OIM 9102 Issues

Similar Messages

• OIM 9102 Issued Audit Message null pointer

  Hi All,
  I have a 9102 system with an empty upa_ud_formfields table. We tried running the Issue Audit Message job (which was disabled for some reason) and got a NPE.
  I found the same thing here but never answered.
  Re: Audit reports in OIM 9102
  any help would be appreciated.
  Thanx
  Fred

  1. XL.EnableExceptionReports needs to be set to TRUE and XL.UserProfileAuditDataCollection needs to be set to Resource Form.
  2. In the Audit Report Developers Guide, section 5.3.1 Using the UPA Form Data Upgrade Utility, you need to perform the steps to enable the usable of these fields (http://download.oracle.com/docs/cd/E14049_01/doc.9101/e14045/reporting.htm#CEGFCIAD).
  3. Restart Server.
  -Kevin

• OIM 9102 , AD Password Sync 91x, JBoss 423GA - issue over SSL port.

  Followed the steps describe in "Deploying the connector"
  http://download.oracle.com/docs/cd/E11223_01/doc.910/e11218/install_config.htm#insertedID0
  section
  Pre-Installation both SSL n non-SSL works for SPML verification.
  For JBoss Application Server:
  http://IP ADDRESS:8080/spmlws/services/HttpSoap11
  https://IP ADDRESS:8443/spmlws/services/HttpSoap11
  Post Installation - configured SSL.
  On AD machine logs following error message is displayed:
  MAX_RETRY LIMIT count is not updated: OIM is down
  Following meta-link ID 1073889.1
  https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&doctype=PROBLEM&id=1073889.1
  explains to verify 'oimhost and oimport' - oimhost is machine ip address ( AD machine is able to ping OIM machine through ip address and machine name )
  oimport is 8443
  Any suggestion.
  Or anyone previously successfully deployed password sync over SSL for OIM 9102 and AD Password sync 91x,
  as i found a similar thread in OTN forum where user had issues over SSL.

  Did anyone resolve this issue? I have the same running SSL Password Sync on OAS 10.1.3.4 and OIM 9.1.0.2 BP09a with AD 2003.
  Debug [7/8/2010 6:35:45 AM] oimport is
  Debug [7/8/2010 6:35:45 AM] 4443
  Debug [7/8/2010 6:35:45 AM]
  Debug [7/8/2010 6:35:45 AM] oimsslclient is
  Debug [7/8/2010 6:35:45 AM] nw-dc-01.nwocaland.nwoca.org
  Debug [7/8/2010 6:35:45 AM]
  Debug [7/8/2010 6:35:45 AM] oimuserattr is
  Debug [7/8/2010 6:35:45 AM] USR_UDF_SAM_ACCTNAME
  Debug [7/8/2010 6:35:45 AM]
  Debug [7/8/2010 6:35:45 AM] oimusessl is
  Debug [7/8/2010 6:35:45 AM] Y
  Debug [7/8/2010 6:35:45 AM]
  Debug [7/8/2010 6:35:45 AM] oimappservertype is
  Debug [7/8/2010 6:35:45 AM] 2
  Debug [7/8/2010 6:35:45 AM]
  Debug [7/8/2010 6:35:45 AM] End of sgsloidi::getConfigParamters
  Debug [7/8/2010 6:35:45 AM] Inside sgsloidi::setParameters
  Debug [7/8/2010 6:35:45 AM] The SOAP start element is
  Debug [7/8/2010 6:35:45 AM] <SPMLv2Document xmlns="http://xmlns.oracle.com/OIM/provisioning">
  Debug [7/8/2010 6:35:45 AM] The SOAP end element is
  Debug [7/8/2010 6:35:45 AM] </SPMLv2Document>
  Debug [7/8/2010 6:35:45 AM] The path is
  Debug [7/8/2010 6:35:45 AM] /spmlws/HttpSoap11
  Debug [7/8/2010 6:35:45 AM] End of sgsloidi::setParameters

