OIM 9102 , AD Password Sync 91x, JBoss 423GA - issue over SSL port.

Followed the steps describe in "Deploying the connector"
http://download.oracle.com/docs/cd/E11223_01/doc.910/e11218/install_config.htm#insertedID0
section
Pre-Installation both SSL n non-SSL works for SPML verification.
For JBoss Application Server:
http://IP ADDRESS:8080/spmlws/services/HttpSoap11
https://IP ADDRESS:8443/spmlws/services/HttpSoap11
Post Installation - configured SSL.
On AD machine logs following error message is displayed:
MAX_RETRY LIMIT count is not updated: OIM is down
Following meta-link ID 1073889.1
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&doctype=PROBLEM&id=1073889.1
explains to verify 'oimhost and oimport' - oimhost is machine ip address ( AD machine is able to ping OIM machine through ip address and machine name )
oimport is 8443
Any suggestion.
Or anyone previously successfully deployed password sync over SSL for OIM 9102 and AD Password sync 91x,
as i found a similar thread in OTN forum where user had issues over SSL.

Did anyone resolve this issue? I have the same running SSL Password Sync on OAS 10.1.3.4 and OIM 9.1.0.2 BP09a with AD 2003.
Debug [7/8/2010 6:35:45 AM] oimport is
Debug [7/8/2010 6:35:45 AM] 4443
Debug [7/8/2010 6:35:45 AM]
Debug [7/8/2010 6:35:45 AM] oimsslclient is
Debug [7/8/2010 6:35:45 AM] nw-dc-01.nwocaland.nwoca.org
Debug [7/8/2010 6:35:45 AM]
Debug [7/8/2010 6:35:45 AM] oimuserattr is
Debug [7/8/2010 6:35:45 AM] USR_UDF_SAM_ACCTNAME
Debug [7/8/2010 6:35:45 AM]
Debug [7/8/2010 6:35:45 AM] oimusessl is
Debug [7/8/2010 6:35:45 AM] Y
Debug [7/8/2010 6:35:45 AM]
Debug [7/8/2010 6:35:45 AM] oimappservertype is
Debug [7/8/2010 6:35:45 AM] 2
Debug [7/8/2010 6:35:45 AM]
Debug [7/8/2010 6:35:45 AM] End of sgsloidi::getConfigParamters
Debug [7/8/2010 6:35:45 AM] Inside sgsloidi::setParameters
Debug [7/8/2010 6:35:45 AM] The SOAP start element is
Debug [7/8/2010 6:35:45 AM] <SPMLv2Document xmlns="http://xmlns.oracle.com/OIM/provisioning">
Debug [7/8/2010 6:35:45 AM] The SOAP end element is
Debug [7/8/2010 6:35:45 AM] </SPMLv2Document>
Debug [7/8/2010 6:35:45 AM] The path is
Debug [7/8/2010 6:35:45 AM] /spmlws/HttpSoap11
Debug [7/8/2010 6:35:45 AM] End of sgsloidi::setParameters

Similar Messages

  • OIM AD reverse password sync from one AD instance to multiple OIM instances

    Hi All,
    I have a followind scenario. My client is having multiple offices across the globe. They have OIM installed and configured in each location in each country to manage there local applications. Client also has a Global LDAP which is common across all the offices worldwide.
    My requirement is then i need to setup reverse password sync from Global LDAP to all the OIM sysem across the Globe. As per the reverse password sync connector i can only define one OIM system to sync the password.
    Can you please suggest me some way to achieve this functionality? Is it possible to install more than one password sync connector and configure them with different OIM systems?
    Thanks
    Yogesh

    I have one AD instance and n OIM instances. Can i install multiple AD-OIM passwordd sync components on the same AD machine and configure each component with various OIM's?

