OIM OID use cases

Similar Messages

• OIM use case- Email notifcation post Exchange provisioning

  Hi,
  Consider the following use-case:
  After AD and Exchange accounts are provisioned for a user, email notification need to be sent to the user's manager containing some attributes. One of the attributes is user's email address which will not be given by the user. It would be concluded when Exchange Account is provisioned. Now this email adress is to be retrieved. It could be done by giving a JNDI call to lDAP in the java code.... how this is to be initiated...please give some pointers in this direction..

  Like Rajiv is saying OIM normally sets the email address during provisioning so you can use the value from the process form.
  There are some circumstances and configurations when Exchange will overwrite the email address with a "better" email address. In that case you can use s slight modification of this code http://iamreflections.blogspot.com/2010/08/manage-ad-with-jndi-demo-tool.html
  The attribute you need to get is called mail (there are a dew other alternatives but mail is always present)
  Best regards
  /Martin

• OIM, OID and ADF - Confused!!!

  Hi All,
  I am starting to read about all this Identity Management stuff and I need some orientation about what to do and where to start since I have been loosing some time trying to understand the whole picture. I know Oracle Internet Directory is part of OIM but I am confused.
  We are building a Webcenter Portal application and its security is intended to be managed through an OID (Oracle Internet Directory) which is already settled up and running. Now, the real problem is how to manage users/groups (entries in general) using our Webcenter Portal Application.
  We are thinking at first some basics operation like if you are the admin you can create some user, assign roles and groups etc. All this without going to the OID Console. All this within our portal.
  I know there are more than one approach I could take. Right now I am thinking to create our customs java classes in order to connect to the LDAP using the provided API. So
  - Should I use a simple JNDI interfaces to do this?
  - In JDeveloper if I write "OIDUser" in a java class I get a suggestion about the package "oracle.security.idm"... So shall I use this instead simple JNDI? If this is the case, is there any tutorial I can follow in order to achieve this?
  - I was taking as example this http://code.google.com/p/ldapchai/ which is an API for LDAP using java jndi. However, this is not an oracle product and more than sure this kind of stuff have been already made by oracle. But exactly something like that I need. I am thinking to implement some interfaces with the following methods
  create user
  update user
  create group
  update group
  assignUserToGroup
  etc.
  Hope you guys can help me out here.
  Regards
  P.S I give points to the useful questions and correct ones as well.
  I just came out with this library ldapjclnt11.jar which is in OID_HOME. Shall I go for this since I am not using OIM. Just OID?
  Regards
  Edited by: Alejandro T. Lanz on Feb 13, 2013 8:15 AM

  Hey Alejandro,
  Management X Manager both are OIM concepts:
  Let's start from the very beginning: OIM is one product that you can control 'user and group resources' as Active Directory users , Database users and OID users and groups. So, OID is not part of OIM(Oracle Identity Manager_). Maybe you are talking about the first concept that comes with Oracle application server , OID, DAS and SSO. All these products were called OIM(Oracle Identity Management_).
  OIM is one WebApp deployed into AppServer with some client pieces(eg: Design Console, Remote Manager) , if needed.
  OID is one LDAP.
  Basically the standard control that you can do here is:
  Have these tasks:
  1)create user,update user,create group,update group,assignUserToGroup controled by OIM.
  2) THen OIM has an 'integration' with OID, using LDAPSYNC or having OID Connector: http://thiagoleoncio.blogspot.com/2013/01/oid-sync-vs-oim-connector-into-oim-11g.html
  3) WebCenter Portal is 'connected with LDAP(OID)'.
  Regarding this:
  We are thinking at first some basics operation like if you are the admin you can create some user, assign roles and groups etc. All this without going to the OID Console. All this within our portal.
  I know there are more than one approach I could take. Right now I am thinking to create our customs java classes in order to connect to the LDAP using the provided API.
  You can:
  1) Do a class that have all ldapqueries to do whatever you want.
  2) Do this integration above, then it will be much more easy to do this tasks and no develop part needed from user creation point of view.
  I hope this helps you a bit,
  Thiago Leoncio.

• Problem OIM OID Ldap Sync Configuration in 11g.

