OIM User Group

hi,
I have created a user group say "Employee grp" where the user belongs to this group cannot edit the user details (UDF fields), process form, child forms. Now there is a new requirement where the helpdesk user can change/reset only the password for other user accounts. Check the below points,
1. User can view his user details, process form etc. can edit any field.
2. User can view other user details, process form etc. but cannot edit any field except the change password..
In short, this new group has to enable only the "change password" button if the user access other user details and nothing else. Is it achievable???
thanks in advance
Edited by: achiles on Oct 12, 2010 10:51 AM
Edited by: achiles on Oct 12, 2010 10:58 AM

It is possible. My approach is..
You can create a UDF say Change Password with datatype boolean and field type checkbox in Users Group form.
Now when you create HelpDesk Group in Admin console, you can select the check box and specify whether users in this group are allowed to change password or not.
Create an adapter and check whether the user is member of helpdesk group and then check whether he has permissions to change password only, if he is not allowed to change other info then you can show up an error message to the user.

Similar Messages

  • OIM User Groups - Export and Import

    Hi,
    I am looking for ideas for OIM User's groups to be exported from one environment to another environment.
    I am using the following logic, but it is too slow. Any suggestions are welcome.
    1. Export the User's groups from Source Environment - Add it to the CSV file with the following format:
    User,Group_Name
    2. Import the User's group by reading the CSV file - one user and one group at a time.
    I think this approach is slow. Is it possible to read all the users from Groups - then add users into groups?
    Will it be faster?
    Regards
    Vijay Chinnasamy

    Hi Suren,
    Thanks for the note. I tested this (Evaluating rules using updateUser()).... It looks like it is working in my case.
    Actually, I am already using updateUser() to update the password using below code piece. It looks like it added groups at that time.
    String[] filteredColumnsSet ={"Users.Key","Users.Row Version"};
    Hashtable mhSearchCriteria = new Hashtable();
    mhSearchCriteria.put("Users.User ID", Users_User_ID);
    tcResultSet moResultSet = uo.findUsersFiltered(mhSearchCriteria, filteredColumnsSet);
    HashMap userAttributeSet = new HashMap();
    userAttributeSet.put("Users.Password", Users_Password);
    uo.updateUser(moResultSet, userAttributeSet);
    I will few more checks and let you know.
    Thanks for the note once again.
    Regards
    Vijay Chinnasamy

  • OIM 9.1.0.2 - User group permission conflict issue

    Hi Gurus,
    IHAC who have faced a strange behavior about permission conflict.
    User has been assigned to a user group (ANALISTA DRSI) who have permission to disable resource of the users he administrates. The user group has been assigned to resource's administrator.
    The same use has been assigned to other user group (ANALISTA ADM DRSI) who have other permission. The user group has been not assigned to resource's administrator.
    If the user has been only assigned to ANALISTA DRSI user group the user is able to see records on Rogue Account report. If the customer has been assigned to both ANALISTA DRSI and ANALISTA ADM the user is not able to see the record on Rogue Account report. He got a display error message (You do not have permission). Both user groups have the Report menu item assigned.
    My question: if the customer is assigned to a user group who have permission to see the reports, should not the user is able to see the report even though he is also into the other group who do not have permission?
    Is there conflit in the OIM???
    Any tip will be very appreciated.

    Orgnaization > Manage > Select Org in which users are getting created > Administrative Group (Drop Down) > Select Group for which users are not coming.