  • Password Sync not happening in AD with SSL 636

    I am working on OIM 9.1.0. I followed the Connector Guide for Microsoft Active Directory Password Synchronization.(Connector version 9.1.1)
    Configured AD with SSL. AD SSL Provisioning (636) is working fine.
    Configuration of SSL on Weblogic was done (generation of keys, signing, export, etc) & imported the Certificate in AD.
    Installed Password Sync on AD(389) without SSL & it worked.
    I re-configured it to SSL (AD 636) but it shows errors
    Can anyone give some info on it.
    ***********Inside sgslldpcopenLDAPConnection****************
    Debug [2/9/2012 4:43:35 PM] Inside sgsladac c-tor
    Debug [2/9/2012 4:43:35 PM] AD Host
    Debug [2/9/2012 4:43:35 PM] 10.129.149.131
    Debug [2/9/2012 4:43:35 PM]
    Debug [2/9/2012 4:43:35 PM] AD Port
    Debug [2/9/2012 4:43:35 PM] *636*
    Debug [2/9/2012 4:43:35 PM]
    Debug [2/9/2012 4:43:35 PM] AD Base DN
    Debug [2/9/2012 4:43:35 PM] DC=oimpad,DC=com
    Debug [2/9/2012 4:43:35 PM]
    Debug [2/9/2012 4:43:35 PM]
    Debugging the code
    Debug [2/9/2012 4:43:35 PM] Inside ConnectToADSI
    Debug [2/9/2012 4:43:35 PM]
    ldap_connect failed with
    Debug [2/9/2012 4:43:35 PM] Server Down
    Debug [2/9/2012 4:43:35 PM]
    Debug [2/9/2012 4:43:35 PM]
    Connection to AD failed
    Debug [2/9/2012 4:43:35 PM]
    ***********Out of openLDAPConnection****************
    Debug [2/9/2012 4:43:35 PM] Inside sgsladac destructor
    Debug [2/9/2012 4:43:36 PM] Datastore --- Connect to AD
    Debug [2/9/2012 4:43:36 PM]
    ***********Inside sgslldpcopenLDAPConnection****************
    Debug [2/9/2012 4:43:36 PM] Inside sgsladac c-tor
    Debug [2/9/2012 4:43:36 PM] AD Host
    Debug [2/9/2012 4:43:36 PM] 10.129.149.131
    Debug [2/9/2012 4:43:36 PM]
    Debug [2/9/2012 4:43:36 PM] AD Port
    Debug [2/9/2012 4:43:36 PM] 636
    Debug [2/9/2012 4:43:36 PM]
    Debug [2/9/2012 4:43:36 PM] AD Base DN
    Debug [2/9/2012 4:43:36 PM] DC=oimpad,DC=com
    Debug [2/9/2012 4:43:36 PM]
    Debug [2/9/2012 4:43:36 PM]
    Debugging the code
    Debug [2/9/2012 4:43:36 PM] Inside ConnectToADSI
    Debug [2/9/2012 4:43:36 PM]
    ldap_connect failed with
    Debug [2/9/2012 4:43:36 PM] Server Down
    Debug [2/9/2012 4:43:36 PM]
    Debug [2/9/2012 4:43:36 PM]
    Connection to AD failed
    Debug [2/9/2012 4:43:36 PM]
    ***********Out of openLDAPConnection****************
    Regards,
    Praveen

    Both the URLs are working & I configured the SSL one. Telnet to the port also happens with IP & hostname in OIM & Ad servers
    http://pwoim:7001/spmlws/OIMProvisioning
    https://pwoim:7002/spmlws/OIMProvisioning

  • Configuration of Password Sync & JMS Listener in fail over in SUN IDM 7.1

    HI All,
    We are having a set up with IDM running on two Sun application servers pointed to single repository. Sun webserver Reverse Proxy has configured for load balancing.
    We have configured JMS Listener adapter for Password Sync and JMS Listener Sync is running on Instance1*
    and I copied a copy of .bindings file from Instance1 to Instance2 (I doubt whether this is correct or not) by keeping in mind about load balancing with Reverse Proxy.
    Issue
    Some times the JMS Listener Sync running on Instance1 is hanging (no polling is happening) and password changes are not happening. To make password changes happen, we are restarting Application server of Instance1 and with this some password are failing to synchronize.
    I want to configure High availability or Failover to overcome the above issue.
    [http://docs.sun.com/source/819-6123/IDM_admin_passwordsync.html#wp25192] not having any detailed steps to configure failover.
    Please provide valuable suggestions
    Thanks In Advance
    Madhu

    The problem appears to be machine account password changes that pass null or corrupted values. Machine accounts are like users, but the password change occur automatically between machine and DC so that the client can be a member of the domain.
    We turned up the Password Sync logging were able to see the machine name that occurred before each event, and then researching those machines identified them as NT 4.0 workstations. It turns out that NT 4.0 machines cycle their password every 7 days, down to the second. To say that we were surprised to find these machines still on the network was an understatement.
    Contact support for this issue. They have been working on a patch for this.
    Jason

