OIM 9102 Issues
Hi
Issue regarding OIM 9102.
Installed Components:
Oracle DB 11.1.0.6
WLS 10.3.2.0
OIM 9101 Upgraded to 9102
Plat Form: MS Windows 2008 R2 Server 64-Bit
While i am trying to Install DB connector i could not find the step 3 page its just blank even i tried for XML import but same issue No Luck.
I am attaching the screen shots and Logs details.
Please Help me Out.
Go to Organization > Manage > Search organizations > Selct org in which 50K users have been created > Select ADMINISTRATIVE GROUP (Drop Down)
Assignyour custom group here and try to logic with auser who is part of that custom group
And what do you mean by following statement:
TiA. I will assign points.
Similar Messages
-
OIM 9102 Issued Audit Message null pointer
Hi All,
I have a 9102 system with an empty upa_ud_formfields table. We tried running the Issue Audit Message job (which was disabled for some reason) and got a NPE.
I found the same thing here but never answered.
Re: Audit reports in OIM 9102
any help would be appreciated.
Thanx
Fred1. XL.EnableExceptionReports needs to be set to TRUE and XL.UserProfileAuditDataCollection needs to be set to Resource Form.
2. In the Audit Report Developers Guide, section 5.3.1 Using the UPA Form Data Upgrade Utility, you need to perform the steps to enable the usable of these fields (http://download.oracle.com/docs/cd/E14049_01/doc.9101/e14045/reporting.htm#CEGFCIAD).
3. Restart Server.
-Kevin -
OIM 9102 , AD Password Sync 91x, JBoss 423GA - issue over SSL port.
Followed the steps describe in "Deploying the connector"
http://download.oracle.com/docs/cd/E11223_01/doc.910/e11218/install_config.htm#insertedID0
section
Pre-Installation both SSL n non-SSL works for SPML verification.
For JBoss Application Server:
http://IP ADDRESS:8080/spmlws/services/HttpSoap11
https://IP ADDRESS:8443/spmlws/services/HttpSoap11
Post Installation - configured SSL.
On AD machine logs following error message is displayed:
MAX_RETRY LIMIT count is not updated: OIM is down
Following meta-link ID 1073889.1
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&doctype=PROBLEM&id=1073889.1
explains to verify 'oimhost and oimport' - oimhost is machine ip address ( AD machine is able to ping OIM machine through ip address and machine name )
oimport is 8443
Any suggestion.
Or anyone previously successfully deployed password sync over SSL for OIM 9102 and AD Password sync 91x,
as i found a similar thread in OTN forum where user had issues over SSL.Did anyone resolve this issue? I have the same running SSL Password Sync on OAS 10.1.3.4 and OIM 9.1.0.2 BP09a with AD 2003.
Debug [7/8/2010 6:35:45 AM] oimport is
Debug [7/8/2010 6:35:45 AM] 4443
Debug [7/8/2010 6:35:45 AM]
Debug [7/8/2010 6:35:45 AM] oimsslclient is
Debug [7/8/2010 6:35:45 AM] nw-dc-01.nwocaland.nwoca.org
Debug [7/8/2010 6:35:45 AM]
Debug [7/8/2010 6:35:45 AM] oimuserattr is
Debug [7/8/2010 6:35:45 AM] USR_UDF_SAM_ACCTNAME
Debug [7/8/2010 6:35:45 AM]
Debug [7/8/2010 6:35:45 AM] oimusessl is
Debug [7/8/2010 6:35:45 AM] Y
Debug [7/8/2010 6:35:45 AM]
Debug [7/8/2010 6:35:45 AM] oimappservertype is
Debug [7/8/2010 6:35:45 AM] 2
Debug [7/8/2010 6:35:45 AM]
Debug [7/8/2010 6:35:45 AM] End of sgsloidi::getConfigParamters
Debug [7/8/2010 6:35:45 AM] Inside sgsloidi::setParameters
Debug [7/8/2010 6:35:45 AM] The SOAP start element is
Debug [7/8/2010 6:35:45 AM] <SPMLv2Document xmlns="http://xmlns.oracle.com/OIM/provisioning">
Debug [7/8/2010 6:35:45 AM] The SOAP end element is
Debug [7/8/2010 6:35:45 AM] </SPMLv2Document>
Debug [7/8/2010 6:35:45 AM] The path is
Debug [7/8/2010 6:35:45 AM] /spmlws/HttpSoap11
Debug [7/8/2010 6:35:45 AM] End of sgsloidi::setParameters -
Iam working on OIM 9102 doing AD OU Movement.