  Hi Team,
  I am doing OIM and OID LDAP Sync configuration There It is failed in "Configuration Process" Step.
  and also in weblogic OIM Maganaged server in ADMIN mode not in running mode.
  please find the both logs.
  *********************************Weblogic Logs**********************************************
  Enter username to boot WebLogic server:weblogic
  Enter password to boot WebLogic server:
  <28-Sep-2012 14:07:44 o'clock BST> <Info> <Management> <BEA-141107> <Version: We
  bLogic Server 10.3.5.0 Fri Apr 1 20:20:06 PDT 2011 1398638 >
  <28-Sep-2012 14:07:47 o'clock BST> <Notice> <WebLogicServer> <BEA-000365> <Serve
  r state changed to STARTING>
  <28-Sep-2012 14:07:47 o'clock BST> <Info> <WorkManager> <BEA-002900> <Initializi
  ng self-tuning thread pool>
  <28-Sep-2012 14:07:48 o'clock BST> <Notice> <Log Management> <BEA-170019> <The s
  erver log file E:\Oracle\Middleware\user_projects\domains\IAM_domain\servers\oim
  server1\logs\oimserver1.log is opened. All server side log events will be writ
  ten to this file.>
  28-Sep-2012 14:07:56 oracle.security.am.common.nap.util.NAPLogger log
  SEVERE: Failed to communicate with any of configured Access Server, ensure that
  it is up and running.
  <28-Sep-2012 14:07:57 o'clock BST> <Notice> <Security> <BEA-090082> <Security in
  itializing using security realm myrealm.>
  <28-Sep-2012 14:08:04 o'clock BST> <Notice> <WebLogicServer> <BEA-000365> <Serve
  r state changed to STANDBY>
  <28-Sep-2012 14:08:04 o'clock BST> <Notice> <WebLogicServer> <BEA-000365> <Serve
  r state changed to STARTING>
  <28-Sep-2012 14:08:20 o'clock BST> <Warning> <oracle.jps.upgrade> <JPS-06003> <C
  annot migrate credential folder/key ADF/anonymous#oimBpelCredKey.Reason oracle.s
  ecurity.jps.service.credstore.CredentialAlreadyExistsException: JPS-01007: The c
  redential with map ADF and key anonymous#oimBpelCredKey already exists..>
  <28-Sep-2012 14:08:21 o'clock BST> <Warning> <oracle.adf.share.ADFContext> <BEA-
  000000> <Automatically initializing a DefaultContext for getCurrent.
  Caller should ensure that a DefaultContext is proper for this use.
  Memory leaks and/or unexpected behaviour may occur if the automatic initializati
  on is performed improperly.
  This message may be avoided by performing initADFContext before using getCurrent
  To see the stack trace for thread that is initializing this, set the logging lev
  el of oracle.adf.share.ADFContext to FINEST>
  <28-Sep-2012 14:08:24 o'clock BST> <Error> <Deployer> <BEA-149205> <Failed to in
  itialize the application 'oim [Version=11.1.1.3.0]' due to error oracle.iam.plat
  form.utils.OIMAppInitializationException:
  OIM application intialization failed because of the following reasons:
  oim-config.xml was not found in MDS Repository.
  Unable to find keystore ".xldatabasekey" in <DOMAIN_HOME>/config/fmwconfig/.
  Password for OIMSchemaPassword is not seeded in CSF.
  Password for xell is not seeded in CSF.
  Password for DataBaseKey is not seeded in CSF.
  Password for JMSKey is not seeded in CSF.
  Password for .xldatabasekey is not seeded in CSF.
  Password for default-keystore.jks is not seeded in CSF.
  Password for SOAAdminPassword is not seeded in CSF.
  oracle.iam.platform.utils.OIMAppInitializationException:
  OIM application intialization failed because of the following reasons:
  oim-config.xml was not found in MDS Repository.
  Unable to find keystore ".xldatabasekey" in <DOMAIN_HOME>/config/fmwconfig/.
  Password for OIMSchemaPassword is not seeded in CSF.
  Password for xell is not seeded in CSF.
  Password for DataBaseKey is not seeded in CSF.
  Password for JMSKey is not seeded in CSF.
  Password for .xldatabasekey is not seeded in CSF.
  Password for default-keystore.jks is not seeded in CSF.
  Password for SOAAdminPassword is not seeded in CSF.
  at oracle.iam.platform.utils.OIMAppInitializationListener.preStart(OIMAp
  pInitializationListener.java:145)
  at weblogic.application.internal.flow.BaseLifecycleFlow$PreStartAction.r
  un(BaseLifecycleFlow.java:282)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
  dSubject.java:321)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
  120)
  at weblogic.application.internal.flow.BaseLifecycleFlow$LifecycleListene
  rAction.invoke(BaseLifecycleFlow.java:199)
  Truncated. see log file for complete stacktrace
  Caused By: oracle.iam.platform.utils.OIMAppInitializationException:
  OIM application intialization failed because of the following reasons:
  oim-config.xml was not found in MDS Repository.
  Unable to find keystore ".xldatabasekey" in <DOMAIN_HOME>/config/fmwconfig/.
  Password for OIMSchemaPassword is not seeded in CSF.
  Password for xell is not seeded in CSF.
  Password for DataBaseKey is not seeded in CSF.
  Password for JMSKey is not seeded in CSF.
  Password for .xldatabasekey is not seeded in CSF.
  Password for default-keystore.jks is not seeded in CSF.
  Password for SOAAdminPassword is not seeded in CSF.
  at oracle.iam.platform.utils.OIMAppInitializationListener.preStart(OIMAp
  pInitializationListener.java:145)
  at weblogic.application.internal.flow.BaseLifecycleFlow$PreStartAction.r
  un(BaseLifecycleFlow.java:282)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
  dSubject.java:321)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
  120)
  at weblogic.application.internal.flow.BaseLifecycleFlow$LifecycleListene
  rAction.invoke(BaseLifecycleFlow.java:199)
  Truncated. see log file for complete stacktrace
  >
  <28-Sep-2012 14:08:24 o'clock BST> <Warning> <Munger> <BEA-2156203> <A version a
  ttribute was not found in element application in the deployment descriptor in E:
  \Oracle\Middleware\Oracle_IDM1\server\apps\spml-xsd.ear/META-INF/application.xml
  . A version attribute is required, but this version of the Weblogic Server will
  assume that the JEE5 is used. Future versions of the Weblogic Server will reject
  descriptors that do not specify the JEE version.>
  <28-Sep-2012 14:08:24 o'clock BST> <Warning> <Munger> <BEA-2156203> <A version a
  ttribute was not found in element application in the deployment descriptor in E:
  \Oracle\Middleware\user_projects\domains\IAM_domain\servers\oim_server1\tmp\_WL_
  user\spml-xsd\s8d2b9/META-INF/application.xml. A version attribute is required,
  but this version of the Weblogic Server will assume that the JEE5 is used. Futur
  e versions of the Weblogic Server will reject descriptors that do not specify th
  e JEE version.>
  <28-Sep-2012 14:08:24 o'clock BST> <Emergency> <Deployer> <BEA-149259> <Server '
  oim_server1' in cluster 'OIM_Cluster' is being brought up in administration stat
  e due to failed deployments.>
  Loading xalan.jar for XPathAPI.
  14:08:30 INFO [[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default
  (self-tuning)'] -
  ----------------- NEXAWEB SERVER LICENSE ------------------
  - Customer ID : 122
  - License type : Enterprise
  - Max unique IPs : unlimited
  - Max XUL sessions : unlimited
  - Max CPUs/server : unlimited
  - Clustering allowed : true
  - Expiration date : none
  Nexaweb Technologies Inc.(C)2000-2004. All Rights Reserved.
  Nexaweb Technologies Inc.
  10 Canal Park
  Cambridge, MA 02141
  Tel: 617.577.8100. Email: [email protected]
  14:08:31 INFO [[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default
  (self-tuning)'] - Clustering is OFF.
  14:08:31 INFO [[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default
  (self-tuning)'] - Servlet Engine: WebLogic Server 10.3.5.0 Fri Apr 1 20:20:06 PD
  T 2011 1398638 Oracle WebLogic Server Module Dependencies 10.3 Thu Mar 3 14:37:5
  2 PST 2011 Oracle WebLogic Server on JRockit Virtual Edition Module Dependencies
  10.3 Thu Feb 3 16:30:47 EST 2011
  14:08:31 INFO [[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default
  (self-tuning)'] - Servlet API Version: 2.5
  14:08:31 INFO [[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default
  (self-tuning)'] - Nexaweb Server Info = Nexaweb Server 3.3.1072