  • AD Password Sync connector 9.1.1 With OIM 11g R2 - ERROR OVER SSL

    I have set up AD password sync with from AD to OIM 11G R2
    The password syncs from AD to OIM 11G R2 on non ssl port 389.
    But if fails on SSL Port 636.
    Errors in OIMMain.Log:_
    Debug [10/11/2012 10:49:34 AM] Inside ConnectToADSI
    Debug [10/11/2012 10:49:34 AM]
    ldap_connect failed with
    Debug [10/11/2012 10:49:34 AM] Server Down
    Debug [10/11/2012 10:49:34 AM]
    Steps Carried Out thus far:_
    AD is up and running.
    Configured AD Password Sync Connector on 636 and selected ssl.
    Created Certificate on OIM host, configured custom identity key store on weblogic. Restarted Weblogic.
    Imported Certificate to AD. After this, restarted the AD
    I can Telnet port 636 from OIM Box and also connect to AD through LDAP Browser on 636 and view OU and CN, so this seems fine.
    Provisioning from OIM through Connector Server to AD works over SSL and this works fine.
    Help would be appreciated.
    Many Thanks

    This question is now been fixed.
    Instead of explicitly stating 636 for SSL,
    Use the same port 389 for ssl and also configured oim port to be 140001 which is the ssl port for oim in the configuration of OIM Password Sync.
    Export Certificates from AD to java security keystore and to weblogic keystore
    Export .pem certificate created on OIM host machine to AD.
    Restart weblogic, oim and AD
    Everything would work fine.
    For all the other information, refer to doc.
    Thanks

  • Problem with  ActiveDirectory Password Sync  in OIM 11gR2

    Hi,
    I installed active directory password sync connector successfully and i enabled SPML web-service also .but the problem is while changing password in AD it is not reflecting in OIM
    log info in 20120930082425511_adsi_debug file is
    Debug [09/30/12 08:24:25] CONFIG VALUE LENGTH
    Debug [09/30/12 08:24:25] 330
    Debug [09/30/12 08:24:25]
    Debug [09/30/12 08:24:25]
    Debug [09/30/12 08:24:25] Before adding configsync attributes
    Debug [09/30/12 08:24:25]
    sgslrgac instance
    Debug [09/30/12 08:24:25] User Name --->
    Debug [09/30/12 08:24:25] padmaja
    Debug [09/30/12 08:24:25]
    Debug [09/30/12 08:24:25] RelativeId:
    Debug [09/30/12 08:24:25] 1152
    Debug [09/30/12 08:24:25]
    Debug [09/30/12 08:24:25]
    sgsladac Instance
    Debug [09/30/12 08:24:25]
    LDAP Connected
    Debug [09/30/12 08:24:25] search string :
    Debug [09/30/12 08:24:25] (&(objectCategory=person)(objectClass=user)(sAMAccountName=padmaja))
    Debug [09/30/12 08:24:25]
    Debug [09/30/12 08:24:25] Connected to ADSI
    Debug [09/30/12 08:24:25] After Search
    Debug [09/30/12 08:24:25] SID::
    Debug [09/30/12 08:24:25] S-1-5-21-2856378657-228540474-388709823-1152
    Debug [09/30/12 08:24:25]
    Debug [09/30/12 08:24:25] DN::
    Debug [09/30/12 08:24:25] CN=padmaja,OU=Users1,DC=odc,DC=com
    Debug [09/30/12 08:24:25]
    Debug [09/30/12 08:24:25] GUID:::
    Debug [09/30/12 08:24:25] YzyFkltH9UqYuk/zbJiSuQ==
    Debug [09/30/12 08:24:25]
    Debug [09/30/12 08:24:25] after ladp search
    Debug [09/30/12 08:24:25] Success sgsldpap
    Debug [09/30/12 08:24:25]
    Passlen populated :
    Debug [09/30/12 08:24:25] 266
    Debug [09/30/12 08:24:25]
    Debug [09/30/12 08:24:25]
    Moving sgsloidi from asynchSystem
    Debug [09/30/12 08:24:25] Store Object populated
    Debug [09/30/12 08:24:25] [getObjectGuid=YzyFkltH9UqYuk/zbJiSuQ==
    getPasswordLen=266
    getUserDn=CN=padmaja,OU=Users1,DC=odc,DC=com
    getUserId=padmaja
    Debug [09/30/12 08:24:25]
    ***end of status
    Debug [09/30/12 08:24:25]
    Out of sgsloidi from asynchSystem
    Debug [09/30/12 08:24:25]
    Before Free
    Debug [09/30/12 08:24:25]
    After Free
    Thanks,

