OIM: Help Required --Assigning proxy user

Hi OIM Experts,
I have a requirement where, a user have to select another user in the organization as the proxy user.
But when I try to search for other users in the organization, the search result is null. Because of this, I cannot assign a proxy user other than manager??
Why is this happening. Are there any permissions to be granted ?? What are the limitations for this ??
Thanks in advance

See the posts of this thread Re: Approval reassignment to non-admin user in OIM? I think you can get more informations about the users listed when you search for...
Renato.

Similar Messages

  • Help required for the users  report requirement

    Hello,
    User requirement is to get the report as follows
    Period            planned order     Production order      Backlog
    Feb2008          15                           3                      18
    March2008      4                            11                     15
    Backlog is the formula for planned order & production order.
    My problem is that, In the cube the data for planned order is the char value 'X' or a blank.
    It has to count the total of planned order for the entire month of feb,& print the value counting the number of 'X',here as shown as 15.
    Planned order, Production order are in rows & are chracteristics.
    Is thr any solution to count master data which has a char value(X).
    I have tried using the formula variable.I had created the new formula.Then using the data functions as count(Formula variable),using the replacment path.But it did not work
    Help me out to find the total for the char value of the master data.
    Help would be rewarded!

    Hello,
    For BACKEND:
    1) Create a normal KF say counter and include it in the cube.
    2) Now you can populate the value for this KF via end routine in transformation.
    3) You need to check whether the value for planned order is X. If yes then update KF with value 1.
    4) I hope you can take care of this routine part. Once this is done the data in the cube might look in below manner:
    Month Planned-Order Counter
    Feb 2007 | X | 1
    Feb 2007 | X | 1
    Feb 2007 |  | 0
    Feb 2007 | X | 1
    Feb 2007 |  | 0
    Mar 2007 |  | 0
    Mar 2007 | X | 1
    Mar 2007 |  | 0
    Mar 2007 |  | 0
    Mar 2007 | X | 1
    Now in the report if you include month and counter the report will look like
    Month Counter
    Feb 2007 | 3
    Mar 2007 | 2
    If you see the counter is getting aggregated to give you the sum against the value of planned order as X against month.
    I think this should work.
    If this dosent work let me know i will let you the alternate solution for frontend. but for that too you need to make the above backend changes.
    So do the backend changes and try to use counter KF for showing planned orders and i think it should work fine.
    Regds,
    Shashank

  • Help required with oracle user management

    My requirement is to hide the developer toolbar that shows at the bottom of all the pages in the application. This happens when I log into the application as an administrator or a developer. When I try logging in as an end user, who does not have developer or administrator privileges, I get a message saying that " Access denied by application security check". This problem does not depend on whether I use apex security or database security for my application, in both the cases, as soon as I login to the worksapce with a user account, this message is displayed. Please help me out. Any sort of help will be appreciated.
    Message was edited by:
    shantanu

    Hi Shantanu
    When you log in to the workspace, the URL will end with something like: /pls/htmldb/f?p=4550 (it may also end with /pls/htmldb/htmldb_login)
    To log in to your application, you need to change the final number to the number of your application. For example, if your application is number 105, then change the end of the URL to: /pls/htmldb/f?p=105.
    Your application should have a login page (typically, Page 101) which should be loaded as soon as the user tries to get to your application.
    Regards
    Andy

  • Help required in ISA user management

    Hi! Gurus..........
    I have created an BP in the role contact person and for this BP I have created an internet user , the internet user is created and the role is also asigned to it...............now the issue is when I am going to the transaction BP the address in displayed for this BP as well as in  transaction SU01, but when I am going to ISA user management its not showing the address for this BP created..............
    Please provide ur valuable inputs so that i can proceed futher...I am really new to this so please try to understand the question..

