I have created a refurbishment order to refurbish a mechanical seal at external parties. In the work order operation tab, I have created one line items for this purpose and a Purchase Requisition is generated. Suddenly, operation decided to cancel this request and I have problem to delete the Work Order and  Purchase Requisition. I have tried to delete the operation line item but failed. This is the message when try to delete the line item " The last active operation cannot be deleted".  Appreciate help on how to delete this Work Order and Purchase Requisition.
  Edited by: Zahari Yusof on Apr 4, 2008 3:20 AM

  hi
  In Standard SAP while creating an order the short text you are specifying will automatically appear in the first operation,also in order system will ask you to enter atleast single operation ,hence it is not possible to delete the operation line ,
  what you can do this either TECO the order which will clear any open PR for this
  or create another operation with control key for internal activities say dummy with operation no 20 and save,then go in to order in change mode and try to delete the operation line 10 ,i think system will allow you to do that
  regards
  thyagarajan