OIM - AD Integration

Hi Gurus,
Does anybody had problem with Remove User From Group task?
It seems that task is disabling AD user account instead of removing only the groups.
AD user was provisioned by access policies. By change user attributes, new access policy is applied.
Any help will be very appreciated.
Carlos

If resource object is still in Enabled state then it really shouldn't be the AP that is responsible.
Something else must be doing this unless you have Gremlins in your system (or a very creative OIM programmer).
I would consider network sniffing to see what actually is going on. Some pointers: http://iamreflections.blogspot.com/2010/08/how-i-learned-to-stop-worring-and-love.html

Similar Messages

OIM AD Integration - 'User must change password at next logon'

Hi,
These are the issues in OIM AD integration that we are stuck up on:
Issue:
1. When OIM Admin resets the password for User1 in OIM, the password is propagated to AD but the ‘User must change password at next logon’ attribute is not updated in AD. As a result, if the User1 logs into AD account (i.e. computer), there is no prompt to change the password.
2. When AD Admin resets the password for User1 in AD and checks the ‘User must change password at next logon’ flag, the password is propagated to OIM but the ‘obpasswordchangeflag’ attribute (of oblixPersonPwdPolicy class) is not updated in OID. As a result, if the User1 logs into OIM account, there is no prompt to change the password.
Research:
1. For case 1 above: When OIM Admin resets the password for User1, the ‘User must change password at next logon’ attribute on the AD process form itself is not getting updated. So the AD Connector doesn’t propagate the attribute to AD.
2. For case 2 above: When the AD Admin resets the password for User1 in AD, the AD Password Sync connector only sends the password to OIM and not other attribute. So, there is no way to fetch the ‘User must change password at next logon’ attribute and then copy it into ‘obpasswordchangeflag’ attribute in OID.
Environment Details:
1. OIM-OAM-OAAM 11.1.1.5 BP02 integrated using OVD-OID 11.1.1.5
2. AD on WIN 2008 R2.
3. OIM AD Connector 9.1.1.7.2
4. AD Password Sync Connector 9.1.1.5
Any help would be highly appreciated!
Thanks,
Kulesh...

Thanks for your reply again.
I did not get you completely here. Can you please elaborate on the "process task on the AD Process which passes along the USR_PWD_MUST_CHANGE and immediately sets it to 0 this should work". How many total additional tasks would be needed here?
what all targets are you provisioning the password to?
- AD and OID (through LDAPSYNC)
where are end users allowed to change their passwords on (OIM,AD....??)
- Both OIM and AD.
Where can admins change the passwords?
- Currently they use ARS for such purposes but this is something we need to clearly define. The thing is, they use ARS for whole lot of purposes and we can't dictate/restrict them to use OIM only for password resets. So they may use ARS or OIM.
What do you suggest?
Edited by: Kulesh Kane on Nov 8, 2012 11:43 AM

OIM-OAM integration and LDAP Sync

Hello All, I have deployed OIM 11g R2 and OAM/OVD 11.1.1.5. Now I need to enable LDAP sync for OIM-OAM integration and I'm not allowed to extend Oracle schema in AD. So I decided to use OUD for FMW schema and I have completed all those steps and OUD is up and running. Since my enterprise directory is AD and OUD is my FMW directory, I need to think of a split profile setting in OVD. I'm following this link http://fusionapplications-ateam.blogspot.com/2012/04/split-profiles-with-ad-and-oid-for.html for this deployment. I have OVD adapters configured for AD, OUD, Join view and changelog. The link does not clearly explain the steps in OIM for LDAP Sync.
When I configure LDAP Sync in OIM, should I point the sync to the OUD users container?
When and how this cn=shadowentries container will be used? I understand that the password (obattributes) are used for password management by OAM, but wondering where will that get stored in OUD?
Please let me know your thoughts.
Thanks.

Hi,
when I use url:
http://idm1:14000/admin/faces/pages/Admin.jspx
I get Access Manager login page, I can click links: register new user, reset password and I get correct OIM pages. But when I type xelsysadm and password I get error on the next page:
Error 401--Unauthorized
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.2 401 Unauthorized
I can't logon to EM, OAMconsole, Weblogic etc. when the OAM is running. In OIM log I got errors from oam-agent: "User is not authorized to access resource, MinorCode: DENY, MajorCode: DENY".
I have got user xelsysadm in OIM and in LDAP, when the OAM is not running I can login to OIM, create users in OIM (they appear in OID) etc. The user xelsysadm is added to group: OAMAdministrators. Also when I try to logon to OAM console (http://idm1:7001/oamconsole) using orcladmin name I get error: Access to administration console is restricted. But when I use weblogic username (the user is in OAMAdministrators group in OID) i can get OAMconsole.
How can I change logon type in OIM?
best
mp
Edited by: J23 on 2011-01-10 00:47