    I found this in a thread written by Gerhard Djuracek from SAP, perhaps it will help you:
    We distinguish 3 categories of addresses.
    Addresscategory 1, address for organisations
    Addresscategory 2, address for persons
    Addresscategory 3, address on a relationship.
    The address on a relationship is built of an address from an organisation. But it's not the whole address from that specific organisation, it's only, let's call it the postal part. Things like street, city, postal code and so on. The name part is taken from the person, which is involved in that relationship.
    So we have here a mixture of Addresscategory 1 and Addresscategory 2. The communication data, we have only 3 communication categories on a
    relationship, phone, fax and E-Mail address, is not taken from the organisation or the person's address. The communication data used on a relationship, is that one, which you can maintain in the section address data after having assigned an address to the relationship.
    Any changes on any comm data of the organisation, will have no effect on the comm data of the relationship. Only changes on the address of the organisation, which will effect those fields, we called above the postal part of an address, will be taken into account for the address on the relationship.
    In CRM, the contact person is a business partner of type person and can have many addresses of type 2, but only the standard address is
    exchanged with the home address in the R/3 system.  If you create a relationship of category 'contact person', you can have an address of type 3 for every address of the customer, but only the standard address of type 3 is exchanged with the contact person's address of type 3 in R/3.
    The concept of the business address does not exist in CRM. If a contact person is working for different customers, you create different relationships of category 'contact person' instead of creating a business address.
    Hope this information is helpful.
    Regards, Gerhard

  • Help required on finding User Exit in LM02 or in program RLMOB001

    Hi,
    I want to put 2 buttons in LM02 standard screen. is there any exit available do this in LM02 or in Program RLMOB001?. or is there any other way to achieve this?
    Your help will be appreciated.
    Thanks,
    Sree.

    check which one suits for you: there is a program which searches are the available user exits and gives you a list.. use that.. check my wiki's
    EXIT_SAPLLMOB_002     MWMRF701
    EXIT_SAPLLMOB_003     MWMRF702
    EXIT_SAPLLMOB_004     MWMRF703
    EXIT_SAPLLMOB_005     MWMRF704
    EXIT_SAPLLMOB_006     MWMRF705
    EXIT_SAPLLMOB_008     MWMRF760
    EXIT_SAPLLMOB_009     MWMRF761
    EXIT_SAPLLMOB_010     MWMRF762
    EXIT_SAPLLMOB_011     MWMRF763
    EXIT_SAPLLMOB_012     MWMRF764
    EXIT_SAPLLMOB_013     MWMRF765
    EXIT_SAPLLMOB_014     MWMRF766
    EXIT_SAPLLMOB_015     MWMRF767
    EXIT_SAPLLMOB_016     MWMRF768
    EXIT_SAPLLMOB_017     MWMRF769
    EXIT_SAPLLMOB_018     MWMRF170
    EXIT_SAPLLMOB_019     MWMRF700
    EXIT_SAPLLMOB_030     MWMRF105
    EXIT_SAPLLMOB_034     MWMRF634
    EXIT_SAPLLMOB_035     MWMRF105
    EXIT_SAPLLMOB_036     MWMRF634
    EXIT_SAPLLMOB_040     MWMRF106
    EXIT_SAPLLMOB_045     MWMRF106
    EXIT_SAPLLMOB_050     MWMRF107
    EXIT_SAPLLMOB_052     MWMRF633
    EXIT_SAPLLMOB_054     MWMRF633
    EXIT_SAPLLMOB_060     MWMRF107
    EXIT_SAPLLMOB_062     MWMRF650     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0650)
    EXIT_SAPLLMOB_064     MWMRF650     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0650)
    EXIT_SAPLLMOB_070     MWMRF108     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0108)
    EXIT_SAPLLMOB_072     MWMRF632     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0632)
    EXIT_SAPLLMOB_074     MWMRF632     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0632)
    EXIT_SAPLLMOB_075     MWMRF108     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0108)
    EXIT_SAPLLMOB_077     MWMRFUP     Customer defined general purpose pushbutton called from scr.
    EXIT_SAPLLMOB_080     MWMRF412     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0412)
    EXIT_SAPLLMOB_082     MWMRF631     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0631)
    EXIT_SAPLLMOB_084     MWMRF631     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0631)
    EXIT_SAPLLMOB_085     MWMRF412     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0412)
    EXIT_SAPLLMOB_090     MWMRF630     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0630)
    EXIT_SAPLLMOB_095     MWMRF630     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0630)
    EXIT_SAPLLMOB_100     MWMRF151     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0151)
    EXIT_SAPLLMOB_110     MWMRF152     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0152)
    EXIT_SAPLLMOB_120     MWMRF153     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0153)
    EXIT_SAPLLMOB_130     MWMRF202     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0202)
    EXIT_SAPLLMOB_140     MWMRF203     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0203)
    EXIT_SAPLLMOB_150     MWMRF204     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0204)
    EXIT_SAPLLMOB_160     MWMRF205     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0205)
    EXIT_SAPLLMOB_170     MWMRF212     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0212)
    EXIT_SAPLLMOB_180     MWMRF213     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0213)
    EXIT_SAPLLMOB_190     MWMRF221     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0221)
    EXIT_SAPLLMOB_210     MWMRF302     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0302)
    EXIT_SAPLLMOB_220     MWMRF303     ENHANCEMENT FOR USER SCREENS (LOGICAL SCREEN 0303)