    Hi,
    This is my Error in OIM Log file :
    Debug [10/01/12 02:11:17] Search result fetched
    Debug [10/01/12 02:11:17] 2:430 7 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAShm+mp7fKU2Dv/gbeNNOrgAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAAB7L8K4A9Eylj2yszNBI3x8VxQPEE7sA4HxLJehzytXBgAAAAAOgAAAAAIAACAAAACNbZQoSKuTFqSE6kbzrRONowt74kZX2/BoFbZ8249xTUAAAAAVM3ikVDndtYiDqBaZL1t9K17ptPUm7XrpFMRiF0OiyR1cPGq/n/CIElmHiwH43eHRNVGv0jI5vPYveKudnkWBQAAAAIn4+NxxMGHP3SBAngDcKLDAhoMfzJpsfteiAIjPePW2mWodSRWOUZvmjRKmbv+A/Pa2Dzce5UNkjaVlvBz41lQ=
    Debug [10/01/12 02:11:17] --------------------&&&----------------
    Debug [10/01/12 02:11:17] Inside sgsladds::sgsladdsgetData NEW Look
    Debug [10/01/12 02:11:17] 2:430 7 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAShm+mp7fKU2Dv/gbeNNOrgAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAAB7L8K4A9Eylj2yszNBI3x8VxQPEE7sA4HxLJehzytXBgAAAAAOgAAAAAIAACAAAACNbZQoSKuTFqSE6kbzrRONowt74kZX2/BoFbZ8249xTUAAAAAVM3ikVDndtYiDqBaZL1t9K17ptPUm7XrpFMRiF0OiyR1cPGq/n/CIElmHiwH43eHRNVGv0jI5vPYveKudnkWBQAAAAIn4+NxxMGHP3SBAngDcKLDAhoMfzJpsfteiAIjPePW2mWodSRWOUZvmjRKmbv+A/Pa2Dzce5UNkjaVlvBz41lQ=
    Debug [10/01/12 02:11:17] Encoded Data Extracted in sgsladdsgetData
    Debug [10/01/12 02:11:17] 430 7 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAShm+mp7fKU2Dv/gbeNNOrgAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAAB7L8K4A9Eylj2yszNBI3x8VxQPEE7sA4HxLJehzytXBgAAAAAOgAAAAAIAACAAAACNbZQoSKuTFqSE6kbzrRONowt74kZX2/BoFbZ8249xTUAAAAAVM3ikVDndtYiDqBaZL1t9K17ptPUm7XrpFMRiF0OiyR1cPGq/n/CIElmHiwH43eHRNVGv0jI5vPYveKudnkWBQAAAAIn4+NxxMGHP3SBAngDcKLDAhoMfzJpsfteiAIjPePW2mWodSRWOUZvmjRKmbv+A/Pa2Dzce5UNkjaVlvBz41lQ=
    Debug [10/01/12 02:11:17] Moving out sgsladdsgetData
    Debug [10/01/12 02:11:17] Encoded Data Extracted
    Debug [10/01/12 02:11:17] 430 7 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAShm+mp7fKU2Dv/gbeNNOrgAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAAB7L8K4A9Eylj2yszNBI3x8VxQPEE7sA4HxLJehzytXBgAAAAAOgAAAAAIAACAAAACNbZQoSKuTFqSE6kbzrRONowt74kZX2/BoFbZ8249xTUAAAAAVM3ikVDndtYiDqBaZL1t9K17ptPUm7XrpFMRiF0OiyR1cPGq/n/CIElmHiwH43eHRNVGv0jI5vPYveKudnkWBQAAAAIn4+NxxMGHP3SBAngDcKLDAhoMfzJpsfteiAIjPePW2mWodSRWOUZvmjRKmbv+A/Pa2Dzce5UNkjaVlvBz41lQ=
    Debug [10/01/12 02:11:17] Incrementing the MAX_RETRY LIMIT:
    Debug [10/01/12 02:11:17] 3
    Debug [10/01/12 02:11:17] numretries ======
    Debug [10/01/12 02:11:17] 3
    Debug [10/01/12 02:11:17] Inside sgslcodsupdateChild
    Debug [10/01/12 02:11:17] 3:430 7 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAShm+mp7fKU2Dv/gbeNNOrgAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAAB7L8K4A9Eylj2yszNBI3x8VxQPEE7sA4HxLJehzytXBgAAAAAOgAAAAAIAACAAAACNbZQoSKuTFqSE6kbzrRONowt74kZX2/BoFbZ8249xTUAAAAAVM3ikVDndtYiDqBaZL1t9K17ptPUm7XrpFMRiF0OiyR1cPGq/n/CIElmHiwH43eHRNVGv0jI5vPYveKudnkWBQAAAAIn4+NxxMGHP3SBAngDcKLDAhoMfzJpsfteiAIjPePW2mWodSRWOUZvmjRKmbv+A/Pa2Dzce5UNkjaVlvBz41lQ=
    Debug [10/01/12 02:11:17]
    Encrypted record data updated successfully
    Debug [10/01/12 02:11:17] Inside sgsladac destructor
    Debug [10/01/12 02:11:17] End of sgsloidiOIMGeneralErrorHandler
    Debug [10/01/12 02:11:17] Password updation failed in child process
    Debug [10/01/12 02:11:17]
    Relaxing while processing records from datastore