  • OIM 10g Event Handler : Integrated with User Groups.User Members

    I have created custom event handler and integrated it with User Groups.User Members data object.
    here is my code od event handler class:
    public class GroupEventHandler extends tcBaseEvent {
         public GroupEventHandler() {
              this.setEventName("Event Handler Sample");
         protected void implementation() throws Exception {
              System.out.println("============@@@@@@@@ IN EVENT HANDLER ");
              try
              String groupKey = this.getDataObject().getString("Groups.Key");
              writeToFile(groupKey);
              catch (Exception e)
                   e.printStackTrace();
    But I am getting this exception :
    ERROR [ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)' XELLERATE.SERVER - Class/Method: tcTableDataObj/getString encounter some problems: Column 'GROUPS.KEY' not found
    com.thortech.xl.dataaccess.tcDataSetException: Column 'GROUPS.KEY' not found
         at com.thortech.xl.dataaccess.tcDataSet.getColumnIndex(Unknown Source)
         at com.thortech.xl.dataaccess.tcDataSet.getString(Unknown Source)
         at com.thortech.xl.dataobj.tcTableDataObj.getString(Unknown Source)
         at oim.GroupEventHandler.implementation(GroupEventHandler.java:19)
         at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
         at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
         at com.thortech.xl.dataobj.tcDataObj.eventPostInsert(Unknown Source)
         at com.thortech.xl.dataobj.tcUSG.eventPostInsert(Unknown Source)
         at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
         at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
         at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
         at com.thortech.xl.ejb.beansimpl.tcGroupOperationsBean.addMemberUsers(Unknown Source)
         at com.thortech.xl.ejb.beans.tcGroupOperationsSession.addMemberUsers(Unknown Source)
         at com.thortech.xl.ejb.beans.tcGroupOperations_ejm77u_EOImpl.addMemberUsers(tcGroupOperations_ejm77u_EOImpl.java:1671)
         at Thor.API.Operations.tcGroupOperationsClient.addMemberUsers(Unknown Source)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
         at weblogic.security.Security.runAs(Security.java:41)
         at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(Unknown Source)
         at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
         at $Proxy66.addMemberUsers(Unknown Source)
         at com.thortech.xl.webclient.actions.UserGroupMembersAction.assignMemberUsers(Unknown Source)
         at com.thortech.xl.webclient.actions.UserGroupMembersAction.assignGroupMembers(Unknown Source)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:280)
         at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(Unknown Source)
         at com.thortech.xl.webclient.actions.tcActionBase.execute(Unknown Source)
         at com.thortech.xl.webclient.actions.tcAction.execute(Unknown Source)
         at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
         at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
         at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
         at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
         at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at com.thortech.xl.webclient.security.SecurityFilter.doFilter(Unknown Source)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3592)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
         at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2202)
         at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2108)
         at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1432)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)

    Anyone have idea about why "Groups.Key" not found exception thrown here..
    I have assigned this event handler at postinsert event of User Groups.User Members Data Object.

  • Reconcile user groups to OIM (11g)

    I would appreciate it if someone may let me know how to reconcile the organization and leadership structure information from an Oracle DB based identity vault into OIM (11g) to create organizational roles, for example, into the user group and user group membership tables, i.e. the UGP and USG table series. Many thanks.

    yesy, I have defines correct search value but its again and again throwing error. I change the search values too. But its not working.

  • [OIM] Cannot use special character in User Group Name

    Dear IdM expert,
    I have problem creating user group in OIM if user group name contain special character like '&', '<' or '+'.
    I read Note 430081.1 : Can a Field Label in an Object Form Contain Special Characters? and change <AppFirewall><SecurityLevel> in xlconfig.xml to 0, (by default SecurityLevel is set to 1). But still no luck.
    Could anyone find way to do this? Thank you.
    Best Regards,
    Satit

    I don't think the app fire wall applies to recon events so that is probably how they got in.
    You may have to update the database tables directly to solve this. Should not be a big issue as you aren't messing with any table primary keys.
    Best regards
    /Martin

  • OIM 9.1.0.2 - User group permission

    Hi experts,
    IHAC that need to configure some user groups in order to perform just specifics activities. We have configured the user groups but with no sucess.
    1) Group that should see/track all the opened requests.
    Given all request permission. (The requests don´t appear)
    2) Group that should disable Resource from user thru User Detail -> Resource Profile.
    Given all resource objects permission. (Error message: No permission)
    3) Group that create/manage Attestation.
    Given all attestation permission. (The attestation is created, but it doesn´t appear to delegated user)
    Any tip on how to set the correct permission?
    Brgs,

    Hi,
    I was looking for the same questions! One of them I could make it to work...
    About quetion #3, some steps:
    1. Create a group with name, lets say: AttestationManagers
    2. Give the following permissions:
    Attestation Requests
    Attestation Process Tasks
    Attestation Data
    Attestation Process Definitions
    Attestation Process Administrator
    3. Make the users responsable of attestation process part of group: AttestationManagers
    4. Create an attestation process and in the last field: Process Owner, put AttestationManagers
    5. Click: "Run Now"
    6. This attestation should appear to the user responsable of it.
    You can find an explanation about the attestation process in the following link: http://download.oracle.com/docs/cd/E14049_01/doc.9101/e14057/attestation.htm#insertedID1 and about the Process Owner, the point 15.1.1 in the above link.
    I hope it helps!
    Regards.

  • [OIM 9.1.0.2] Access Policy being evaluated to an OIM user disabled.