  • Help required in OIM - user proxy

    Hi,
    I have set up an approval workflow for provisioning users into OID.
    Here I am trying to delegate the approval task to another user in the absence of the approver.
    For this, I have defined the proxy user for the approver.
    But, once the request has been raised for approval, it is still with the approver, its not reflecting under pending actions for the proxy user.
    Am I missing something ??
    Any help is appreciated...
    Thanks in advance.

    The proxy concept in OIM is not entirely well implemented or well defined and in many cases it turns out that you have to supplement with custom functionality and/or replace it entirely.
    The easiest way to implement your desired functionality is likely to write a scheduled task that moves the approval between the approvers as needed.
    Best regards
    /Martin

  • [OIM] Proxy User with groups

    Dear people,
    I have a scenario where there is a resource with an approval workflow, with 2 steps: in the first the Manager of the requester is the one who must approve. In the second step, a group is assigned as the one who has to make the approve.
    I give a proxy to the Manager and another proxy to one of the group members.
    When the workflow reaches the Manager approval step, it is automatically assigned to the proxy (what I expected).
    The problem arises when the workflow reaches the group approval step, the assignment is still made to the user that is member of the group, not to his proxy user. Is this an OIM limitation? Some workaround?
    Thanks!

    Hi,
    when we assign the task to a group then if the proxy user is the part of that particular group then he has that task automatically why to duplicate the task and if proxy user is not the memeber of the group then he is not authorize to have that task because he is not the member of that group. As user set him as proxy user for him not for group.
    I hope this answer your query....
    Regards
    Alabhya Goel

  • Help Pls: how to assign a user form to a non active sync resource adapter

    I need to implement a non active sync resource adapter, such as oracle database or RACF. When a user is assigned a resource by IdM, an account is created on that resource. I want to transform some attributes during the creation, such as pre-padding the accountId with a letter and zeros. My questions are:
    1) I think attribute transformation should be accomplished by user form. is it correct? How do I assign the user form to the non active sync resource?
    2) What workflow/userform should I change to accomplish that?
    Thanks a lot.

    A cleaner option would be to
    1. Create a custom form, which could be derived from the Tabbed User Form.
    2. Create a delegated admin, with account administrator capabilities at the minimum, and required controlled organization, and assign the above form to this delegated admin -- this is on the same page.
    3. Use this form to create IDs on the specific resource.
    Now in this custom form you could have the logic on how to create the ID in the specific resource. In fact you could have different logic for different resource. Check the tech deployment guide for the exact syntax, but the field might be:
    account[Res_Name].identity
    Note that this setting would override the 'Identity Template' setting as defined in the RA configuration.
    And BTW, it would really help if you readup the 'Forms' section in the guide.
    Regards,
    Suveer Chainani

  • Created By User added to Assigned To User when Assigned To User is empty

    I have a requirement to build a runbook activity that will assign the Assigned To User to match the Created By User when the Assigned To User field is empty. However, I am having difficulty pulling both the Assigned To User and the Created By User and keeping
    them on the same data bus to do my update after comparing my Assigned To field.
    Here is the runbook how I have it currently configured.
    High Level Flow
    Get RBA
    Get CR
    Get Users
    Pull the Created By and Assigned To users
    Determine if Assigned To user is Empty
    If Assigned To user is not empty then end
    If Assigned To user is empty then Update CR to have Created By User = Assigned To User then end
    My problem lies in trying to keep both the Assigned To and Created By users on the same data bus so I can have the Create Relationship activity make the assignment. If I put them in sequential order or wrap around the Created By user with the Assigned To
    user, it has issues pulling the Assigned To user. Here is my attempt of keeping the users on the same databus but this fails when trying to pull the 'Assigned To' user - it makes them the 'Created By' user.
    Any help will be appreciated.