  • OIM-AD password sync not working

    Hi All,
    I am trying to sync password b/w AD and OIM. I have installed the password sync connector and followed the steps specified in the connector document. However when i change the password in AD, it is not reflected in OIM.
    The connector version is 11.1.1.5. And the following have been done
    1. deployed SPML-DSML service
    2. Tested the SPML-DSML service
    3. Installed the connector
    4. Enabled the logs
    5. Configured IT resource and enabled SSL
    But the password changed in AD is not reflected in OIM. Please let me know if any additional steps have to performed.
    Thanks

    Hi Raghav,
    Please find the log below
    Debug [1/19/2012 3:54:05 PM] Inside sgsladds::sgslperwriteData YOOOO
    Debug [1/19/2012 3:54:05 PM] Inside sgsladac c-tor
    Debug [1/19/2012 3:54:05 PM] AD Host
    Debug [1/19/2012 3:54:05 PM] localhost
    Debug [1/19/2012 3:54:05 PM]
    Debug [1/19/2012 3:54:05 PM] AD Port
    Debug [1/19/2012 3:54:05 PM] 636
    Debug [1/19/2012 3:54:05 PM]
    Debug [1/19/2012 3:54:05 PM] AD Base DN
    Debug [1/19/2012 3:54:05 PM] DC=abc,DC=xyz,DC=com
    Debug [1/19/2012 3:54:05 PM]
    Debug [1/19/2012 3:54:05 PM] Only dataattribute
    Debug [1/19/2012 3:54:05 PM] Got Registry enteries
    Debug [1/19/2012 3:54:05 PM] contact
    Debug [1/19/2012 3:54:05 PM] description
    Debug [1/19/2012 3:54:05 PM] Got Entiredn
    Debug [1/19/2012 3:54:05 PM] OU=oimpwdsynctms.abc.xyz,ou=org1,DC=abc,DC=xyz,DC=com
    Debug [1/19/2012 3:54:05 PM] Encrypted record already exists in Datastore
    Debug [1/19/2012 3:54:05 PM] Already Exists
    Debug [1/19/2012 3:54:05 PM] Encrypted record already exists in Datastore
    Debug [1/19/2012 3:54:05 PM] Already Exists
    Debug [1/19/2012 3:54:05 PM] Inside sgsladdsSearchUser
    Debug [1/19/2012 3:54:05 PM] Firing Search Request
    Debug [1/19/2012 3:54:05 PM] AD search for a user objectGUID is successfull
    Debug [1/19/2012 3:54:05 PM] Count success
    Debug [1/19/2012 3:54:05 PM] Search result fetched
    Debug [1/19/2012 3:54:05 PM] 0:319 10 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA6msQnVk0HkW+zmHr7+2nyAAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAABU2g1ES3TOo35N6+zJPunGAAAAAASAAACgAAAAEAAAAEsx8lF3vt0oEaE0BhubB/A4AAAAl0IEcVLgvhvZryqKTWzBkjEatBoCMvekzXvlLlUfj/moGrX2NgWL9zlmeLKY9scstvPONOalbbgUAAAArNCxOGd02kIZELgCavo2IZpN5ZA=
    Debug [1/19/2012 3:54:05 PM] --------------------&&&----------------
    Debug [1/19/2012 3:54:05 PM] Inside sgsladds::sgsladdsgetData NEW Look
    Debug [1/19/2012 3:54:05 PM] 0:319 10 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA6msQnVk0HkW+zmHr7+2nyAAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAABU2g1ES3TOo35N6+zJPunGAAAAAASAAACgAAAAEAAAAEsx8lF3vt0oEaE0BhubB/A4AAAAl0IEcVLgvhvZryqKTWzBkjEatBoCMvekzXvlLlUfj/moGrX2NgWL9zlmeLKY9scstvPONOalbbgUAAAArNCxOGd02kIZELgCavo2IZpN5ZA=
    Debug [1/19/2012 3:54:05 PM] Encoded Data Extracted in sgsladdsgetData
    Debug [1/19/2012 3:54:05 PM] 319 10 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA6msQnVk0HkW+zmHr7+2nyAAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAABU2g1ES3TOo35N6+zJPunGAAAAAASAAACgAAAAEAAAAEsx8lF3vt0oEaE0BhubB/A4AAAAl0IEcVLgvhvZryqKTWzBkjEatBoCMvekzXvlLlUfj/moGrX2NgWL9zlmeLKY9scstvPONOalbbgUAAAArNCxOGd02kIZELgCavo2IZpN5ZA=
    Debug [1/19/2012 3:54:05 PM] Moving out sgsladdsgetData
    Debug [1/19/2012 3:54:05 PM] Encoded Data Extracted
    Debug [1/19/2012 3:54:05 PM] 319 10 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA6msQnVk0HkW+zmHr7+2nyAAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAABU2g1ES3TOo35N6+zJPunGAAAAAASAAACgAAAAEAAAAEsx8lF3vt0oEaE0BhubB/A4AAAAl0IEcVLgvhvZryqKTWzBkjEatBoCMvekzXvlLlUfj/moGrX2NgWL9zlmeLKY9scstvPONOalbbgUAAAArNCxOGd02kIZELgCavo2IZpN5ZA=
    Debug [1/19/2012 3:54:05 PM] MAX_RETRY LIMIT count is not updated: OIM is down
    Debug [1/19/2012 3:54:05 PM] 0
    Debug [1/19/2012 3:54:05 PM] numretries ======
    Debug [1/19/2012 3:54:05 PM] 0
    Debug [1/19/2012 3:54:05 PM] Inside sgslcodsupdateChild
    Debug [1/19/2012 3:54:05 PM] 0:319 10 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA6msQnVk0HkW+zmHr7+2nyAAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAABU2g1ES3TOo35N6+zJPunGAAAAAASAAACgAAAAEAAAAEsx8lF3vt0oEaE0BhubB/A4AAAAl0IEcVLgvhvZryqKTWzBkjEatBoCMvekzXvlLlUfj/moGrX2NgWL9zlmeLKY9scstvPONOalbbgUAAAArNCxOGd02kIZELgCavo2IZpN5ZA=
    Debug [1/19/2012 3:54:05 PM]
    Encrypted record data updated successfully
    Debug [1/19/2012 3:54:05 PM] Inside sgsladac destructor
    Debug [1/19/2012 3:54:05 PM] Password updation failed in child process
    Debug [1/19/2012 3:54:05 PM]
    Relaxing while processing records from datastore
    I have provided the correct port numbers and also my certificate is same as the OIM server name. But still when the password is changed in AD, its not updated in OIM.
    Thanks,
    Bhavana