    Hi Gurus,
    I have an Access Policy being evaluated and provisioning resource (AD) to an OIM user disabled.
    Any tip on what I should take a look?
    Thanks in advance.

    Hi all,
    I have configured out the XL.EvaluateMembershipForInactiveUser System Property as TRUE, but the membership rule does not get evaluated for disabled users. So the user still remain into the group. I have restarted the OIM.
    I need to active the Evaluate User Policies schedule task for this configuration be effective. Or should I do something more?
    Thanks a lot.

  • Problems while provisioning OIM user to AD

    Hello,
    My OIM version is 9.1.0.1 & AD version is 9.1.1.4
    I want to provision OIM user to AD,so before provisioning i ran AD Group Lookup Recon &
    AD Organization Lookup Recon .
    When i tried to provision AD User to OIM user ,status=provisioning where System Validation was
    completed & create user was rejected & there was no response description.
    Following is the error which i got on console : java.lang.reflect.InvocationTargetException
    Thanks & Regards
    Rahul Shah

    IT Resource Parameters :
    ADAM LockoutThreshold Value     5
    ADGroup LookUp Definition     Lookup.ADReconciliation.GroupLookup
    Admin FQDN     CN=Administrator,CN=Users,DC=proservdemo,DC=com
    Admin Password     *******
    Allow Password Provisioning     yes
    AtMap ADGroup     AtMap.ADGroup
    AtMap ADUser     AtMap.AD
    Invert Display Name     no
    Port Number     389
    Remote Manager Prov Lookup     AtMap.AD.RemoteScriptlookUp
    Remote Manager Prov Script Path     
    Root Context     DC=proservdemo,DC=com
    Server Address     IP Address
    Target Locale: TimeZone     GMT
    UPN Domain     proservdemo.com
    Use SSL     no
    isADAM     no
    isUserDeleteLeafNode     no
    & here is the exception which i see on console :
    Running GETINVERTDISPLAYNAMEVALUE
    Target Class = java.lang.String
    Running CONCATFIRSTANDLAST
    Target Class = com.thortech.xl.util.adapters.tcUtilStringOperations
    Running GETINVERTDISPLAYNAMEVALUE
    Target Class = java.lang.String
    Running CONCATFIRSTANDLAST
    Target Class = com.thortech.xl.util.adapters.tcUtilStringOperations
    Running CONCATDOMAIN
    Target Class = com.thortech.xl.util.adapters.tcUtilStringOperations
    Running CONCATUSERLOGINWITHDOMAIN
    Target Class = com.thortech.xl.util.adapters.tcUtilStringOperations
    MessageDateFieldBean, localName='messageDateField': oracle.cabo.image: Initializ
    ing image cache: D:\Oracle\OIM\xellerate\OIMApplications\WLXellerateFull.ear\xlW
    ebApp.war\cabo\images\cache\ ...
    MessageDateFieldBean, localName='messageDateField': oracle.cabo.image: Loading i
    mage 0 of 3 from image cache: D:\Oracle\OIM\xellerate\OIMApplications\WLXellerat
    eFull.ear\xlWebApp.war\cabo\images\cache\
    MessageDateFieldBean, localName='messageDateField': oracle.cabo.image: Finished
    initializing image cache: D:\Oracle\OIM\xellerate\OIMApplications\WLXellerateFul
    l.ear\xlWebApp.war\cabo\images\cache\
    Running ISADAM
    Target Class = java.lang.String
    Running Get Attribute Map
    Running AD Create User
    java.lang.reflect.InvocationTargetException
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpADCSCREATEUSER.ADCREATEUSER(adpADCSCREATEUSER.java:224)
    at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpADCSCREATEUSER.implementation(adpADCSCREATEUSER.java:91)
    at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
    at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(Unknown Source)
    at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcORC.insertNonConditionalMilestones(UnknownSource)
    at com.thortech.xl.dataobj.tcORC.completeSystemValidationMilestone(Unknown Source)
    at com.thortech.xl.dataobj.tcOrderItemInfo.completeCarrierBaseMilestone(Unknown Source)
    at com.thortech.xl.dataobj.tcOrderItemInfo.eventPostInsert(Unknown Source)
    at com.thortech.xl.dataobj.tcUDProcess.eventPostInsert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
    at com.thortech.xl.ejb.beansimpl.tcFormInstanceOperationsBean.setProcessFormData(Unknown Source)
    at com.thortech.xl.ejb.beansimpl.tcFormInstanceOperationsBean.setProcessFormData(Unknown Source)
    at com.thortech.xl.ejb.beans.tcFormInstanceOperationsSession.setProcessFormData(Unknown Source)
    at com.thortech.xl.ejb.beans.tcFormInstanceOperations_2j82mm_EOImpl.setProcessFormData(tcFormInstanceOperations_2j82mm_EOImpl.java:1245)