• OIM 9102 AD OU Move Error

  Iam working on OIM 9102 doing AD OU Movement.
  Iam changing the User's department through HR recon & based on that the Organization Name is being built by me. (Process task, USR_Process Trigger, Prepopulate adp, etc)
  Here the Organization Attribute is getting populated in AD User Form.
  In the weblogic console I am finding errors for the User distinguished Name & OU movement is not happening
  ****************************log ****************************
  Running ISADAM
  Target Class = java.lang.String
  Running Get Attribute Map
  Running Set Attributes
  Running OU
  Target Class = com.thortech.xl.util.adapters.tcUtilStringOperations
  Running CONCATORG
  Target Class = com.thortech.xl.util.adapters.tcUtilStringOperations
  Running Move User
  ERROR,17 Oct 2012 15:34:02,765,[OIMCP.ADCS],====================================================
  ERROR,17 Oct 2012 15:34:02,765,[OIMCP.ADCS],com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController
  : rename : Invalid name: cn=Pirsten Miller,Engineering
  ERROR,17 Oct 2012 15:34:02,765,[OIMCP.ADCS],====================================================
  ERROR,17 Oct 2012 15:34:02,765,[OIMCP.ADCS],================= Start Stack Trace =======================
  ERROR,17 Oct 2012 15:34:02,765,[OIMCP.ADCS],com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController
  : rename
  ERROR,17 Oct 2012 15:34:02,765,*[OIMCP.ADCS],Invalid name: cn=Pirsten Miller,Engineering*
  ERROR,17 Oct 2012 15:34:02,765,[OIMCP.ADCS],Description : Invalid name: cn=Pirsten Miller,Engineering
  ERROR,17 Oct 2012 15:34:02,765,[OIMCP.ADCS],javax.naming.InvalidNameException: Invalid name: cn=Pirsten Miller
  ,Engineering; remaining name 'cn=Pirsten Miller,OU=OIM'
  at javax.naming.ldap.Rfc2253Parser.doParse(Rfc2253Parser.java:86)
  The rest of the distinguished name (dc=fimdomain,dc=com) is not getting populated.
  Any idea to rectify this ?

  Please read this post twice and the entire post again so that everything said by all other experts as well is properly grasped by your mind... Then you will be able to perform tasks I am going to ask quickly...
  Did "Organization Name Updated" task triggered? And also, I am afraid the correct spelling of 3~ou=Engineering,dc=fimdomain,dc=com should be 3~OU=Engineering,DC=fimdomain,DC=com because OU and DC are in CAPITAL in Lookup.ADReconciliation.OrganizationLookup. So, as I suggested earlier as well, the spelling should be strictly as in this lookup...
  Let us try to isolate the issue... First, execute the "AD Organization Lookup Recon" scheduler with the Search Base=> DC=fimdomain,DC=com...
  Then Edit the process form manually... And select any organization name manually from the lookup... So that "Organization Name Updated" task gets triggered AND the user is MOVED in new OU... Thus the issue will be isolated...
  Then we will focus on the Adapter which populates the new OU in the "Organization Name" field...
  Remember things are case-sensitive....
  So, in your adapter:-
  (1) By some logic you come to conclusion that the new OU should be say ou=Engineering,dc=fimdomain,dc=com...
  (2) You append 3~ before it and make it 3~ou=Engineering,dc=fimdomain,dc=com
  (3) However, you must double check it whether this OU really exists in the Lookup.ADReconciliation.OrganizationLookup...
  (4) So, in your code, you create a HashMap using tcLookupOperationsIntf containing CODE KEY IN UPPER CASE vs Just Code Key...
  I mean something like this:-
  3~OU=TRAINING,DC=FIMDOMAIN,DC=COM 3~OU=Training,DC=fimdomain,DC=com
  3~OU=ENGINEERING,DC=FIMDOMAIN,DC=COM 3~OU=Engineering,DC=fimdomain,DC=com
  3~OU=DEPARTMENT,DC=FIMDOMAIN,DC=COM 3~OU=Department,DC=fimdomain,DC=com
  3~OU=MECHANICAL,DC=FIMDOMAIN,DC=COM 3~OU=Mechanical,DC=fimdomain,DC=com
  (5) Then you try to retrieve the actual spelling with case in your code for 3~OU=ENGINEERING,DC=FIMDOMAIN,DC=COM...
  String ou = hashMap.get("3~OU=ENGINEERING,DC=FIMDOMAIN,DC=COM");
  You obtain: 3~OU=Engineering,DC=fimdomain,DC=com
  And then transfer or populate this OU to your Organization Name... This will work...
  And just in case the OU does not exist in AD at all, say 3~ou=Engineering1234,dc=fimdomain,dc=com... So, your Adapter logic came up with Engineering1234... It does not exist.... Then it will return null...
  Simple... Then you would know it clearly where the issue lies...
  I could have given you the entire code... However, I want to encourage you to write your own code... Code writing is fun...
  Please go through all the posts in this Thread twice, including this one, and perform the tasks which I have suggested you... It will work... All the best,..