    If the Assigned To User is blank then it will not be returned from the get relationship activity since it does not technical exist. What you can do is flatten the data coming from the Get AD Users activity. Then put a filter on the link to only include
    if the Relationship Class does not contain Assigned To User. This will make it so your runbook will only continue if an Assigned To User is not present. Then you can add a second Get Relationship this time to return the value for the Created By user. Again
    you will create a link filter, but have it only include Created By User. Then you can use the data returned from that to set the Assigned To User.
    Matthew Dowst |
    Blog | Twitter

  • ADF 11g - Proxy User

    Hi,
    We have configured our APP with a datasource but have a problem...
    A lot of our database packages / triggers make use of the explicit 'user' which means that although our app is authenticating
    as "tester" (against an LDAP V3 Repository - OID) , our triggers update with the underlying data source connection ('bto') rather than our authenticated user.
    In 10.1.3.3 we had to use a custom proxy authentication class, which only worked with 1 app deployed in a container and required JDBC credentials
    Does anyone know of any way to do this in 11g in a better fashion?
    Any help is appreciated
    Thanks

    In 10.1.3, the way to use a Database Proxy User was to override the prepareSession() method of your application module to do something like this:
      protected void prepareSession(Session session) {
        Statement st = null;
        try {
          st = getDBTransaction().createPreparedStatement("rollback",0);
          OracleConnection oConn = (OracleConnection)st.getConnection();
          Properties props = new Properties();
          props.put("PROXY_USER_NAME",   ___ActualUserName___  );
          oConn.openProxySession(OracleConnection.PROXYTYPE_USER_NAME,props);
        catch (SQLException s) {
          // ignore
        finally {
          if (st != null) {
            try {
              st.close();
            catch (SQLException s) { /* ignore */ }
        super.prepareSession(session);
      }

  • Using Proxy User Authentication in Sql Developer

    Hi!
    Is it possible to use proxy user authentication in SQL Developer? I'm thinking that if I'm clever enough, I can craft a custom jdbc URL that will allow my users to proxy authenticate into my Oracle 10gR2 database while using SQL Developer.
    Unfortunately, I'm not feeling all that clever. ;)
    Can anybody help me out here? Is it even in the realm of possibility?
    Thanks!
    Kevin Ferlazzo
    DBA
    VA Department of Juvenile Justice

    I found the possibility that proxy authentication of both accounts can be enforced:
    SQL> alter user appuser grant connect through personaluser AUTHENTICATION REQUIRED;
    I guess that this is the motivation for implementing the 2-session proxy connection method in SQL Developer.
    Regards,
    Martin

  • NWA: Restart of a server process requires a specific user

    Hi all,
    we use SAP Netweaver AS Java 2004s 7.0 (Java Stack only).
    Since the installation of SPS10 (prior we had SPS8) restarting a Java server node
    by means of the web interface NWA (netweaver administration) requires a OS user
    and a OS password.
    What is meant by OS user.? I interpreted it with an Operation System user and tried with <SID>adm user but it doesn't work
    Any help is really appreciated
    Regards Karin

    Hi Karin,
    To assign rights to a user you can use this path:
    Control Panel -> Computer Management -> User -> Member of
    Here you can add the Administrator role to the user.
    I would suggest you assign the administrator rights to all the SAP based user.
    Also i suggest to try you windows logon username and password.
    Hope this works!!!
    Regards,
    Prashil

  • EP Role assignment to User.

    Hi,
    I have recently installed EP. When i assigned a New role Created (role i created) to a new User, The Contents assigned to that role is not getting displayed. But, when i also assign a super admin role to the user, the content of new role is getting displayed along with the content of super admin role.
    Infact, when i assign content administration role to the user, it is not geting displayed when i log in as a new user to which it is assigned. however, when i assign the super admin role to the user, the contents of content admin role is getting displayed.
    Is there any Post EP Installation setting required to solve this issue.
    Please help me in solving this issue?

    Hello Shabir,
    Initially all the contents can be viewed only if u have super_admin role. If u want to give access of any folder to a particular user, just open the permission editor of the folder and assign any particular role (say content_admin role) and select the end user checkbox.
    Now assign the user the same role u have specified in the permission editor of the folder. Then the user can view that folder.
    This will solve ur problem.
    Regards
    Deb
    [Reward points for helpful answers]