    at Thor.API.Operations.tcFormInstanceOperationsClient.setProcessFormData(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
    at weblogic.security.Security.runAs(Security.java:41)
    at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(Unknown Source)
    at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
    at $Proxy68.setProcessFormData(Unknown Source)
    at com.thortech.xl.webclient.actions.DirectProvisionUserAction.handleVerifyProcessData(Unknown Source)
    at com.thortech.xl.webclient.actions.DirectProvisionUserAction.goNext(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:280)
    at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(Unknown Source)
    at com.thortech.xl.webclient.actions.tcActionBase.execute(Unknown Source)
    at com.thortech.xl.webclient.actions.tcAction.execute(Unknown Source)
    at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
    at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at com.thortech.xl.webclient.security.SecurityFilter.doFilter(Unknown Source)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    Caused by: java.lang.NullPointerException
    at com.thortech.xl.integration.ActiveDirectory.tcUtilADTasks.createUser(Unknown Source)
    ... 68 more
    com.thortech.xl.dataobj.util.tcAdapterTaskException
    at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpADCSCREATEUSER.ADCREATEUSER(adpADCSCREATEUSER.java:230)
    at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpADCSCREATEUSER.implementation(adpADCSCREATEUSER.java:91)
    at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
    at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(Unknown Source)
    at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcORC.insertNonConditionalMilestones(UnknownSource)
    at com.thortech.xl.dataobj.tcORC.completeSystemValidationMilestone(Unknown Source)
    at com.thortech.xl.dataobj.tcOrderItemInfo.completeCarrierBaseMilestone(Unknown Source)
    at com.thortech.xl.dataobj.tcOrderItemInfo.eventPostInsert(Unknown Source)
    at com.thortech.xl.dataobj.tcUDProcess.eventPostInsert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
    at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
    at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
    at com.thortech.xl.ejb.beansimpl.tcFormInstanceOperationsBean.setProcessFormData(Unknown Source)
    at com.thortech.xl.ejb.beansimpl.tcFormInstanceOperationsBean.setProcessFormData(Unknown Source)
    at com.thortech.xl.ejb.beans.tcFormInstanceOperationsSession.setProcessFormData(Unknown Source)
    at com.thortech.xl.ejb.beans.tcFormInstanceOperations_2j82mm_EOImpl.setProcessFormData(tcFormInstanceOperations_2j82mm_EOImpl.java:1245)
    at Thor.API.Operations.tcFormInstanceOperationsClient.setProcessFormData(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
    at weblogic.security.Security.runAs(Security.java:41)
    at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(Unknown Source)
    at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
    at $Proxy68.setProcessFormData(Unknown Source)
    at com.thortech.xl.webclient.actions.DirectProvisionUserAction.handleVerifyProcessData(Unknown Source)
    at com.thortech.xl.webclient.actions.DirectProvisionUserAction.goNext(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:280)
    at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(Unknown Source)
    at com.thortech.xl.webclient.actions.tcActionBase.execute(Unknown Source)
    at com.thortech.xl.webclient.actions.tcAction.execute(Unknown Source)
    at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
    at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at com.thortech.xl.webclient.security.SecurityFilter.doFilter(Unknown Source)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    & is AD version 9.1.1.4 compatible with OIM 9.1.0.1
    Thanks & regards
    Rahul Shah

  • Delete oimGroup membership of the oim user using Script (oim 9.1).

    Hi All,
    I want to remove oim users' particular oim group membership, Is there any problem, if I use the following script to delete user group information from USg table?
    delete from usg where usr_key in (select usr_key from usr where usr_login in ('xxx','yyy')) and ugp_key=31
    Note: In our case, No policies,membershiprules are assigned to this oim group (we defined gruops only) and env is oim 9.1.
    Can any one confirm this. Or if there is nay problem, please let us know.
    Thanks.
    Edited by: user13285646 on Jul 28, 2011 11:01 PM

    Thanks Rajiv.