• OIM 9102 to 11g upgrade

  Hi All
  We are on OIM 9102 bp14 and are planning to upgrade to 11.1.1.5 and would appreciate if someone can provide feedback on the upgrade process covering the following:
  1. What is the complexity of upgrade process?
  2. Does all the approval workflows gets converted into SOA composites successfully?
  Appreciate if you can share your experience.
  Thanks
  PS: I have gone through the documentation on upgrade process.

  Hi,
  I have upgraded my project from 9102 to OIM 11g. Here are some pointer which might help you during upgrade.
  1. What is the complexity of upgrade process?
  You can follow through the steps given in document. You'll face problem while restarting your server. You would require to open enterprise manager http://weblogicusr:port/em and right click on domain, goto security->credentials, expand oim, add .xldatabasekey and its credentials.
  Keep backup of your old .xldatabasekey, as you have to put it under <DOMAIN_HOME>/fmwconfig/config directory. Otherwise you'll not be able to login into database.
  This process doesn't increase size of fields in usr tables. you may require to increase its size (atleast for usr_password to 200). It upgrades all components except eventhandlers and custom schedule tasks. You would require workarounds to make them work. OIM API may still be a issue, as many of them have been deprecated.
  2. Does all the approval workflows gets converted into SOA composites successfully?
  Yes, it converted in my case. I tested 3 level approvals as well. They are working fine.
  I hope this helps.
  regards,
  GP

• OIM 9102 Schema - OSI_CHILD_OLD_VALUE column in OSI table

  Hello,
  OIM 9102 database schema has a table name called OSI which I think holds information about tasks.
  There is a column in the OSI table called “OSI_CHILD_OLD_VALUE” (Blob type). Did anyone familiar with the content of this column? What information it contains and which use case will trigger the read on the this table column?
  Thanks,

  Hello,
  I want to decrypt this particular column (OSI_CHILD_OLD_VALUE) value (type: CLOB). So, basically i need CLOB to byte [] - note that decrpt methods is overloaded.
  My program is working for type: String - it could decrypt other encrypted OIM database fields like USR_UDF_ENCRYPTED_CUSTOM_FIELD, CUSTOM FORM FIELDS, etc...
  Snippet:
  ResultSet rs = stmt.executeQuery(sql);
  while(rs.next()){
  Clob osiClob = rs.getClob("OSI_CHILD_OLD_VALUE");
  long clobLength = osiClob.length();
  // I tried with below clob data extraction methods
       <extracted_value_using> = osiClob.getAsciiStream()/osiClob.getCharacterStream()/osiClob.getSubString();
  byte[] decryptedVal = com.thortech.xl.crypto.tcCryptoUtil.decrypt(<extracted_value_using>,"DBSecretKey");
  System.out.println("Decrypted Value -->" + decryptedVal);
  Finding it pretty challenging as it is not working only for CLOB column. Any help will be appreciated.
  Thanks,

• What is latest bundle patch for OIM 9102?

  Hey All,
  I have an OIM 9102 installed on WLS 10.3.2, SQL Server 2005 and Windows server 2003 R2 OS.
  Wanted to apply the latest bundle patch for OIM9102? What is the latest BP for 9102? BP14?
  Can anyone let me know the latest BP name/number and path to down in metalink if possible.
  Thanks in advance!
  klogube

  Does anyone have BP14 installed and diagnostic dashboard working? I put BP14 on our 9.1.0.2 sandbox, and diagnostic dashboard broke. We are on WebSphere 6. Problem is when you log in, you get an authentication error.

• OIM Groups Issues - Groups migrated from OIM 9101 to 9102

  Hi,
  I migrated the OIM groups from the old system (9101) to the newy built OIM version 9102.
  I have a user created called TESTW - it has the GROUP_System_Adminitators (custom OIM Group).
  This group has SYSTEM ADMINISTRATOR (Delivered) as the member group.
  Also, GROUP_System_Adminitators has menu options for Users Search.
  However, this user is unable to search Users. He is able to see the User > Search menu.
  Once a string is placed and click on search, no users are found (though OIM has 50k users).
  Am I missing something here? Please assist.
  TiA. I will assign points.
  Regards
  Vijay Chinnasamy

  Go to Organization > Manage > Search organizations > Selct org in which 50K users have been created > Select ADMINISTRATIVE GROUP (Drop Down)
  Assignyour custom group here and try to logic with auser who is part of that custom group
  And what do you mean by following statement:
  TiA. I will assign points.