  14:08:31 INFO [[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default
  (self-tuning)'] - Nexaweb Server initialized successfully.
  <28-Sep-2012 14:08:34 o'clock BST> <Notice> <Log Management> <BEA-170027> <The S
  erver has established connection with the Domain level Diagnostic Service succes
  sfully.>
  <28-Sep-2012 14:08:34 o'clock BST> <Notice> <Cluster> <BEA-000197> <Listening fo
  r announcements from cluster using unicast cluster messaging>
  <28-Sep-2012 14:08:34 o'clock BST> <Notice> <Cluster> <BEA-000133> <Waiting to s
  ynchronize with other running members of OIM_Cluster.>
  <28-Sep-2012 14:09:04 o'clock BST> <Notice> <Server> <BEA-002613> <Channel "Defa
  ult[2]" is now listening on 127.0.0.1:14000 for protocols iiop, t3, CLUSTER-BROA
  DCAST, ldap, snmp, http.>
  <28-Sep-2012 14:09:04 o'clock BST> <Notice> <Server> <BEA-002613> <Channel "Defa
  ult[3]" is now listening on 0:0:0:0:0:0:0:1:14000 for protocols iiop, t3, CLUSTE
  R-BROADCAST, ldap, snmp, http.>
  <28-Sep-2012 14:09:04 o'clock BST> <Notice> <Server> <BEA-002613> <Channel "Defa
  ult[1]" is now listening on fe80:0:0:0:0:5efe:a2f:f22a:14000 for protocols iiop,
  t3, CLUSTER-BROADCAST, ldap, snmp, http.>
  <28-Sep-2012 14:09:04 o'clock BST> <Warning> <Server> <BEA-002611> <Hostname "UK
  SHWTOAP03A.skandia.co.uk", maps to multiple IP addresses: 10.47.242.42, 0:0:0:0:
  0:0:0:1>
  <28-Sep-2012 14:09:04 o'clock BST> <Notice> <Server> <BEA-002613> <Channel "Defa
  ult" is now listening on 10.47.242.42:14000 for protocols iiop, t3, CLUSTER-BROA
  DCAST, ldap, snmp, http.>
  <28-Sep-2012 14:09:04 o'clock BST> <Notice> <WebLogicServer> <BEA-000330> <Start
  ed WebLogic Managed Server "oim_server1" for domain "IAM_domain" running in Prod
  uction Mode>
  <28-Sep-2012 14:09:04 o'clock BST> <Notice> <WebLogicServer> <BEA-000365> <Serve
  r state changed to ADMIN>
  <28-Sep-2012 14:09:04 o'clock BST> <Notice> <WebLogicServer> <BEA-000360> <Serve
  r started in ADMIN mode>
  **********************************OIM OID Ldap Sync Configuration Logs****************************
  [2012-09-28T14:49:11.171+01:00] [as] [NOTIFICATION] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [[
  [OIM_CONFIG] Updating Ldap Sync Configuration
  [2012-09-28T14:49:11.171+01:00] [as] [TRACE:16] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: LdapSync] [SRC_METHOD: configurationLdap] ENTRY
  [2012-09-28T14:49:11.171+01:00] [as] [TRACE] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: oracle.as.install.oim.config.util.LdapSync] [SRC_METHOD: configurationLdap] Create the Database connection
  [2012-09-28T14:49:11.171+01:00] [as] [TRACE:16] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: LdapSync] [SRC_METHOD: createDBConnection] ENTRY
  [2012-09-28T14:49:11.296+01:00] [as] [TRACE] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: oracle.as.install.oim.config.util.LdapSync] [SRC_METHOD: configurationLdap] isLIBOVD:true
  [2012-09-28T14:49:11.312+01:00] [as] [TRACE:16] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: LdapSync] [SRC_METHOD: closeDBConnection] ENTRY
  [2012-09-28T14:49:11.312+01:00] [as] [TRACE:16] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: LdapSync] [SRC_METHOD: closeDBConnection] RETURN
  [2012-09-28T14:49:11.312+01:00] [as] [TRACE:16] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: LdapSync] [SRC_METHOD: configurationLdap] RETURN
  [2012-09-28T14:49:11.312+01:00] [as] [NOTIFICATION] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [[
  Updated LDAP Server Details in mds schema
  [2012-09-28T14:49:11.312+01:00] [as] [TRACE:16] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: LdapSync] [SRC_METHOD: configurationLdap] RETURN
  [2012-09-28T14:49:11.812+01:00] [as] [NOTIFICATION] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [OIM_CONFIG] Updated LDAPContainerRules.xml.
  [2012-09-28T14:49:11.812+01:00] [as] [TRACE:16] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [SRC_CLASS: mdsMetadata] [SRC_METHOD: loadEventhandler] RETURN
  [2012-09-28T14:49:14.687+01:00] [as] [NOTIFICATION] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [[
  [OIM_CONFIG] Created jobs using seedSchedulerData. Log location C:\Program Files\Oracle\Inventory\logs
  [2012-09-28T14:49:14.687+01:00] [as] [ERROR] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] File not found[[
  java.io.FileNotFoundException: File not found
       at java.util.zip.ZipFile.open(Native Method)
       at java.util.zip.ZipFile.<init>(ZipFile.java:117)
       at java.util.jar.JarFile.<init>(JarFile.java:135)
       at java.util.jar.JarFile.<init>(JarFile.java:72)
       at oracle.as.install.oim.config.util.RoleSODJarUtil.updateFile(RoleSODJarUtil.java:32)
       at oracle.as.install.oim.config.OIMConfigManager.configureOIM(OIMConfigManager.java:783)
       at oracle.as.install.oim.config.OIMConfigManager.doExecute(OIMConfigManager.java:538)
       at oracle.as.install.engine.modules.configuration.client.ConfigAction.execute(ConfigAction.java:335)
       at oracle.as.install.engine.modules.configuration.action.TaskPerformer.run(TaskPerformer.java:87)
       at oracle.as.install.engine.modules.configuration.action.TaskPerformer.startConfigAction(TaskPerformer.java:104)
       at oracle.as.install.engine.modules.configuration.action.ActionRequest.perform(ActionRequest.java:15)
       at oracle.as.install.engine.modules.configuration.action.RequestQueue.perform(RequestQueue.java:63)
       at oracle.as.install.engine.modules.configuration.standard.StandardConfigActionManager.start(StandardConfigActionManager.java:158)
       at oracle.as.install.engine.modules.configuration.boot.ConfigurationExtension.kickstart(ConfigurationExtension.java:81)
       at oracle.as.install.engine.modules.configuration.ConfigurationModule.run(ConfigurationModule.java:83)
       at java.lang.Thread.run(Thread.java:662)
  [2012-09-28T14:49:14.687+01:00] [as] [NOTIFICATION] [] [oracle.as.provisioning] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] [[
  [OIM_CONFIG] Failed configuration step Configure OIM Server
  [2012-09-28T14:49:14.702+01:00] [as] [ERROR] [] [oracle.as.install.engine.modules.configuration.standard.StandardConfigActionManager] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] One or More configurations failed. Exiting
  [2012-09-28T14:49:14.702+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine.modules.statistics] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] Install Adapter: Mark End for:CONFIG
  [2012-09-28T14:49:14.702+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine.modules.statistics] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] Install Adapter: Mark End for:INTERVIEW
  [2012-09-28T14:49:14.702+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine.modules.statistics] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] Install Adapter: Mark End for:INSTALL
  [2012-09-28T14:49:14.702+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine.modules.statistics] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] Install Adapter: Mark End for:COPY
  [2012-09-28T14:49:14.702+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine.modules.statistics] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] Install Adapter: Mark End for:LINK
  [2012-09-28T14:49:14.765+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine] [tid: 12] [ecid: 0000JcD8obD9pYjpp0_AiY1GPQHh000003,0] Setting valueOf(IS CONFIGURATION SUCCESSFUL) to:false. Value obtained from:USER
  [2012-09-28T15:11:21.461+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine] [tid: 11] [ecid: 0000JcD2jfD9pYjpp0_AiY1GPQHh000002,0] Setting valueOf(IS CONFIGURATION SUCCESSFUL) to:false. Value obtained from:USER
  [2012-09-28T15:11:27.914+01:00] [as] [NOTIFICATION] [] [oracle.as.install.engine] [tid: 11] [ecid: 0000JcD2jfD9pYjpp0_AiY1GPQHh000002,0] Setting valueOf(IS CONFIGURATION SUCCESSFUL) to:false. Value obtained from:USER
  Regards,
  Ravi.