OIM - AD integration info required

Hello Experts,
I want to integrate OIM with AD. For your information, I have installed OIM 11g on my windows system and all other things are like database are on my windows system only, Kindly suggest me about the about OIM-AD integration.
Also tell me if I can create vm for AD???
what is the difference between AD and OID?? Suggest which should I install?
what are all the things which I can perform after this integration,??
As am doing this for learning purpose and am a newbie please suggest from the basics.
Any information about AD usage will be very helpful.
Kindly suggest...
Regards,
KK

I don't know how much RAM you have in your machine. If you have VM for AD again you required around 1-2 GB of RAM.There is no seprate installer of AD. For Active Directory(AD) you have to have the VM for windows 2003 or windows 2008 server. where you will configure and enable Active Directory for OIM integration.
Better you can install OID in your Local windows machine if you have enough memory. Both AD and OID are directory server and based on LDAP protocol. Where OID is oracle product and AD is Microsoft product.
You won't get much diff on functional level. But there are architectural diff is there. As OID use its own Database(oracle DB) internally where AD don't use DB.
Once you setup with the target systems download online OOTB connectors and start with integration.
Connector doc has all the required steps to move on.
www.oracle.com/technetwork/middleware/id-mgmt/downloads/connectors-101674.html

OIM - OIA integration documentation

hi,
i am facing some issues in OIM-OIA integration.
version used:
OIM ( Version: 9.1.0.1866.47 )
OIA 11gR1 where we have applied bundle patch 11.1.1.3_bp04
can anyone please share with me the link or guide for integrating OIM ( Version: 9.1.0.1866.47 ) and OIA 11gR1
Thanks in advance.

Hi,
Those are not a really a document, but I think will be helpful for you, because helped me as well.
1-http://cn.forums.oracle.com/forums/thread.jspa?messageID=9612293
2-OIM & OIA 11g integration
3--http://www.identigral.com/blog/2009/10/19/oracle-identity-analytics-11g
I hope this help.
Thiago Leoncio Guimaraes

OIM-SOA integration

Hi all,
please provide me the document to know how the integration of OIM and SOA is done.
thank you.

OIM-SOA integration ????
SOA is a required component before you install OIM 11g. Are you looking for how to install SOA before OIM install ?
Thanks
GK

OIM-OAM integration error

Have the following:
OAM - 11.1.1.5
OIM - 11.1.2
Following this guide - http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/oim.htm#CHDHGEHJ
While running idmConfigTool.sh -configOIM script, I get the following errors:
Mar 13, 2013 10:43:03 AM oracle.idm.automation.impl.oim.handlers.OIMIntegrationHandler performConfigOIMOperations
WARNING: java.lang.UnsupportedOperationException: Could not find MBean operation "registerThirdPartyTAPPartner(java.lang.String, java.lang.String, java.lang.String, java.lang.String)" for MBean registered un
der "com.oracle.oam:name=OamWLST,type=oam.wlst,Application=oam_admin,ApplicationVersion=11.1.1.3.0" and implemented by "class oracle.security.am.wlst.management.FoundationConfigMXBeanImpl"
~
Has anyone seen this? Please let me know. I confirmed from support earlier that OAM 11.1.1.5 is supported for integration with OIM 11.1.2.
Thanks.

This is a bug. Patch 12733108 (OAM BP02) has to be applied. The script worked fine after the patch.
Sunil.