Iam changing the User's department through HR recon & based on that the Organization Name is being built by me. (Process task, USR_Process Trigger, Prepopulate adp, etc)
Here the Organization Attribute is getting populated in AD User Form.
In the weblogic console I am finding errors for the User distinguished Name & OU movement is not happening
****************************log ****************************
Running ISADAM
Target Class = java.lang.String
Running Get Attribute Map
Running Set Attributes
Running OU
Target Class = com.thortech.xl.util.adapters.tcUtilStringOperations
Running CONCATORG
Target Class = com.thortech.xl.util.adapters.tcUtilStringOperations
Running Move User
ERROR,17 Oct 2012 15:34:02,765,[OIMCP.ADCS],====================================================
ERROR,17 Oct 2012 15:34:02,765,[OIMCP.ADCS],com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController
: rename : Invalid name: cn=Pirsten Miller,Engineering
ERROR,17 Oct 2012 15:34:02,765,[OIMCP.ADCS],====================================================
ERROR,17 Oct 2012 15:34:02,765,[OIMCP.ADCS],================= Start Stack Trace =======================
ERROR,17 Oct 2012 15:34:02,765,[OIMCP.ADCS],com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController
: rename
ERROR,17 Oct 2012 15:34:02,765,*[OIMCP.ADCS],Invalid name: cn=Pirsten Miller,Engineering*
ERROR,17 Oct 2012 15:34:02,765,[OIMCP.ADCS],Description : Invalid name: cn=Pirsten Miller,Engineering
ERROR,17 Oct 2012 15:34:02,765,[OIMCP.ADCS],javax.naming.InvalidNameException: Invalid name: cn=Pirsten Miller
,Engineering; remaining name 'cn=Pirsten Miller,OU=OIM'
at javax.naming.ldap.Rfc2253Parser.doParse(Rfc2253Parser.java:86)
The rest of the distinguished name (dc=fimdomain,dc=com) is not getting populated.
Any idea to rectify this ?Please read this post twice and the entire post again so that everything said by all other experts as well is properly grasped by your mind... Then you will be able to perform tasks I am going to ask quickly...
Did "Organization Name Updated" task triggered? And also, I am afraid the correct spelling of 3~ou=Engineering,dc=fimdomain,dc=com should be 3~OU=Engineering,DC=fimdomain,DC=com because OU and DC are in CAPITAL in Lookup.ADReconciliation.OrganizationLookup. So, as I suggested earlier as well, the spelling should be strictly as in this lookup...
Let us try to isolate the issue... First, execute the "AD Organization Lookup Recon" scheduler with the Search Base=> DC=fimdomain,DC=com...
Then Edit the process form manually... And select any organization name manually from the lookup... So that "Organization Name Updated" task gets triggered AND the user is MOVED in new OU... Thus the issue will be isolated...
Then we will focus on the Adapter which populates the new OU in the "Organization Name" field...
Remember things are case-sensitive....
So, in your adapter:-
(1) By some logic you come to conclusion that the new OU should be say ou=Engineering,dc=fimdomain,dc=com...
(2) You append 3~ before it and make it 3~ou=Engineering,dc=fimdomain,dc=com
(3) However, you must double check it whether this OU really exists in the Lookup.ADReconciliation.OrganizationLookup...
(4) So, in your code, you create a HashMap using tcLookupOperationsIntf containing CODE KEY IN UPPER CASE vs Just Code Key...