  Your log files too give some hint... Please verify whether following files like .xldatabasekey are present in your environment:-
  OIM application intialization failed because of the following reasons:
  oim-config.xml was not found in MDS Repository.
  Unable to find keystore ".xldatabasekey" in <DOMAIN_HOME>/config/fmwconfig/.
  Password for OIMSchemaPassword is not seeded in CSF.
  Password for xell is not seeded in CSF.
  Password for DataBaseKey is not seeded in CSF.
  Password for JMSKey is not seeded in CSF.
  Password for .xldatabasekey is not seeded in CSF.
  Password for default-keystore.jks is not seeded in CSF.
  Password for SOAAdminPassword is not seeded in CSF.
  I doubt whether OIM is properly installed in your environment otherwise .xldatabasekey would have been present in <DOMAIN_HOME>/config/fmwconfig..
  Also, as far as Weblogic starting in ADMIN mode is concerned, you may try to do the following...
  ps -eaf| grep AdminServer
  Kill the process
  Then remove the lok file. i.e. Lock files...
  rm -rf /home/oracle/Oracle/Middleware/user_projects/domains/oimdomain/servers/oim_server1/tmp/*oim_server1.lok*
  rm -rf /home/oracle/Oracle/Middleware/user_projects/domains/oimdomain/servers/soa_server1/tmp/*soa_server1.lok*
  rm -rf /home/oracle/Oracle/Middleware/user_projects/domains/oimdomain/servers/AdminServer/tmp/*AdminServer.lok*
  After that
  Take the backup of /home/oracle/Oracle/Middleware/user_projects/domains/<DOMAIN_HOME>/servers/AdminServer/data/ldap/ldapfiles (I mean CUT this folder and save it in Backup folder..
  Share the result with us....