• OIM 11g issues with design console, creating resource

  Hi All,
  I have installed OIM 11g, OAM 11g.
  I am facing issues while starting design console or creating a resouce.
  <Sep 2, 2010 9:30:53 PM GMT+05:30> <Error> <XELLERATE.SCHEDULER.TASK> <BEA-0000
  0> <Error while calling reissue on AUD_JMS messages
  com.thortech.xl.dataaccess.tcClientDataAccessException:
  at com.thortech.xl.dataaccess.tcDataBaseClient.getDatabaseProductName(t
  DataBaseClient.java:944)
  at com.thortech.xl.schedule.tasks.ReIssueAuditMessage.processAllByIdent
  fier(ReIssueAuditMessage.java:87)
  at com.thortech.xl.schedule.tasks.ReIssueAuditMessage.execute(ReIssueAu
  itMessage.java:78)
  at com.thortech.xl.scheduler.tasks.SchedulerBaseTask.execute(SchedulerB
  seTask.java:384)
  at oracle.iam.scheduler.vo.TaskSupport.executeJob(TaskSupport.java:144)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl
  java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcce
  sorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at oracle.iam.scheduler.impl.quartz.QuartzJob.execute(QuartzJob.java:16
  at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
  at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.
  ava:529)
  >
  <Sep 2, 2010 9:30:53 PM GMT+05:30> <Error> <XELLERATE.DATABASE> <BEA-000000> <Cl
  ass/Method: tcDataBaseClient/bindToInstance encounter some problems: java.lang.A
  ssertionError: Can only export activatable objects
  oracle.iam.platform.utils.ServiceInitializationException: java.lang.AssertionErr
  or: Can only export activatable objects
  at oracle.iam.platform.Platform.getService(Platform.java:264)
  at oracle.iam.platform.OIMInternalClient.getService(OIMInternalClient.ja
  va:152)
  at com.thortech.xl.dataaccess.tcDataBaseClient.bindToInstance(tcDataBase
  Client.java:151)
  at com.thortech.xl.dataaccess.tcDataBaseClient.<init>(tcDataBaseClient.j
  ava:75)
  at com.thortech.xl.server.tcDataBaseClient.<init>(tcDataBaseClient.java:
  33)
  at com.thortech.xl.client.dataobj.tcDataBaseClient.<init>(tcDataBaseClie
  nt.java:67)
  Please help

  You need to copy the files from the linux box to a windows box and change the startup paramaters to meet that of a Windows machine.
  I have the following files once moved to my windows machine:
  basecp.bat:
  >
  set CLASSPATH=.;.\lib\oimclient.jar;.\lib\iam-platform-auth-client.jar;.\lib\iam-platform-pluginframework.jar;.\lib\iam-platform-utils.jar;.\lib\iam-platform-context.jar;.\lib\XellerateClient.jar;.\lib\xlAPI.jar;.\lib\xlLogger.jar;.\lib\xlVO.jar;.\lib\xlUtils.jar;.\lib\xlCrypto.jar;.\lib\xlAuthentication.jar;.\lib\xlDataObjectBeans.jar;.\ext\log4j-1.2.8.jar;.\ext\jhall.jar;
  >
  classpath.bat:
  >
  call basecp.bat
  set CLASSPATH=%CLASSPATH%;.\ext\spring.jar;.\ext\security-api.jar;.\ext\commons-logging.jar;.\ext\logging-utils.jar;.\ext\jakarta-oro-2.0.8.jar;.\ext\bsh.jar;.\ext\mail.jar;.\ext\jboss-j2ee.jar;.\ext\jboss-jaas.jar;.\ext\jbosssx.jar;.\ext\jts.jar;.\ext\jbossall-client.jar;.\ext\concurrent.jar;.\ext\getopt.jar;.\ext\gnu-regexp.jar;.\ext\jacorb.jar;.\ext\jboss-client.jar;.\ext\jboss-common-client.jar;.\ext\jbosscx-client.jar;.\ext\jbossha-client.jar;.\ext\jboss-iiop-client.jar;.\ext\jbossjmx-ant.jar;.\ext\jboss-jsr77-client.jar;.\ext\jbossmq-client.jar;.\ext\jboss-net-client.jar;.\ext\jbosssx-client.jar;.\ext\jboss-system-client.jar;.\ext\jboss-transaction-client.jar;.\ext\jcert.jar;.\ext\jmx-connector-client-factory.jar;.\ext\jmx-ejb-connector-client.jar;.\ext\xdoclet-module-jboss-net.jar;.\ext\jsse.jar;.\ext\jnet.jar;.\ext\jmx-rmi-connector-client.jar;.\ext\jmx-invoker-adapter-client.jar;.\ext\jnp-client.jar;.\ext\wlfullclient.jar;.\ext\webserviceclient+ssl.jar;.\ext\sas.jar;.\ext\oc4jclient.jar;.\ext\ejb.jar;.\ext\oscache.jar;.\ext\commons-logging.jar;.\ext\javagroups-all.jar
  >
  xlclient.cmd:
  >
  @echo off
  setlocal
  call classpath
  REM SET DEBUG_OPTS=-classic -Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5001 -DXL.RedirectSysOutErrToFile=TRUE -DXL.SysOutErrLogFile=.\logs\Client.System.Out.Err.log
  REM Make sure to remove java.naming.provider.url and read it from the configuration
  REM once the JNDI Profiles are implemented.
  REM make sure you are using j2sdk1.4.2_05
  "C:\jdk1.6.0_22\bin\java" %DEBUG_OPTS% ^
       -DXL.ExtendedErrorOptions=TRUE -DXL.HomeDir=C:\oracle\oim1_11g\designconsole ^
       -Djava.security.policy=config\xl.policy ^
       -Dlog4j.configuration=config\log.properties ^
       -Dweblogic.security.SSL.trustedCAKeyStore=%TRUSTSTORE_LOCATION% ^
       -Djava.security.manager -Djava.security.auth.login.config=config\authwl.conf ^
       com.thortech.xl.client.base.tcAppWindow -server server
  endlocal
  >
  See if this works.
  -Kevin