I mean something like this:-
3~OU=TRAINING,DC=FIMDOMAIN,DC=COM 3~OU=Training,DC=fimdomain,DC=com
3~OU=ENGINEERING,DC=FIMDOMAIN,DC=COM 3~OU=Engineering,DC=fimdomain,DC=com
3~OU=DEPARTMENT,DC=FIMDOMAIN,DC=COM 3~OU=Department,DC=fimdomain,DC=com
3~OU=MECHANICAL,DC=FIMDOMAIN,DC=COM 3~OU=Mechanical,DC=fimdomain,DC=com
(5) Then you try to retrieve the actual spelling with case in your code for 3~OU=ENGINEERING,DC=FIMDOMAIN,DC=COM...
String ou = hashMap.get("3~OU=ENGINEERING,DC=FIMDOMAIN,DC=COM");
You obtain: 3~OU=Engineering,DC=fimdomain,DC=com
And then transfer or populate this OU to your Organization Name... This will work...
And just in case the OU does not exist in AD at all, say 3~ou=Engineering1234,dc=fimdomain,dc=com... So, your Adapter logic came up with Engineering1234... It does not exist.... Then it will return null...
Simple... Then you would know it clearly where the issue lies...
I could have given you the entire code... However, I want to encourage you to write your own code... Code writing is fun...
Please go through all the posts in this Thread twice, including this one, and perform the tasks which I have suggested you... It will work... All the best,.. -
Hi All
We are on OIM 9102 bp14 and are planning to upgrade to 11.1.1.5 and would appreciate if someone can provide feedback on the upgrade process covering the following:
1. What is the complexity of upgrade process?
2. Does all the approval workflows gets converted into SOA composites successfully?
Appreciate if you can share your experience.
Thanks
PS: I have gone through the documentation on upgrade process.Hi,
I have upgraded my project from 9102 to OIM 11g. Here are some pointer which might help you during upgrade.
1. What is the complexity of upgrade process?
You can follow through the steps given in document. You'll face problem while restarting your server. You would require to open enterprise manager http://weblogicusr:port/em and right click on domain, goto security->credentials, expand oim, add .xldatabasekey and its credentials.
Keep backup of your old .xldatabasekey, as you have to put it under <DOMAIN_HOME>/fmwconfig/config directory. Otherwise you'll not be able to login into database.
This process doesn't increase size of fields in usr tables. you may require to increase its size (atleast for usr_password to 200). It upgrades all components except eventhandlers and custom schedule tasks. You would require workarounds to make them work. OIM API may still be a issue, as many of them have been deprecated.
2. Does all the approval workflows gets converted into SOA composites successfully?
Yes, it converted in my case. I tested 3 level approvals as well. They are working fine.
I hope this helps.
regards,
GP -
OIM 9102 Schema - OSI_CHILD_OLD_VALUE column in OSI table
Hello,
OIM 9102 database schema has a table name called OSI which I think holds information about tasks.
There is a column in the OSI table called “OSI_CHILD_OLD_VALUE” (Blob type). Did anyone familiar with the content of this column? What information it contains and which use case will trigger the read on the this table column?
Thanks,Hello,
I want to decrypt this particular column (OSI_CHILD_OLD_VALUE) value (type: CLOB). So, basically i need CLOB to byte [] - note that decrpt methods is overloaded.
My program is working for type: String - it could decrypt other encrypted OIM database fields like USR_UDF_ENCRYPTED_CUSTOM_FIELD, CUSTOM FORM FIELDS, etc...
Snippet:
ResultSet rs = stmt.executeQuery(sql);
while(rs.next()){
Clob osiClob = rs.getClob("OSI_CHILD_OLD_VALUE");
long clobLength = osiClob.length();
// I tried with below clob data extraction methods
<extracted_value_using> = osiClob.getAsciiStream()/osiClob.getCharacterStream()/osiClob.getSubString();
byte[] decryptedVal = com.thortech.xl.crypto.tcCryptoUtil.decrypt(<extracted_value_using>,"DBSecretKey");
System.out.println("Decrypted Value -->" + decryptedVal);
Finding it pretty challenging as it is not working only for CLOB column. Any help will be appreciated.