• OIM-OID provisionning issue with external plug in with AD

  Hi OIM/OID Guru's,
  We are using OIM with OID connector and having external authentication plug-in feature of OID with AD. Here we are using OID for user profile storage and doing password validation by using external plugin through AD however we have been
  facing one issue which is mentioned below :-
  Whenever we are creating any user in through OIM and found that user is provisioned to the OID target source but populating wrong value of attribute orclSourceObjectDN in OID process form:-
  orclSourceObjectDN = cn=OIDTEST3,CN=Users,DC=oracle-test,DC=oracle,DC=com
  correct value should be orclSourceObjectDN =cn=OIDTEST3,CN=Users,DC=oracle,DC=com
  we don't have any container in OID with DC=oracle-test however not sure how the process form is picking up this value?
  However could you please put more light why it is appending wrong DN in OIM process form? Where should i check for this from OIM side?

  Hi Dear,
  thanks for your reply and we are using OIM 9.x version. Checked Root DN value as you suggested (see below snap shot for oid resource definition):-
  Admin Id     cn=username
  Admin Password     *******
  Group Reconciliation Time Stamp     
  Last Target Delete Recon TimeStamp     
  Last Target Recon TimeStamp     
  Last Trusted Delete Recon TimeStamp     
  Last Trusted Recon TimeStamp     
  Port     6060
  Prov Attribute Lookup Code     AttrName.Prov.Map.OID
  Prov Group Attribute Lookup Code     AttrName.Group.Prov.Map.OID
  Prov Role Attribute Lookup Code     AttrName.Role.Prov.Map.OID
  Role Reconciliation Time Stamp     
  Root DN     DC=oracle,DC=com
  SSL     false
  Server Address     My server name
  Use XL Org Structure     false