  • OIM AD Password Sync issue

    HI,
    I am doing OIM 9.1.01 AD Password Sync.
    I installed AD Password Sync connector in AD Machine. During installation it asked to mention OIM host name and SPML port for that i deployed SMPL in OIM using command line successfully.
    While installation AD Password Sync Connector in Oracle Identity Manager Configuration Parameters i have given like these.
    Host : rwoim
    Port : 8080 (sample value)
    Administrator Login :admin
    Administrator Password: admin1234
    OIM User Attribute : Users.User ID
    OIM Application Server Type : WebLogic
    Use SSL : Yes
    Client Certificate Subject Name : TQL17
    where in Port parameter (Enter the number of the port at which the Oracle Identity Manager SPML Web service is listening.
    Sample value: 8080)
    But i don't know which port SPML using and its enable or not in OIM server. I am strucked at installation.
    Please give any one suggestion.
    regards
    Ramu

    Hi Sagar,
    i had success with OIM AD Password Sync process with AD Port 389 and SPML Port 7001 and passwords are updating from AD to OIM successfully.
    From OIM over AD SSL passwords are updating in AD successfully.
    But when again reinstalled the AD Password Sync connector with AD Port 636, passwords are not updating from AD to OIM.
    Below the log file saying ldap_connect failed with
    Debug [2/6/2012 5:25:35 PM] Server Down
    ***********Inside sgslldpcopenLDAPConnection****************
    Debug [2/6/2012 5:25:35 PM] Inside sgsladac c-tor
    Debug [2/6/2012 5:25:35 PM] AD Host
    Debug [2/6/2012 5:25:35 PM] 10.129.149.137
    Debug [2/6/2012 5:25:35 PM]
    Debug [2/6/2012 5:25:35 PM] AD Port
    Debug [2/6/2012 5:25:35 PM] 636
    Debug [2/6/2012 5:25:35 PM]
    Debug [2/6/2012 5:25:35 PM] AD Base DN
    Debug [2/6/2012 5:25:35 PM] DC=oimad,DC=com
    Debug [2/6/2012 5:25:35 PM]
    Debug [2/6/2012 5:25:35 PM]
    Debugging the code
    Debug [2/6/2012 5:25:35 PM] Inside ConnectToADSI
    Debug [2/6/2012 5:25:35 PM]
    ldap_connect failed with
    Debug [2/6/2012 5:25:35 PM] Server Down
    Debug [2/6/2012 5:25:35 PM]
    Debug [2/6/2012 5:25:35 PM]
    Connection to AD failed
    Debug [2/6/2012 5:25:35 PM]
    ***********Out of openLDAPConnection****************
    Debug [2/6/2012 5:25:35 PM] Inside sgsladac destructor
    regards
    Ramu