Thanks, -
What is latest bundle patch for OIM 9102?
Hey All,
I have an OIM 9102 installed on WLS 10.3.2, SQL Server 2005 and Windows server 2003 R2 OS.
Wanted to apply the latest bundle patch for OIM9102? What is the latest BP for 9102? BP14?
Can anyone let me know the latest BP name/number and path to down in metalink if possible.
Thanks in advance!
klogubeDoes anyone have BP14 installed and diagnostic dashboard working? I put BP14 on our 9.1.0.2 sandbox, and diagnostic dashboard broke. We are on WebSphere 6. Problem is when you log in, you get an authentication error.
-
OIM Groups Issues - Groups migrated from OIM 9101 to 9102
Hi,
I migrated the OIM groups from the old system (9101) to the newy built OIM version 9102.
I have a user created called TESTW - it has the GROUP_System_Adminitators (custom OIM Group).
This group has SYSTEM ADMINISTRATOR (Delivered) as the member group.
Also, GROUP_System_Adminitators has menu options for Users Search.
However, this user is unable to search Users. He is able to see the User > Search menu.
Once a string is placed and click on search, no users are found (though OIM has 50k users).
Am I missing something here? Please assist.
TiA. I will assign points.
Regards
Vijay ChinnasamyGo to Organization > Manage > Search organizations > Selct org in which 50K users have been created > Select ADMINISTRATIVE GROUP (Drop Down)
Assignyour custom group here and try to logic with auser who is part of that custom group
And what do you mean by following statement:
TiA. I will assign points. -
OIM 11g issues with design console, creating resource
Hi All,
I have installed OIM 11g, OAM 11g.
I am facing issues while starting design console or creating a resouce.
<Sep 2, 2010 9:30:53 PM GMT+05:30> <Error> <XELLERATE.SCHEDULER.TASK> <BEA-0000
0> <Error while calling reissue on AUD_JMS messages
com.thortech.xl.dataaccess.tcClientDataAccessException:
at com.thortech.xl.dataaccess.tcDataBaseClient.getDatabaseProductName(t
DataBaseClient.java:944)
at com.thortech.xl.schedule.tasks.ReIssueAuditMessage.processAllByIdent
fier(ReIssueAuditMessage.java:87)
at com.thortech.xl.schedule.tasks.ReIssueAuditMessage.execute(ReIssueAu
itMessage.java:78)
at com.thortech.xl.scheduler.tasks.SchedulerBaseTask.execute(SchedulerB
seTask.java:384)
at oracle.iam.scheduler.vo.TaskSupport.executeJob(TaskSupport.java:144)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcce
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.iam.scheduler.impl.quartz.QuartzJob.execute(QuartzJob.java:16
at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.
ava:529)
>
<Sep 2, 2010 9:30:53 PM GMT+05:30> <Error> <XELLERATE.DATABASE> <BEA-000000> <Cl
ass/Method: tcDataBaseClient/bindToInstance encounter some problems: java.lang.A
ssertionError: Can only export activatable objects
oracle.iam.platform.utils.ServiceInitializationException: java.lang.AssertionErr
or: Can only export activatable objects
at oracle.iam.platform.Platform.getService(Platform.java:264)
at oracle.iam.platform.OIMInternalClient.getService(OIMInternalClient.ja
va:152)
at com.thortech.xl.dataaccess.tcDataBaseClient.bindToInstance(tcDataBase
Client.java:151)
at com.thortech.xl.dataaccess.tcDataBaseClient.<init>(tcDataBaseClient.j
ava:75)
at com.thortech.xl.server.tcDataBaseClient.<init>(tcDataBaseClient.java:
33)
at com.thortech.xl.client.dataobj.tcDataBaseClient.<init>(tcDataBaseClie
nt.java:67)
Please helpYou need to copy the files from the linux box to a windows box and change the startup paramaters to meet that of a Windows machine.