• OIM Performance Issue

  Hi All,
  My env is oimps1 on linux and db on different machine.
  After the first initial load of the user and org data,suddenly the oim has become too slow
  viewing a profile takes 5 minutes and even I haveseen that the cpu goes to 100%.
  This is really a worry for the project.
  Please suggest what can I do to fix this.I have no clue.

  Is there any luck in the performance issue? Did you able to improve the performance in any ways?
  We are exactly facing the same problem as like yours. Only 3 people are using the server and 15k users in OIM. The performance is really bad. Oracle also can't find anything wrong in the WLS setup and they asked us to apply BP04. We applied BP04 but as expected it didnt help in anyways.
  Plz let us know if you could manage to fix this issue or any workaround which you are following.
  Thanks
  log

• OIM 11g: Issue while evaluating rule for Role Membership

  Hello All,
  I have configured few General Rules using 2 of our User Defined Fields, these general rules are used to determine role membership.
  What we observed that once "Identity Status" attribute is set to "Disabled" for OIM User Profile then OIM stops evaluating these configured General Rules for Role Membership.
  Env Details:
  Product Version: Oracle Identity Manager 11.1.1.5.0
  App Server: WebLogic Server Version: 10.3.5.0
  OS: Red Hat Enterprise Linux Server release 5.5
  Database: Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64 bit
  Please let me know if any of you have encounter this issue and if there is any workaround available for it.
  Thanks,
  Shyam

  Re: OIM11g: Resource not revoked if the Identity Status is DISABLED
  XL.EvaluateMembershipForInactiveUser
  Workaround:
  You can make you of Event Handler and assign that group with APIs.

• Audit reports in OIM 9102

  We installed OIm as "Oracle Identity Manager with Audit & Compliance module",
  But I dont see any information in historical reports.
  All reports say "no records found"
  Do we have to enable Auditing somewhere?

  I have a similar issue. In log, it says:
  ERROR [XELLERATE.AUDITOR] Error while processing audit message
  java.lang.NullPointerException
  It didn't process any records till now. The AUD_JMS table has thousands of records.
  My version: 9.1.0.1865.28
  Any suggestions?

• OIM 9102 BP12 Migration from WebSphere 6.1 to Weblogic 10.3

  Hello,
  We're planning to move(9102BP12) from WebSphere6.1 to Weblogic10.3.
  I found Oracle metalink which says -
  ================================================
  JDK Migration restriction:
  You can only migrate to JDKs that falls with in the same groupings.
  Group 1: Sun JDK, Oracle JRockit, HP JDK
  Group 2: IBM JDK.
  Example: If you are running OC4J using Sun JDK then you can migrate to Oracle WebLogic Server using Sun JDK, Oracle JRockit or HP JDK. However, you can't migrate to IBM JDK.
  ==============================================
  This is because the data in the OIM schema is encrypted using the IBM's encryption libraries which are not available for Sun JDK. What i understand is that the IT resource configuration details are encrypted with installed JDK. However, if we re-configure the IT resource with Weblogic setup (after installing oim on Weblogic poining to the existing database), we could proceed with this migration.
  Has anyone executed Websphere to Weblogic migration before for OIM? Any input will help.
  Thanks,