• Self registration error in OIM-OID-OAM 11g

  Hi,
  We are using OIM,OID,OAM 11G,in clustering mode.We are facing a problem on self registration process.
  For every alternate self registration request,system is throwing an error.After the self register user request has got approveod,I have checked the request status in 'advanced' panel its saying ; " IAM-3051103:The create operation on user entity failed in action stage.:"
  This is really a big mysterious thing to me,1st self registration was successful,2nd was throwing an error , again 3rd was success ,4th was failure , 5th was success and 6th was failure.
  Below is the corresponding error message in log file for the failed request.
  <Mar 21, 2011 2:22:30 PM CDT> <Error> <oracle.iam.identity.usermgmt.impl.handlers.create> <IAM-3051103> <The create operation on user entity failed in action stage.
  oracle.iam.platform.entitymgr.MissingRequiredAttributeException: [act_key]
       at oracle.iam.platform.entitymgr.impl.EntityManagerImpl.checkRequired(EntityManagerImpl.java:1448)
       at oracle.iam.platform.entitymgr.impl.EntityManagerImpl.createEntity(EntityManagerImpl.java:261)
       at oracle.iam.platform.entitymgr.impl.EntityManagerImpl.createEntity(EntityManagerImpl.java:237)
       at oracle.iam.identity.usermgmt.impl.handlers.create.CreateUserActionHandler.execute(CreateUserActionHandler.java:141)
       at oracle.iam.identity.usermgmt.impl.handlers.create.CreateUserActionHandler.execute(CreateUserActionHandler.java:68)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at oracle.iam.platform.kernel.impl.EventHandlerDynamicProxy.invoke(EventHandlerDynamicProxy.java:30)
       at $Proxy235.execute(Unknown Source)
       at oracle.iam.platform.kernel.impl.OrchProcessData.runActionEvents(OrchProcessData.java:1028)
       at oracle.iam.platform.kernel.impl.OrchProcessData.runEvents(OrchProcessData.java:637)
       at oracle.iam.platform.kernel.impl.OrchProcessData.executeEvents(OrchProcessData.java:220)
       at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:669)
       at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:716)
       at oracle.iam.platform.kernel.impl.OrhestrationAsyncTask.execute(OrhestrationAsyncTask.java:108)
       at oracle.iam.platform.async.impl.TaskExecutor.executeUnmanagedTask(TaskExecutor.java:100)
       at oracle.iam.platform.async.impl.TaskExecutor.execute(TaskExecutor.java:70)
       at oracle.iam.platform.async.messaging.MessageReceiver.onMessage(MessageReceiver.java:68)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
       at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
       at $Proxy428.onMessage(Unknown Source)
       at weblogic.ejb.container.internal.MDListener.execute(MDListener.java:466)
       at weblogic.ejb.container.internal.MDListener.transactionalOnMessage(MDListener.java:371)
       at weblogic.ejb.container.internal.MDListener.onMessage(MDListener.java:327)
       at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:4659)
       at weblogic.jms.client.JMSSession.execute(JMSSession.java:4345)
       at weblogic.jms.client.JMSSession.executeMessage(JMSSession.java:3821)
       at weblogic.jms.client.JMSSession.access$000(JMSSession.java:115)
       at weblogic.jms.client.JMSSession$UseForRunnable.run(JMSSession.java:5170)
       at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  >
  <Mar 21, 2011 2:22:30 PM CDT> <Error> <oracle.iam.platform.entitymgr.provider.ldap> <IAM-0042004> <An error occurred while un-reserving the user in LDAP, and the corresponding error is - java.lang.NullPointerException>
  <Mar 21, 2011 2:22:30 PM CDT> <Warning> <oracle.iam.identity.usermgmt.impl.handlers.create> <BEA-000000> <null>
  Any help would be really appreciated.
  Thanks.

  Hi,
  I am assuming in clustered environment you are having two instances running.
  It must be an issue with a single server,,because the problem is intermittent.
  To see which server is causing problem....just perform the following steps:
  1) Stop server1 and keep running server2..and fire new registration request...
  2) stop server 2..and keep running server1.....and fire new registration request.
  Using above, atleast you can see which server is causing the problem...
  Regards,
  J
  Edited by: J_IDM on Mar 21, 2011 10:52 PM

• OIM OID sync (IT Resource - Directory Server)

  Hi Friends ,
  I am trying to get information about OIM OID sync (IT Resource - Directory Server) but i am not find any link.
  I want to find out what are limitation of this sync and how we can control sync attributes.
  Thanks in advance.

  If you talking about OIM 11g LDAP Identity Store (the thing that synchronises OIM and OID automagically) then have a look at:
  http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14316/dployconfig.htm#insertedID3
  There's also stuff about it in the OIM 11g Developers Guide, the OIM 11g System Administrators Guide (LDAP scheduled tasks). The installation guide and entreprise deployment guide may also be useful.
  These should all be accessible from
  http://download.oracle.com/docs/cd/E14571_01/im.htm
  Have fun!

• Base IDM product should consist of  OIM, OID, OVD, OAM and OIF ?

  Hi Experts,
  I want to understand what should be the very base IDM 11g Product should satisfy majority of client requirement. What is best Practices of Product combination one should have ?
  1) OIM, OID, OVD, OAM and OIF 11g
  2) OIM, OID, OVD, OAM 11g
  3)OIM, OID, OVD and OIA 11g
  Considering 11g & best pratices.
  I would like to understand what Pack is must for what kind of requirement ?
  There are so many product combination so confused what is best base Security Prodcut combination can be ?
  Help Appreciated.
  Thanks In Advance.
  Edited by: 937775 on 31/05/2012 06:01

  Thanks Gyanprakash for valuable Suggestion.
  I have one more question,
  Now to do the OIM,OID,OVD,OAM Security Stack Installaton,
  can I use two VM 1) all security product (OIM,OID,OVD,OAM) 2) DB VM (I heard we do have database VM)
  Could you mind sharing Info 1) what number of VM do I use for security Product Installation 2) Can I use DB VM or Database should be installed physically not on VM ?
  Thoughts ?