I have the following files once moved to my windows machine:
basecp.bat:
>
set CLASSPATH=.;.\lib\oimclient.jar;.\lib\iam-platform-auth-client.jar;.\lib\iam-platform-pluginframework.jar;.\lib\iam-platform-utils.jar;.\lib\iam-platform-context.jar;.\lib\XellerateClient.jar;.\lib\xlAPI.jar;.\lib\xlLogger.jar;.\lib\xlVO.jar;.\lib\xlUtils.jar;.\lib\xlCrypto.jar;.\lib\xlAuthentication.jar;.\lib\xlDataObjectBeans.jar;.\ext\log4j-1.2.8.jar;.\ext\jhall.jar;
>
classpath.bat:
>
call basecp.bat
set CLASSPATH=%CLASSPATH%;.\ext\spring.jar;.\ext\security-api.jar;.\ext\commons-logging.jar;.\ext\logging-utils.jar;.\ext\jakarta-oro-2.0.8.jar;.\ext\bsh.jar;.\ext\mail.jar;.\ext\jboss-j2ee.jar;.\ext\jboss-jaas.jar;.\ext\jbosssx.jar;.\ext\jts.jar;.\ext\jbossall-client.jar;.\ext\concurrent.jar;.\ext\getopt.jar;.\ext\gnu-regexp.jar;.\ext\jacorb.jar;.\ext\jboss-client.jar;.\ext\jboss-common-client.jar;.\ext\jbosscx-client.jar;.\ext\jbossha-client.jar;.\ext\jboss-iiop-client.jar;.\ext\jbossjmx-ant.jar;.\ext\jboss-jsr77-client.jar;.\ext\jbossmq-client.jar;.\ext\jboss-net-client.jar;.\ext\jbosssx-client.jar;.\ext\jboss-system-client.jar;.\ext\jboss-transaction-client.jar;.\ext\jcert.jar;.\ext\jmx-connector-client-factory.jar;.\ext\jmx-ejb-connector-client.jar;.\ext\xdoclet-module-jboss-net.jar;.\ext\jsse.jar;.\ext\jnet.jar;.\ext\jmx-rmi-connector-client.jar;.\ext\jmx-invoker-adapter-client.jar;.\ext\jnp-client.jar;.\ext\wlfullclient.jar;.\ext\webserviceclient+ssl.jar;.\ext\sas.jar;.\ext\oc4jclient.jar;.\ext\ejb.jar;.\ext\oscache.jar;.\ext\commons-logging.jar;.\ext\javagroups-all.jar
>
xlclient.cmd:
>
@echo off
setlocal
call classpath
REM SET DEBUG_OPTS=-classic -Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5001 -DXL.RedirectSysOutErrToFile=TRUE -DXL.SysOutErrLogFile=.\logs\Client.System.Out.Err.log
REM Make sure to remove java.naming.provider.url and read it from the configuration
REM once the JNDI Profiles are implemented.
REM make sure you are using j2sdk1.4.2_05
"C:\jdk1.6.0_22\bin\java" %DEBUG_OPTS% ^
-DXL.ExtendedErrorOptions=TRUE -DXL.HomeDir=C:\oracle\oim1_11g\designconsole ^
-Djava.security.policy=config\xl.policy ^
-Dlog4j.configuration=config\log.properties ^
-Dweblogic.security.SSL.trustedCAKeyStore=%TRUSTSTORE_LOCATION% ^
-Djava.security.manager -Djava.security.auth.login.config=config\authwl.conf ^
com.thortech.xl.client.base.tcAppWindow -server server
endlocal
>
See if this works.
-Kevin -
Hi All,
My env is oimps1 on linux and db on different machine.
After the first initial load of the user and org data,suddenly the oim has become too slow
viewing a profile takes 5 minutes and even I haveseen that the cpu goes to 100%.
This is really a worry for the project.
Please suggest what can I do to fix this.I have no clue.Is there any luck in the performance issue? Did you able to improve the performance in any ways?