Facing issue when LDAPSync is enabled for OIM-AD integration with SSL enabled

Hi
We are performing LDAPSync for OIM AD real time sync.We have done all configuration as per oracle documentation on LDAPSync for OIM 11gR2 : http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/oid_oim.htm The OIM environment we tested is the latest OIM version OIM 11gR2 PS1 (11.1.2.1.0).
WE have performed LDAPSync enablement on postinstallation of OIM .So we dont have OVD , we have configured libOVD as mentioned in this doc.
We have performed following steps mentioned in this document in our OIM environment.
3.1 Enabling Post installation LDAP Synchronization
3.3 Creating Identity Virtualization Library (libOVD) Adapters and Integrating With Oracle Identity Manager
As attribute like password might be not getting updated in AD from OIM , we have configured SSL enabled integration in LDAP sync as mentioned in above document.
We implemented this step 3.4.1 Enabling SSL Between Identity Virtualization Library (libOVD) and Microsoft Active Directory,
but here it is not properly mentioned that about how to import public key certificate of AD into OIM envirioment for SSL.
We are getting following error message in logs : Looking at logs it looks like the import of AD SSL certificate did not happen properly in OIM environment. But ,we have imported it using keytool and OVD keystore ...please let us know if we are missing any configuration in this process.Above oracle document is not pretty clear on this.
<Dec 7, 2013 12:22:53 AM IST> <Warning> <oracle.ods.virtualization.engine.backend.jndi.LDAP2.BackendJNDI> <OVD-40118> <Could not automatically detect binary attribute list: simple bind failed: 10.88.164.231:636.>
<Dec 7, 2013 12:22:53 AM IST> <Warning> <oracle.ods.virtualization.engine.backend.jndi.LDAP2.JNDIConnectionPool> <OVD-60024> <Connection error: simple bind failed: 10.88.164.231:636.>
<Dec 7, 2013 12:22:53 AM IST> <Error> <oracle.ods.virtualization.engine.backend.jndi.LDAP2.BackendJNDI> <OVD-60143> <[#LDAP2] Unable to create connection to ldap://[10.88.164.231]:636 as null.
javax.naming.CommunicationException: simple bind failed: 10.88.164.231:636 [Root exception is javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty]
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:195)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2720)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:296)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
at oracle.ods.virtualization.engine.backend.jndi.JNDIConnectionPool.createCtx(JNDIConnectionPool.java:463)
at oracle.ods.virtualization.engine.backend.jndi.JNDIConnectionPool.create(JNDIConnectionPool.java:494)
at oracle.ods.virtualization.engine.backend.jndi.JNDIConnectionPool.<init>(JNDIConnectionPool.java:156)
at oracle.ods.virtualization.engine.backend.jndi.RemoteServer.getJNDIConnectionPool(RemoteServer.java:163)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.getLDAPContext(BackendJNDI.java:984)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.getConnection(BackendJNDI.java:927)
at oracle.ods.virtualization.engine.backend.jndi.ConnectionHandle.getHolder(ConnectionHandle.java:415)
at oracle.ods.virtualization.engine.backend.jndi.ConnectionHandle.search(ConnectionHandle.java:250)
at oracle.ods.virtualization.engine.backend.jndi.JNDIEntrySet.initialize(JNDIEntrySet.java:219)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.get(BackendJNDI.java:728)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:303)
at oracle.ods.virtualization.engine.chain.BasePlugin.get(BasePlugin.java:89)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:314)
at oracle.ods.virtualization.engine.chain.BasePlugin.get(BasePlugin.java:89)
at oracle.ods.virtualization.engine.chain.plugins.usermanagement.UserManagement.get(UserManagement.java:742)
at oracle.ods.virtualization.engine.chain.Chain.nextGet(Chain.java:314)
at oracle.ods.virtualization.engine.chain.PluginChain.runGet(PluginChain.java:211)
at oracle.ods.virtualization.engine.chain.PluginManager.runGet(PluginManager.java:351)
at oracle.ods.virtualization.engine.chain.PluginManager.runGet(PluginManager.java:316)
...more
Caused By: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1731)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1692)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1675)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1601)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:94)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:414)
at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:387)
at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:332)
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:190)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2720)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:296)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
at oracle.ods.virtualization.engine.backend.jndi.JNDIConnectionPool.createCtx(JNDIConnectionPool.java:463)
at oracle.ods.virtualization.engine.backend.jndi.JNDIConnectionPool.create(JNDIConnectionPool.java:494)
at oracle.ods.virtualization.engine.backend.jndi.JNDIConnectionPool.<init>(JNDIConnectionPool.java:156)
at oracle.ods.virtualization.engine.backend.jndi.RemoteServer.getJNDIConnectionPool(RemoteServer.java:163)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.getLDAPContext(BackendJNDI.java:984)
at oracle.ods.virtualization.engine.backend.jndi.BackendJNDI.getConnection(BackendJNDI.java:927)
...more
Caused By: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:57)
at sun.security.validator.Validator.getInstance(Validator.java:161)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:108)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:204)
at oracle.ods.virtualization.engine.util.OVDTrustManager.checkServerTrusted(OVDTrustManager.java:99)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1198)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:925)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1170)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:637)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:89)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
Let us know for any helpful pointers on this
Thanks in advance,
RPB25

Use the steps given below to perform import public key certificate of AD into OIM envirioment for SSL
Obtain the AD Certificates from the AD Administrator.
Copy the AD Certificates to the directory /jrockit-jdk1.6.0_20/jre/lib/security
Run the following command to import all the certificates
/jrockit-jdk1.6.0_20/bin/keytool -import -alias <provide_alias> -file <file-name> -keystorecacerts -storepasschangeit
4. The CA certificates are now present in the trust store.