  • OIM Password sync connector installation issue

    Hi All,
    I am trying to configure password synchronziation between OIM & Active Directory. while installing AD Password Sync connector on AD Host it is returniing following.
    Error occurred while uploading prepAD.ldif. , please refer to %TEMP%\oimpwdsync.log. Please upload
    prepAD.ldif to Active Directory Domain Controller before applying ACLs.
    Kindly suggest me on this.
    Regards,
    Madhu

    I'm also getting the same error.
    This is the content of the log file :
    (Apr 14, 2011 6:19:27 AM), Install, com.oracle.installshield.adpwd.pathValidator, dbg, Directory does not exists, will get created at the installation time
    (Apr 14, 2011 6:19:38 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, attempting to use the current JVM
    (Apr 14, 2011 6:19:38 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, searching for a JVM
    (Apr 14, 2011 6:19:38 AM), Install, com.installshield.product.service.product.PureJavaProductServiceImpl$Installer, err, ProductException: (error code = 601; message="JVM not found")
    STACK_TRACE: 8
    ProductException: (error code = 601; message="JVM not found")
         at com.installshield.product.actions.JVMResolution.install(JVMResolution.java:171)
         at com.installshield.product.service.product.PureJavaProductServiceImpl$InstallProduct.checkUninstallerJVMResolution(PureJavaProductServiceImpl.java:4793)
         at com.installshield.product.service.product.PureJavaProductServiceImpl$InstallProduct.install(PureJavaProductServiceImpl.java:4554)
         at com.installshield.product.service.product.PureJavaProductServiceImpl$Installer.execute(PureJavaProductServiceImpl.java:3758)
         at com.installshield.wizard.service.AsynchronousOperation.run(AsynchronousOperation.java:41)
         at java.lang.Thread.run(Unknown Source)
    (Apr 14, 2011 6:19:38 AM), Install, com.oracle.installshield.adpwd.execTool, err, Cannot run program "C:\Program": CreateProcess error=2, The system cannot find the file specified
    (Apr 14, 2011 6:19:38 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, ASCII file C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif does not exist and will be created.
    (Apr 14, 2011 6:19:38 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, gen exp
    (Apr 14, 2011 6:19:38 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif (The system cannot find the file specified)
    Anyone fixed it. I have checked JAVA env is set in my machine
    C:\>echo %JAVA_HOME%
    D:\oracle\Middleware\jdk160_14_R27.6.5-32
    C:\>java -version
    java version "1.6.0_12"
    Java(TM) SE Runtime Environment (build 1.6.0_12-b04)
    Java HotSpot(TM) Client VM (build 11.2-b01, mixed mode)
    Did anyone fix the issue?

  • AD password sync connector configuration for OIM Cluster

    Hi
    I have OIM running on clustered environment in two nodes.
    I have some AD domain controller. I need to install the AD password sync connector (version 9.1.1) in the AD domain controller.
    I remember that in the earlier versions we need to install the user management console and then change the value in xlConfig file to have both the node name.
    Version 9.1.1 is changed to use the SPML webservices. I have installed the SPML WS in both the nodes.
    My question is where do i specify in the AD password sync connector that I have two server as there is no xlConfig or any other config file that I can give both the server address.
    I referred the following PDF http://download.oracle.com/docs/cd/E11223_01/doc.910/e11218.pdf
    Thanks
    Narendar Doshi

    have you tried importing the cert in cacerts under $JAVA_HOME?