We are exactly facing the same problem as like yours. Only 3 people are using the server and 15k users in OIM. The performance is really bad. Oracle also can't find anything wrong in the WLS setup and they asked us to apply BP04. We applied BP04 but as expected it didnt help in anyways.
Plz let us know if you could manage to fix this issue or any workaround which you are following.
Thanks
log -
OIM 11g: Issue while evaluating rule for Role Membership
Hello All,
I have configured few General Rules using 2 of our User Defined Fields, these general rules are used to determine role membership.
What we observed that once "Identity Status" attribute is set to "Disabled" for OIM User Profile then OIM stops evaluating these configured General Rules for Role Membership.
Env Details:
Product Version: Oracle Identity Manager 11.1.1.5.0
App Server: WebLogic Server Version: 10.3.5.0
OS: Red Hat Enterprise Linux Server release 5.5
Database: Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64 bit
Please let me know if any of you have encounter this issue and if there is any workaround available for it.
Thanks,
ShyamRe: OIM11g: Resource not revoked if the Identity Status is DISABLED
XL.EvaluateMembershipForInactiveUser
Workaround:
You can make you of Event Handler and assign that group with APIs. -
We installed OIm as "Oracle Identity Manager with Audit & Compliance module",
But I dont see any information in historical reports.
All reports say "no records found"
Do we have to enable Auditing somewhere?I have a similar issue. In log, it says:
ERROR [XELLERATE.AUDITOR] Error while processing audit message
java.lang.NullPointerException
It didn't process any records till now. The AUD_JMS table has thousands of records.
My version: 9.1.0.1865.28
Any suggestions? -
OIM 9102 BP12 Migration from WebSphere 6.1 to Weblogic 10.3
Hello,
We're planning to move(9102BP12) from WebSphere6.1 to Weblogic10.3.
I found Oracle metalink which says -
================================================
JDK Migration restriction:
You can only migrate to JDKs that falls with in the same groupings.
Group 1: Sun JDK, Oracle JRockit, HP JDK
Group 2: IBM JDK.
Example: If you are running OC4J using Sun JDK then you can migrate to Oracle WebLogic Server using Sun JDK, Oracle JRockit or HP JDK. However, you can't migrate to IBM JDK.
==============================================
This is because the data in the OIM schema is encrypted using the IBM's encryption libraries which are not available for Sun JDK. What i understand is that the IT resource configuration details are encrypted with installed JDK. However, if we re-configure the IT resource with Weblogic setup (after installing oim on Weblogic poining to the existing database), we could proceed with this migration.
Has anyone executed Websphere to Weblogic migration before for OIM? Any input will help.
Thanks,Sorry for the delay as I got busy with my current project. Here are the answers to your questions.
1) If i install WLS point to existing OIMDB, do i necessarily need to copy old .databasekey from WAS environment?
<Abhi>: Yes, you will have to copy these files to the WLS environment.
2) During WLS install, it'll ask for xelsysadm password. Will this password overrides to existing one in OIM DB? And later on when i'll try to login to OIM-WLS using this password, will that work?
<Abhi>: Yes, but are you planning to have different passwords. The xelsysadm password is stored in OIM database. So if you update it, it will reflect in all the OIM middle-tier instances attached to this database.
How about handling the encrypted values in WLS environment:
(1) IT resource params - reconfigure them after migration - through design console in Weblogic environment
<Abhi>: Yes. you may have to review the values in the IT resource params and the other atrifacts as RO, process forms etc. But most of the work will be done by the deployment manager export/import functionality.
(2) User password and security Q&A - We're using SSO to login to OIM, so not a concern
<Abhi>: You are good with this.
(3) UDF encrypted attribute - After doing the migration, if we run the user trusted recon 1 more time.. then all the user attrs values would be overriden (including encrytped UDF).
<Abhi>: If there is an encrypted UDF field, you will have to take care of this manually. BTW, is this field encrypted on the OIM side as well as the application side.