OIM 11g integration AutoLogin error (first login or forgot password)

Hi,
We are currently integrating OAM+OIM 11g (R2). We have used a 10g webgate for this.
When the user logs in for the first time, and sets his password and answers the challenge questions, he should be "Auto logged in" when he is finished.
The same scenario should happen, if the user forgot his password, and resets it. He should be "Auto-logged in" when finished.
This is not happending for us.
The OIM logs tells us this:
ERROR: Autologin failed oracle.iam.ui.platform.sso.exception.AutoLoginException: Error occured while retrieving TAP partner key from Credential store
We have tried to verify everything recommended by this Oracle Support article:
How to Solve Autologin problems in OIM with OAM? [ID 1475297.1]
Any ideas what we are missing?
Thanks & Regards,
Henrik

Maybe this is a something?
Whate should the value of the property OAM_SERVER_VERSION be, when running idmConfigTool.sh and using a 10g webgate for the integration?
Chapter 7.6 in the integration documentation states this:
OAM_SERVER_VERSION: 11g (use 10g if Oracle Access Manager 10g is used)
http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/oim.htm#CACFCJHI
Under chapter 2.4.5 in the idmConfigTool documentation it's described like this:
OAM_SERVER_VERSION: Required only when Access Manager server does not support 11g webgate in Oracle Identity Manager-Access Manager integration. In that case, value should be provided as '10g'.
http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/idmcfgtool.htm#CIHCICHD
When we ran the script, we had the value set to "11g" (because that's our OAM version)... now I'm wondering if I need to set this value at all..
Regards,
Henrik

OIM - OIA Integration

Hi guys!
It's is possible integrate OIA 11g ( *11.1.1.3.0* ) when it's deployed in Apache Tomcat ( *6.0.18* ) and OIM 11g ( *11.1.1.3.0* ) is deployed in Weblogic ( *11.1.1.3.0* )?, because the documentation (http://wikis.sun.com/display/OIA11gDocs/System+Integrator%27s+Guide) suggest two ways to do it ( Preferred and Deprecated Methods).
I'm already using the Deprecated method due to I cannot download the Bundle Patch (BP3) for OIA that is neccesary for using Preferred Method.
When I'm configuring my Provisioning Server (OIM) in OIA I see the field Initial Context Factory but the documentation doesn't show nothing about tomcat and I don't know what value must be here.
I need your help with this value!
Thanls in advance

When you have OIA and OIM on different servers, you need the oim config directory FTP'd from the OIM server to the OIA server.
Therefore, the Xellerate Home and Login Config settings are then set with the locations on the configs on the OIA server where you have copied these directories to. This will reslove the problem.
After solving the above error I proceeded with a new error!! Can anyone help?
Thor.API.Exceptions.tcAPIException: Error while getting utility Thor.API.Operations.tcUserOperationsIntf

OIM-OID Integration

Hi all,
I am integration OID with OIM and have few queries regarding the same
@ Provisioning
Provisioning into OID is working fine and I am able to provision users into it, but when I check JBoss logs it gives error saying mapping not defined for firstname and similarly for other attributes also.
@ Reconciliation
I am not able to configure reconciliation between the two as I am not able to modify the configuration it shows DOBJ.GENERROR while updating the reconciliation task/configuration as defined in OIM document.
Any help in this regard will be appreciated.

No sure, Vicky. Could you get OIM logs when you run evaluate access policy and show us if have any relevant information?
Enable this below if is possible, please:
.../OIM_HOME/xellerate/config/log.properties
log4j.logger.XELLERATE.POLICIES=DEBUG
log4j.logger.XELLERATE.RULES=DEBUG
log4j.logger.XELLERATE.DATABASE=DEBUG
log4j.logger.XELLERATE.APIS=DEBUG
log4j.logger.XELLERATE.WEBAPP=DEBUG
log4j.logger.XELLERATE.SERVER=DEBUG
log4j.logger.XELLERATE.REQUESTS=DEBUG
regards,
Thiago L Guimaraes