  • OIM AD password Sync connector. Connection to AD through SSL

    Hi.
    I am trying to configure AD password sync connector 9.1.1.5 with patch 14627510 to connecto to AD through SSL.
    At this moment, connector is able to connect to OIM through SSL but not to the AD. If i set AD port number to 389 on the connector configuration, everything works fine.
    If i set it to 636, it is not able to connect to the AD.
    I've imported the AD SSL certificate to <connector install directory>\OIMADPasswordSync\_jvm\lib\security\cacerts and restarted the domain controller but still no luck.
    To test that the certificate and everything else is OK, i've also installed a jxplorer and imported the same certificate into <jexplorer install directory>\jxplorer321\security\cacerts. Jxplorer is able to connect to the AD through SSL on port 636 so user credentials, certificate, etc.. are ok
    Connector documentation doesn't mention anything regarding SSL connection to AD, it only describes SSL connection to OIM.
    Anyone has donde this before? Is there any additional step i should follow to enable SSL connection from AD password sync connector to AD? Does the connector support SSL connection to AD?
    Regards.

    have you tried importing the cert in cacerts under $JAVA_HOME?

  • How configure password sync connector in OIM cluster environmet

    Hi,
    i want some inputs to configure password sync connector in OIM cluster environmet.
    Thanks,

    Use a load balanced URL.
    -Kevin

  • OIM password sync

    Hi,
    We are planning a OIM and OAM implementation.
    We have Novell eDirectory in place with users in it. OAM is going to use the same eDir, so authentication will use the current password in eDir.
    We also need to manage eDir as a target system on OIM.
    The question is, can we sync passowords in eDir and OIM?
    We have explored the following optoin:
    1. Force users to change their password on first time login. Since OAM will be the one doing authentication, this will go through, and we update the password in OIM.
    Does this sound feasible, any pointers?
    -Boland

    Not Sure if I understand your scenario. But...
    OIM EDir connector can not sync pw from Edir to OIM.
    So the best would be to use the OIM PW reset/self Service to reset pw in OIM and "push" it to edir trough the edir connector.
    Because if you use the OAM pw change, then, as you are saying it will reset the pw in edir and you ll not have the same pw in OIM because it's not synced back to OIM...which may not be an issue at all depending what you are trying to achieve.
    hth
    Chris
    Edited by: chris W on Dec 8, 2009 9:57 PM

  • OIM Password Sync with SAP

    Hi,
    I have a requirement of password sync between OIM and SAP. Do you have any idea of how we can achieve this?
    Is there any out of box connector for the password sync with SAP?
    Please let me know.
    thanks in advance
    Edited by: IDMuser19 on Jul 26, 2010 2:17 PM

    Ramesh,
    Are you using the password hook or something from the framework?
    The password hook only works with Microsoft Active Directory.
    If you're using a framework task or other job or a custom task you almost always need a SSL enabled connection to the LDAP server.
    Hope this helps.
    Matt

  • OIM Password Sync Installation on Windows Core Server 2008

    Hi,
    Did anyone ever installed AD Password Sync connector on windows core 2008 server, please provide the steps for that?
    Server Core doesn't have GUI, it uses command prompt to install. I tried to installed but it corrputed the server itself.
    Please let me know if anyone has prior experience on that.
    Thanks,
    Amitesh

    Hi,
    Yes in Browser, the response is perfect. The only issue is in Calling inside in any file, i even tried Javascript's XML dom to load it, but same result, the file is just loading and never loads completely. I also tried using an SWF file with AS3 code to load XML inside as3 and send the result to any JS function.
    The output comes using trace in as3, but when it comes to browser, the same loading happends and result never loads.

Maybe you are looking for

  • Can I install an OS to a serial drive

    Hi a friend of mine is building a system almosty identical to mine except he only has an s-ata drive. The problem arises with the fact that windows install (2K and XP) procedure won't recognise his drive despite loading the driver from the floppy. I

  • Randomly Shutting Off When On Battery Power

    So, I recently had my logic board replaced because my built-in audio out port wasn't working. I had this done more than a week ago, but just 2 days ago I was using it without being plugged in for over an hour (the battery indicator said I had about 5

  • Xfce4-svn: desktop icons not removed [solved]

    How to reproduce: 1. create file on desktop (e.g., drag it from Thunar window, or save file directly on desktop) 2. Delete this file via context menu 3. The icon of this file stay on the desktop anyway. If you open ~/Desktop, you'll see that file rea

  • I cannot open iTunes and App-Store despite WLAN connection

    I cannot open iTunes and App-Store on my iPad despite WLAN connection

  • Lockbox incoming payment

    Dear SAP Friends, If the incoming payment in lockbox file for invoice number 1005 is $900 whereas actual invoice 1005 is due for $1000. After uploading the lockbox file it shows a new document number 2209 with $900 as DZ (customer payment). But then