(4) Encrypted object/process forms - i've pending task to analyze if we've any such attrs(process form encrypted 'password' to target(e.g. AD) - i could think of such cases)
<Abhi>: If there is something like this, you will have to take care of this manually. Check the possibility of writing a custom code to go thru the OIM users and dump the decrypted data in some file. Later you can update the selective user data in the new environment
Did you follow the similar process? What issues did you face because of the IBM to SUN JDK use?
<Abhi>: Yes, I followed the same steps and did not faced much issues. It was pretty straight-forward. Just make sure that the export/import using Deployment manager is successful.
Please let me know if you have more questions. -
Hello,
After enabling ldapsync between OIM and OID, only a few users orcladmin,public,idrouser and idrwuser are imported into OIM from OID. Other users created with prepareIDStore "oimadmin,oamadmin,weblogic_idm, weblogic_admin,oaamadmin" are not imported.
When "ldap user create and update full reconcilation" job is run from OIM console, it throws the following error. Exception Message oracle.iam.ldapsync.exception.ProcessLDAPReconDataException: java.lang.NullPointerException
Used libOVD. OIM, LDAPSYNC configuration is done at the same time.
Users created in OIM are seen in OID and any changes made to OIM users are propagated to OID.
OIM diagnostic log shows
oracle.iam.platform.kernel.EventFailedException: IAM-3050127:An error occurred in user name generation. Please provide either Email or First Name and Last Name for DefaultComboPolicy.:Email:First Name:Last Name:DefaultComboPolicy
Even though attributes firstname,lastname and email are all present in the ldap profile for a given user.
Environment:
Solaris SPARC 9 - 64 bit, OIM 11.1.1.5, OAM 11.1.1.5, OID 11.1.1.5, WLS 10.3.5
Have any of you faced similar issues on Solaris? When the same steps are performed on Linux based IDM install (both 32 and 64 bit), all users were imported.
Please advise.
Thanks!
Edited by: 840732 on Mar 9, 2012 2:23 PM
Edited by: 840732 on Mar 9, 2012 2:28 PMHi,
Change the Connection pool parameter to "False" in Directory Server( in Manage IT Connector), and re-run the job.
Thanks
Balaji Ketti -
I am seeing this message when I log in to OIM client. It was working fine yesterday and today I see this (below). The DB is up and server is up and see no issues there.
Description: Database client has not bound to the server-side database object. Either the client database object has never bound to the server-side database object, or the server-side database object is no longer accessible.
Remedy: Attempt to login again. If this fails, contact your system adminstrator.
Anyone know what the issue might be?Another option that will tell you what part of the network and/or application stack that is failing is to sniff the connection to the db.
Instructions: http://iamreflections.blogspot.com/2010/08/how-i-learned-to-stop-worring-and-love.html
Maybe you are looking for
-
Migração de saldos para um novo Ledger no new GL.
Boa Tarde Pessoal, Estou com o seguinte cenário e gostaria de saber se alguém já passou por essa situação. Estou em um projeto que já tem algumas empresas implementadas com a Versão ECC6.0 e com o New GL ativado com isso a tabela FAGLFLEXT está ati
-
Custom Name Identifier format in Oracle Identity Federation (OIF)
Hello, at the moment we're using OIF 10.1.4.01 together with Oracle Access Manager (OAM) and everything works well. We're acting as both IdP and SP in the Federation for which we are using OIF. So far we're using the persistent name ID format as Subj
-
Parser.setErrorStream in SAX Parser
The setErrorStream method is not provided in the SAX API. It would be very helpful and nice to have this there as in case of schema validation, if the structure of the document is not according to the XSD, and there are lots of errors, ArrayIndexOutO
-
I would like to run a unix command and capture the output by running a java program on a windows 98 machine, this will be ran on a secure intranet. What is the best way to do that. If anyone knows of an example source code that would be great. thanks
-
HP Scanjet 4850 Photo Scanner driver for Mac OS9.x
I need the driver and other information to get my scanner to work. Driver says that it has unknown author and will not install