  • OIM: Is there a way to control resource groups based on OIM Admin group

    Hi,
    I have a resource+target system where we provision users and groups. My requirement is to make the group assignment/de-assignment to be based on OIM's user group of the admin. For example, admins from User Group UG1 can provision certain groups to a given user where as they cannot add/delete other groups. Similarly admins from another admin user group UG2 cannot add/delete resource groups to the same user.
    Have you come across such a requirement and if so could you please share you implemented this?
    Thanks

    The easiest way to do it is often to use a resource object for addition of groups, use request based provisioning and then include a test in the approval that checks if the raising user has the right to raise a request for that group. If not just deny the request.
    Works well and is easy to implement but may be considered a bit user unfriendly as it allows the admins to raise requests that are later auto denied.
    Best regards
    -Martin

  • How to Populate Database values in OIM user form

    Hi friends,
    I have created some groups in OIM and I have created a new field in OIM user form. Now i want the group values visible as new field values.
    How the database table values can be made visible in OIM field ..?
    please help me in doing it
    Regards
    sri

    Just follow this document and from fig 13 select LOV type as query.
    http://docs.oracle.com/cd/E21764_01/doc.1111/e14308/conf_mangmnt.htm
    Regards
    Shashank

  • User Groups in  IDM 11G

    Friends
    Exist in Oracle Identity Manager 11g User groups as in version 9..?
    Thanks

    If this question is about: What has happened to User Groups in OIM 11G then:
    The User Groups is now converted to Roles in OIM 11G.

  • Remove User Groups

    Hello All
    I just upgraded to BP12 of OIM 9.1.0.2 and in the process, had some problems with the ORM integration where is was creating new copies of roles in OIM for ORM roles. Now, instead of the 30 or so user groups that I should have, I now have about 950 or so. I have fixed the issue with the groups in OIM and change the ORMID of all the groups in OIM so they are no longer linked to ORM, but now I need to remove them so they are not showing up on everyones profiles. Do you know if there is a way to permanently delete user groups and the associated links from OIM so they are not available. Any help you can give on this would be much appreciated.
    Thanks
    Nick

    You can create a list of the groups you want to keep in OIM. Include the 4 default ones. Then looping through the list of groups use something along the lines of the following:
    Map map = new HashMap();
    map.put("Groups.Group Name", "*");
    tcResultSet set = groupIntf.findGroups(map);
    long[] users = new long[set.getTotalRowCount]'
    for (int i=0;i<set.getTotalRowCount();i++){
    set.goToRow(i);
    tcResultSet users = groupIntf.getAllMembers(set.getLongValue("Groups.Key");
    //Loop through the users result set to get all the Users.Key values. Add them to the array users[].
    //After you loop through remove the users
    groupIntf.removeMemberUsers(userList);
    //After you remove the users, delete the group
    groupIntf.deleteGroup(set.getLongValue("Groups.Key"));
    I typed this off the top of my head, there is no validation in it. You will be expected to be able to come up with the rest of it in java, but this should give you something to go off of.
    -Kevin

  • What  is difference between user group and reference user group?

    hi
    guys,
            what  is difference between user group and reference user group? 
    your regards
      p.suresh

    Hi ,
    Chk the link below for your clarifiacation.
    http://help.sap.com/erp2005_ehp_03/helpdata/EN/5c/c1c81c445f11d189f00000e81ddfac/frameset.htm
    Hope it helps.
    Regards,
    Amit
    Edited by: Amit Kotwani on Sep 2, 2008 2:15 PM

Maybe you are looking for

  • How to create a custom function module with the records in SAP R/3?

    Hi All, How to create a custom function module with the records in SAP R/3? Using RFC Adapter I have to fetch the custom function module records. Regards Sara

  • MacBook Pro Mac OS X Lion 10.7.5 to new Mac Pro

    I am currently using a pro 2011 and I want to buy a new one that runs on the Os X Mavericks system. I back up my current computer with an external seagate hard drive right now. If I buy a new computer running on Maverick and connect my seagate drive

  • Problem with cartridges

    Hi,My 932XL Black and 933 Yellow ink cartridge is lying vacant and unused as my older printer stopped working and it was replaced by an HP Officejet  8610. Those two ink cartridge has never been used and it seems like i have wasted around $51 on thos

  • X220 DP++ port to multiiple DVI-D monitors?

    Hi all, Would be grateful for your advice. I want to use my DP++ port on the Lenovo x220 to 'drive' two 24" DVI-D LCD monitors showing separate images.  It's not for gaming, only for boring office apps. I can't work out from the displayport.org websi

  • Painting in JPanel directly

    Hi. Can any one help me with how to paint directly in JPanel, I need to paint directly in a swing component, but i dont know in which and how How i use the paintComponent method of JPanel class.. Thanks.