  Sorry for the delay as I got busy with my current project. Here are the answers to your questions.
  1) If i install WLS point to existing OIMDB, do i necessarily need to copy old .databasekey from WAS environment?
  <Abhi>: Yes, you will have to copy these files to the WLS environment.
  2) During WLS install, it'll ask for xelsysadm password. Will this password overrides to existing one in OIM DB? And later on when i'll try to login to OIM-WLS using this password, will that work?
  <Abhi>: Yes, but are you planning to have different passwords. The xelsysadm password is stored in OIM database. So if you update it, it will reflect in all the OIM middle-tier instances attached to this database.
  How about handling the encrypted values in WLS environment:
  (1) IT resource params - reconfigure them after migration - through design console in Weblogic environment
  <Abhi>: Yes. you may have to review the values in the IT resource params and the other atrifacts as RO, process forms etc. But most of the work will be done by the deployment manager export/import functionality.
  (2) User password and security Q&A - We're using SSO to login to OIM, so not a concern
  <Abhi>: You are good with this.
  (3) UDF encrypted attribute - After doing the migration, if we run the user trusted recon 1 more time.. then all the user attrs values would be overriden (including encrytped UDF).
  <Abhi>: If there is an encrypted UDF field, you will have to take care of this manually. BTW, is this field encrypted on the OIM side as well as the application side.
  (4) Encrypted object/process forms - i've pending task to analyze if we've any such attrs(process form encrypted 'password' to target(e.g. AD) - i could think of such cases)
  <Abhi>: If there is something like this, you will have to take care of this manually. Check the possibility of writing a custom code to go thru the OIM users and dump the decrypted data in some file. Later you can update the selective user data in the new environment
  Did you follow the similar process? What issues did you face because of the IBM to SUN JDK use?
  <Abhi>: Yes, I followed the same steps and did not faced much issues. It was pretty straight-forward. Just make sure that the export/import using Deployment manager is successful.
  Please let me know if you have more questions.

• OIM ldapsync issues

  Hello,
  After enabling ldapsync between OIM and OID, only a few users orcladmin,public,idrouser and idrwuser are imported into OIM from OID. Other users created with prepareIDStore "oimadmin,oamadmin,weblogic_idm, weblogic_admin,oaamadmin" are not imported.
  When "ldap user create and update full reconcilation" job is run from OIM console, it throws the following error. Exception Message oracle.iam.ldapsync.exception.ProcessLDAPReconDataException: java.lang.NullPointerException
  Used libOVD. OIM, LDAPSYNC configuration is done at the same time.
  Users created in OIM are seen in OID and any changes made to OIM users are propagated to OID.
  OIM diagnostic log shows
  oracle.iam.platform.kernel.EventFailedException: IAM-3050127:An error occurred in user name generation. Please provide either Email or First Name and Last Name for DefaultComboPolicy.:Email:First Name:Last Name:DefaultComboPolicy
  Even though attributes firstname,lastname and email are all present in the ldap profile for a given user.
  Environment:
  Solaris SPARC 9 - 64 bit, OIM 11.1.1.5, OAM 11.1.1.5, OID 11.1.1.5, WLS 10.3.5
  Have any of you faced similar issues on Solaris? When the same steps are performed on Linux based IDM install (both 32 and 64 bit), all users were imported.
  Please advise.
  Thanks!
  Edited by: 840732 on Mar 9, 2012 2:23 PM
  Edited by: 840732 on Mar 9, 2012 2:28 PM

  Hi,
  Change the Connection pool parameter to "False" in Directory Server( in Manage IT Connector), and re-run the job.
  Thanks
  Balaji Ketti

• OIM Client issue

  I am seeing this message when I log in to OIM client. It was working fine yesterday and today I see this (below). The DB is up and server is up and see no issues there.
  Description: Database client has not bound to the server-side database object. Either the client database object has never bound to the server-side database object, or the server-side database object is no longer accessible.
  Remedy: Attempt to login again. If this fails, contact your system adminstrator.
  Anyone know what the issue might be?

  Another option that will tell you what part of the network and/or application stack that is failing is to sniff the connection to the db.
  Instructions: http://iamreflections.blogspot.com/2010/08/how-i-learned-to-stop-worring-and-love.html