• OIM-OID 11g provisioning connector

  Hi all,
  we are performing OIM-OID (both 11.1.1.5) user provisioning, please can anybody let me know which version of connector we have to use and provide us the steps to perform the installation of the connector.
  We used 9.0.4.12 connector for OIM 9i. If we have to use different version of connector for 11g other than this please provide the link and version detail of the connector.
  Thank you.

  Hi,
  Where you able to achieve this?? i have similar requirment where, i have added 5 custom attributes in both OIM and OID, when i create the users these attributes doesnot get updated on OID....should i add these UDF in any objectclass which OIM understands??please suggest
  Thanks in advance

• OIF: Use Case 2: New Federated Account at Partner Site

  Hi,
  from the OIF docs (ok, old ones):
  "http://download.oracle.com/docs/cd/E10773_01/doc/oim.1014/b25355/intro.htm#CHDHGAEG
  I understand this use case can be implemented where a new account on the SP is created if the user is not yet registered there.
  My question: does the OIF support this or here it is meant that you have to write some webservice to retrive the data needed to create the account from the IdP?
  Thank you.

  as1mov, OIF is extensible to allow essentially a plug-in that would create the account so that OIF could link it on subsequent logins. I think there are samples for creating accounts via Java LDAP and with OIM libraries.

• Relationship between OAM,OIM,OID

  Hi Gurus,
  I am very very new to fusion middleware ,i would like to know the relationship between following in simple terms.
  Oracle Access Manager
  Oracle Identitiy Manager
  Oracle Internet directory
  Below are my understanding correct i'f im wrong
  OID is like LDAP where passwords and passwords and security policies will be saved.
  redirecting to similar question or post is also fine.
  Thanks in advance...

  OIM and OAM may use OID to write/retrieve user details from OID.
  Lets say a user joined an organization. Now as per onboarding process, you reconcile user from trusted source to OIM and sync that user to OID using LDAP sync. Now when you try to access an application which is protected by OAM, the authentication and authorization of that user happens against OID if it is configured as user identity store.

• Cannot Record Material Inspection Results as per wiki use case * SOLVED *

  === EDIT ===
  Playing around, I solved my issue.
  I did not realize that I needed to set both flags
  CloseIndicatorSpecified  = true;
  CloseIndicator = false;
  Adding that fixed it; I suspect I cannot set them to null even if the WSDL allows it.
  Michel.
  === ORIGINAL POST ===
  Hi,
  I have a project to integrate SAP and our LIMS using the SAP web services with the Material Inspection business object.
  In the Wiki, there are a few [use cases|https://www.sdn.sap.com/irj/sdn/wiki?path=/display/ESpackages/IntegrationofQualityManagementSystems] on the subject.
  Following that, I successfully retrieve all the required data using the following web services:
  [Find Material Inspection Basic Data by Elements|https://wiki.sdn.sap.com/wiki/display/ESpackages/FindMaterialInspectionBasicDatabyElements]
  [Find Material Inspection Subset Operation by Elements|https://wiki.sdn.sap.com/wiki/display/ESpackages/FindMaterialInspectionSubsetOperationbyElements]
  [Find Subset Operation Inspection Activity Basic Data by Elements|https://wiki.sdn.sap.com/wiki/display/ESpackages/FindSubsetOperationInspectionActivityBasicDatabyElements]
  [Read Subset Operation Inspection Activity|https://wiki.sdn.sap.com/wiki/display/ESpackages/ReadSubsetOperationInspectionActivity]
  From there, I want to record results. According to the Wiki , I should use
  [Record Subset Operation Inspection Activity Result|https://wiki.sdn.sap.com/wiki/display/ESpackages/RecordSubsetOperationInspectionActivity+Result]
  I tried directly through the [WS Navigator|http://sr.esworkplace.sap.com/webdynpro/dispatcher/sap.com/tcesiespwsnavui/WSNavigator] to test web services. Whenever go through that tho, I get the following error:
  Conversion Error: Invalid Input Format (701 SFB)
  Obviously, I get the exact same error using c# (at least I'm consistent!)
  Below is the code (some is truncated because it is too long but I think you can get the idea).
  The question: Can anyone help me understand why I am getting that error? Maybe there is one or more property I don't understand... It would be practical if the actual failing property was identified in the LogItem, but it is not.
  Some things I tried (to no avail):
  1. Tried all sort of combination for actionCode
  2. Removed actionCode and set actionCodeSpecified = false
  3. Removed the Measure property
  4. Removed the Text property
  5. Removed the ChangeStateID
  Thanks in advance!
  Michel
  ...RequestMessage_sync messageIn = new ...RequestMessage_sync();
  messageIn.MaterialInspection = new u2026RequestMessage_syncMaterialInspection();
  messageIn.MaterialInspection.ID = new MaterialInspectionID();
  messageIn.MaterialInspection.ID.Value = "3265";
  messageIn.MaterialInspection.ChangeStateID = "1";
  messageIn.MaterialInspection.Subset = new u2026RequestMessage_syncMaterialInspectionSubset();
  messageIn.MaterialInspection.Subset.ID = new InspectionSubsetID();
  messageIn.MaterialInspection.Subset.ID.Value = "0";
  messageIn.MaterialInspection.Subset.Operation = new u2026RequestMessage_syncMaterialInspectionSubsetOperation();
  messageIn.MaterialInspection.Subset.Operation.ID = "0300";
  u2026RequestMessage_syncMaterialInspectionSubsetOperationInspectionActivity activity = new u2026RequestMessage_syncMaterialInspectionSubsetOperationInspectionActivity();
  activity.ID = "0010";
  activity.CloseIndicatorSpecified = false;
  activity.Result = new u2026RequestMessage_syncMaterialInspectionSubsetOperationInspectionActivityResult[1];
  activity.Result[0] = new u2026RequestMessage_syncMaterialInspectionSubsetOperationInspectionActivityResult();
  activity.Result[0].ID = "0001";
  activity.Result[0].AcceptanceStatusCodeSpecified = false;
  activity.Result[0].DefectNumberValueSpecified = false;
  activity.Result[0].ExceptionIndicatorSpecified = false;
  activity.Result[0].InspectedNumberValueSpecified = false;
  activity.Result[0].Comment = string.Empty;
  activity.Result[0].NonConformingUnitNumberValue = 0;
  activity.Result[0].Measure = new Measure();
  activity.Result[0].Measure.Value = decimal.Parse("4.15";);
  activity.Result[0].Measure.unitCode = "AMP";
  activity.Result[0].Text = new Text();
  activity.Result[0].Text.Value = "Some Text Here";
  activity.Result[0].actionCode = ActionCode.Item01 |ActionCode.Item02 | ActionCode.Item03;
  activity.Result[0].actionCodeSpecified = true;
  activity.CloseIndicatorSpecified = false;
  messageIn.MaterialInspection.Subset.Operation.InspectionActivity = activity;
  messageIn.MessageHeader = new BasicBusinessDocumentMessageHeader();
  messageIn.MessageHeader.ID = new BusinessDocumentMessageID();
  messageIn.MessageHeader.ID.Value = "starlims_update";
  try
        u2026ConfirmationMessage_sync messageOut = ws.MaterialInspectionSubsetOperationInspectionActivityResultRecordingRequestConfirmation_In(messageIn);
        if (messageOut.Log.Item != null)
              string message = String.Empty;
              foreach (LogItem item in messageOut.Log.Item)
                    message += (item.Note + "\n");
              MessageBox.Show(message);
  catch (Exception ex)
        MessageBox.Show(ex.Message);
  Edited by: Michel Roberge on Jul 16, 2008 2:38 PM