OIM - OIA integration steps not clear

We are integrating OIM 9.1.0.2 BP14a with OIA 11g R1 BP03. Can anybody clarify on the integration steps mentined in the preferred method of integration steps provided in http://wikis.sun.com/display/OIA11gDocs/Integrating+With+Oracle+Identity+Manager,+Preferred+Method#IntegratingWithOracleIdentityManager%2CPreferredMethod-step1 ?
Atleast, the following 2 steps need clarification:
•Copy the following JAR files located in the <IDM-HOME>/server/lib folder to the Oracle Identity Analytics $RBACX_HOME/WEB-INF/lib folder:
What is this *<IDM-HOME>/server/* in nthe above step. I think this should be <OIM_HOME>/xellerate for OIm 9.1.0.2 and <IDM-HOME>/server/lib for OIM 11g.
•Copy the conf folder from <OIMDesignConsole>/conf to the Oracle Identity Analytics $RBACX_HOME/WEB-INF/lib folder.
Again this step looks like specific to OIM 11g, because OIM 9.1.0.2 does not have the dir <OIMDesignConsole>/conf. Is it so? I think the step is erroneous.

Prakash,
You are right for mentioned step 1,
•Copy the following JAR files located in the <IDM-HOME>/server/lib folder to the Oracle Identity Analytics $RBACX_HOME/WEB-INF/lib folder:
Its <OIM_HOME>/xellerate for OIm 9.1.0.2 and <IDM-HOME>/server/lib for OIM 11g.
step 2:
Copy the conf folder from <OIMDesignConsole>/conf to the Oracle Identity Analytics $RBACX_HOME/WEB-INF/lib folder.
You can get this folder, from where you install design console installation for both oim 9.1 (xlclient/config) and oim 11g (designconsole/config).
Hope helps you !!!
Regards,
Ravi.G

Error : OIM - OIA Integration

hai gurus,
i got some error when i integration OIA with OIM. i'm trying to running import scheduler and i'm facing an error.
this is an error :
29 Jun 13 0:56:05 com.thortech.util.logging.Logger error
SEVERE: Class/Method: tcUtilityFactory/tcUtilityFactory(Hashtable env, String psUserId, String psPassword) encounter some problems: javax.security.auth.login.LoginException: java.lang.SecurityException: [Security:090304]Authentication Failed: User xelsysadm javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User xelsysadm denied
javax.security.auth.login.LoginException: javax.security.auth.login.LoginException: java.lang.SecurityException: [Security:090304]Authentication Failed: User xelsysadm javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User xelsysadm denied
        at weblogic.security.auth.login.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:199)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
i'm using :
OIM 11.1.1.5 bp07
OIA 11.1.1.5 bp05
weblogic 10.3.5
oracle db 11.2.0
any solution in this error ?
thank's
darvesth

can somebody to help solving this error ??

OIM-OES integration

Hi all,
can anybody gelp me with integrating (OIM 11g and OES 11g) or (OAM 11g and OES 11g ).please provide me the document that describe the integration steps.
Thank you.

Can you give more information on your use case. BTW, you should look at attending OES training, this will give you a good high level picture as well as hands on experience.
Bye,
Subbu Devulapalli
*My Blog: [url http://accessmanagement.wordpress.com/]Authorization for the Real World*
*Follow me on [url https://twitter.com/#!/BloggerSubbu]Twitter*

OIA - OIM 11gR2 Integration - Which WLS Version?

Hello,
we want to integrated OIA with OIM 11gR2. Which version of WLS server should we use? OIA is only certified with WLS 10.3.5.
Oracle recommends as follows:
Both Oracle Identity Manager and Oracle Identity Analytics should be installed on servers running the same version of the application server software, as well as the same version of the Java® Virtual Machine (JVM).
Doe this mean, i have to run both application on WLS 10.3.5. Which impact do i have, i OIA is running on WLS10.3.5 and OIM is running on WLS10.3.6?
What are your experience with OIM R2 and OIA?
Thanks!

Hi,
With 10.3.6, the default engine not supporting TLS version 1.1 and above and as a result some client were getting the error (as they had TLS 1.0 unchecked in their IE configuration). To resolve this we have changed the default Weblogic SSL engine to use JSSE SSL engine which supports all the protocols.
Regards,
Daniel

Disable OIM-OAM11g Integration

Hi,
I have OIM11g (11.1.1.5) integration in place. I would like to disintegrate OIM and OAM.
I dont see any documentation for this.
Any help on this is helpful.
Thanks
vicky

Hi Venky,
I have searched and I don't find any documentation from oracle on this. I guess you need to raise SR on this and find out.
Regards,
Chinni

OIM - AD Integration

Similar Messages

Maybe you are looking for