  • Please tell me your idea about my manner of using proxy user

    Hello
    Please say to me your idea about my manner of using proxy user , I don't know that my method is right , doesn't it has security weakness ?
    Let me to say what I wanna do :
    I want my application users authenticated by database , therefore in my database (Oracle database) I create a user for every application user for example if I have 10 application user I create 10 user in the database for them and I grant necessary privileges to them
    Now I create a proxy user and grant to my users connect through the proxy user
    for example
    alter user user1 grant connect through user_proxy with role role1 authentication required;
    alter user user2 grant connect through user_proxy with role role1 authentication required;
    alter user user10 grant connect through user_proxy with role role1 authentication required;
    And now in Weblogic I create a DataSource that connect to the database by that proxy user
    My client Application (It's a stand alone application) obtain the DataSource from Weblogic and then get from operator its user name and password and then create a proxy session
    in below I've written the application's code
    Hashtable env = new Hashtable();
    env.put( Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory" );
    env.put(Context.PROVIDER_URL, "t3://127.0.0.1:7001");
    try{
    Context context=new InitialContext( env );
    ds=(javax.sql.DataSource) context.lookup ("OracleConnection2");
    conn=(OracleConnection) ds.getConnection();
    java.util.Properties prop = new java.util.Properties();
    String username=getUserNameFromOperator();  //Operator enter user1
    String password =getPasswordFromOperator(); //Operator enter its password
    prop.put(OracleConnection.PROXY_USER_NAME, username);
    prop.put(OracleConnection.PROXY_USER_PASSWORD,password);
    conn.openProxySession(OracleConnection.PROXYTYPE_USER_NAME, prop);
    stmt= conn.createStatement();
    rs=stmt.executeQuery("select SYS_CONTEXT('USERENV','PROXY_USER') ||'--->' || user from dual");
    My anxiety is that this section
    String username=getUserNameFromOperator();  //Operator enter user1
    String password =getPasswordFromOperator(); //Operator enter its password
    prop.put(OracleConnection.PROXY_USER_NAME, username);
    prop.put(OracleConnection.PROXY_USER_PASSWORD,password);
    operator enter a real database username and password
    don't you think it cause security weakness ?
    do you have better suggestion for me ?
    thank you

    Gmail offers POP, which means you can use Mail.app like a regular ISP account. If you need an invite to GMail email me at the address on http://Gnarlodious.com/
    Once yiou have a Gmail address you need to enable POP (which includes SMTP). There is a help link on the GMail page that allows you to enable POP and other features.
    Once that is turned on, you need to set up the Mail.app for downloading your mail (and uploading). There are excellent instruction pages on Gmail, which I believe someone else gave you.

  • CUP 5.3 sp7.1 - 049:Role assignment to user not executed completely

    Hello Experts,
    Message received in audit information:
    049:Role assignment to user not executed completely
    Can anyone help me with why I am receiving this message?
    =[],id=6129,reqNo=201000139,actionDate=Tue Oct 19 10:40:27 EDT 2010,action=ROLE_PROVISIONING_FAILED,userId=U03776,path=,stage=,actionValue=PR4-300,description=049:Role assignment to user U10025 not executed

    Hi,
    Check that the connector that you have created is working fine and also the user ID that you are using in the backend system is within the valditiy date and all the required authorizations.
    Use remote login and ensure that the user can login with out any issues and has all the required authorizations.
    Rgds,
    Raghu

Maybe you are looking for

  • Family sharing with apple ID not primary iCloud ID

    hi! before family sharing existed, we set up a new apple id in iTunes (a gmail address) for my children to share so they could have the same purchases on their iPads. they also had their own unique apple id's for mail, contacts, etc. now that we're t

  • Wipe data

    I wish to wipe my data of my mac, all my games,music,pictures all that, and make it all factory settings how do i go about this???

  • I need help with imac g4 flat panel download of leopard it tells me it cannot load on the system.

    i bought a refurbished imac g4 flat panel. it is supposed to have an os but it only comes up with a question mark. I put leopard in and it tells me it cannot load on this compuert. system is 800mhz and 60g hd and 768ram.   i have tried to do a fix th

  • App Store Quits Unexpectedly...

    I'm running OS X 10.6.8 (I know..its really old) and couldn't get App Store to launch even after installing Mac OS X 10.6.8 Update Combo. I've been trying to upgrade but this has been an issue for a long while. Application Specific Information: abort

  • When copying to NAS, "..an unexpected error occurred (error code -51)"

    I'm using Mac OSX 10.6.8 on a macbook pro, copying files to a media NAS server via wifi (n), which I've done countless times before, for about 2 years. In this last week or so, whenever I copy a file, be it 15 MB or 1.5 GB to the NAS, I've consistent