  See post for solution.

• Use case export to text document

  In Jdeveloper you can export generated UML use case with scenarios, to HTML format, however is it possible to generate to say .txt or .doc type files?
  I am looking at a very good commercial product called Visual Use Case and wondered if JDeveloper's generated documentation has/can have similar features.
  Thank you

  Hi,
  there is SDE plugin for JDeveloper ( http://www.visual-paradigm.com/product/sde/jd/ ) but it only works with older - 10.1.2 version of JDev.
  Kuba

• Use case for showing records in report view BAM based on version number

  Hi,
  I have a use case to update records based on version no. Let say I have a table or data object in BAM called 'Notes'. The Notes dataobject has three fields Id, Version, Description. The Notes data is displayed in a BAM report. I need to just display the latest version of the Notes. Say two records with one with Id as '124' and Version '4' and another with Id as '124' and version as '5'. The record related to version 5 should be dispalyed to user. How will I introduce this check in BAM reports for the latest version?
  Thanks
  Edited by: user5108636 on 28/06/2010 16:47

  That you see you're prints only means that your method outta called. The code creates a new row, but never inserts the row into the rowset. Then you call execute query which loses any connection to the new route which is not part of the rowset.
  First action would never to call insertRow(r1) on the view object.
  If you change data this way, only the model layer knows about it, the ui can't know about this (one of the disadvantages of using plsql or this construct you try). You have to tell the view controller to update it's data to. For this you can execute the iterator in the binding layer and/or ppr the container showing your data.
  Then I don't see any complicated plsql called do I question if a programmatic co is necessary.
  Timo

• How to use, Case function and Filter in Column Formula?

  Hello All,
  I am using case function and also would like to filter value to populate.
  Below is showing error :
  case
  when '@{Time}' = 'Year' then "Time"."Fiscal Year"
  when '@{Time}' = 'Quarter' then "Time"."Fiscal Quarter"
  when '@{Time}' = 'Month' then FILTER ("Time"."Fiscal Period" USING "Time"."Fiscal Period" NOT LIKE 'A%')
  else ifnull('@{Time}','Selection Failed') end
  Thanks, AK

  when '@{Time}' = 'Month' then FILTER ("Time"."Fiscal Period" USING "Time"."Fiscal Period" NOT LIKE 'A%')I dont think Filter this works here or any other data types except number.
  Try to use option Column's->Filter->Advanced->Convert this filter to SQL
  If helps mark