PasswordField at request "Modify Provisioned Resource"
Hi, I'm using OIM 11g R1
I have a resource with a field Password (masked=true on the request dataset and PasswordField on the form).
When I do a request "Modify Provisioned Resource" without modify the field Password and modifiing just an other field, the request send the value "********" on the password field and this call the task "Passowd Updated".
How I fix it?
TKS
This is the code of my ModifyValidation plugin:
for (RequestBeneficiaryEntityAttribute attribute :
requestBeneficiaryEntityAttributes) {
if (attribute.getName().equals("Login")) {
String requestLogin = (String)attribute.getValue();
validateLogin(requestLogin);
} else if (attribute.getName().equals("Password")) {
String requestPassword = (String)attribute.getValue(); // Here, if I don't change the Password field, I get the value "********" instead of the old value of the password field
validatePassword(requestPassword);
And if the request send the value "********" on the password field and this call the task "Passowd Updated" with this value...
I put que attribute masked="false" at this field on request Dataset and when I open the request, the field value already is "*********" and the value of the password field was "12121212".
Tks
Similar Messages
-
To fetch process instance key for Modify Provisioned Resource while request
Hi,
I am trying "Self Modify Provisioned Resource" through Request and multiple resource object is assigned to the user.I have a requirement to a develop validator code to compare old data and request data and take action accordingly.How to get the Process Instance Key or OIU Key of the resource w.r.t user, so that i can compare the data entered in dataset to the data in process form and do the modify operation accordingly.
I am working on OIM 11.1.1.5 version and have applied BP03 patch also.
-Neha Gupta
Edited by: 912833 on Sep 11, 2012 2:26 AM
Edited by: 912833 on Sep 11, 2012 2:28 AMMore or less you can use the following:
resultGetObjects = userOperationsIntf.getObjects(plUserKey);
int countResultGetObjects = resultGetObjects.getRowCount();
logger.debug("CommonProvisioning.updateProcessForm Object Count = " + countResultGetObjects);
for (int j = countResultGetObjects; --j >= 0;) {
resultGetObjects.goToRow(j);
String objName = resultGetObjects.getStringValue("Objects.Name");
String status = resultGetObjects .getStringValue("Objects.Object Status.Status");
if (resourceObjName.equalsIgnoreCase(objName) && "Provisioned".equalsIgnoreCase(status)) {
prntPrvsndPrsInsKey = resultGetObjects .getLongValue("Process Instance.Key");
break;
}HTH,
BB -
OIM: Hide provisioned roles/responsibilities in the modify provisioned resource request dataset
Hi,
We are provisioning Oracle E-Business Suite R12 through EBS UM connector. Is there a way where we can either hide the already provisioned EBS roles/responsibilities in the available list of roles/responsibilities or move these under Selected Responsibilities and make them non-editable ? I couldn't find a way to do that in the Modify Provisioned Resource E-Business Suite Request Dataset. Please advise
Thanking in Advance
Abir1. End user raising the request is able to view the process form, I need to restrict few attributes i.e. position and responsiblity should not be visible to end userEnd user will see Application Instance Form and you can customize the UI to hide attributes
2. Position and Responsibility should be provided by approver (this is specified in request data set of provision resource)
Make your Java Code/Beans/Expression to show/hide attributes conditionally.
3. As per Oracle document there is no request data set for PROVISION and MODIFY resource. What is the replacement for this?Application Instance Form
4. After Request is raised it has been assgined to xelsysadm, how do i control the approval ?Approval Policies -
Failed to modify provisioned resource
Good morning, I created a template request type Self Modify Provisioned Resource and is working ok, I created a template request provisioned resource type and modify the listing when I do nothing of the resources is presented in the application. I have configured for the supervisor / manager can make requests. For example the provision resource type, its provisioning manager manages resources.
respectsSuppose Resource A is the name of Resource Object
User A is the user who is provisioned into Resource A
Verify your steps which you have executed or create a new template by following below steps:
Resource A is provisioned to User A
Create a template with below info
Name as Modify
Type as Modify Provisioned Resource
Allowed Resources : Select your "*Resource A*"
Set Template User Roles: Select ALL USERS, SYSTEM ADMINISTRATORS roles
After creation of template, go and verify the Resource Information and User Roles information on created template.
Login with XELSYSADM > Request for Others > Select Resource A > Select User A* > Next*
Rajiv Dewan -
Template based on Modify Provision Resource not showing existing groups
Hi All,
In OIM 11gR1, we have created custom templates based on Provision and Modify Provision Resource. For templates based on Modify Provision Resource, Oracle says that it should show all existing groups/responsibilities of the beneficiary during request creation. However, it shows empty rows during adding of new responsibilities. Has anyone faced this issue and why is this happening.
Please let us know.
Thanks.Samique Tanweer, Hope this solutions helps you.
One possibility is, If your CSS template is common for both BI and Other department Users except LOGO, then create a single CSS template.
In your report, Take a blank cell. Insert image into it.
Now, Create a Alert based on Users and apply that alert(Rule) to above inserted image. -
Disable provisioned resource via API
Hi All,
could anyone of you post an example of request "Disable Provisioned Resource" by using the OIM API?
Thank you,
Giuseppe.there is no API for enable/disable but you have to call Enable User and Disable User task using OIM API
Use below API for same
use tcProvisioningOperationsIntf API.
public void addProcessTaskInstance(long plTaskKey,long plOrcKey)
plTaskKey - The key of the process task defined in process definition(nothing but MIL_KEY)
plOrcKey - The key of the process order instance
Use belo query to get MIL_KEY/plTaskKey before executing above method
String sqlquery="select mil.mil_key from mil,pkg,tos,obj " +
"where mil.mil_name = "Enable User" +
"and obj.obj_name='<RO NAME>' " +
"and obj.obj_key = pkg.obj_key " +
"and tos.pkg_key = pkg.pkg_key " +
"and mil.tos_key = tos.tos_key" ;
use below for db connection in oim 11g
Connection con=Platform.getOperationalDS().getConnection();
Statement st=con.prepareStatement(query);
ResultSet rs=st.executeQuery();
while(rs.next())
ong milkey=rs.getLong("mil_key");
similarly you can get the ORC_KEY and call this method for running process task using code. Make sure 'manual insert' and 'Allow Multiple' property is enabled for this task. if not do it using design console -
Error while raising modify request for AD resource
Hi,
Getting below error in log, while raising modify request for AD resource, UI shows error while retrieving resource entity details.
<Oct 19, 2011 2:15:45 AM CDT> <Error> <oracle.iam.requesttemplate.agentry.operations> <BEA-000000> <The "itresource-type" property is missing for attribute reference AD Remote Manager ITResource, which is of type itresource-lookup.>
I verified the datasets for AD Remote Manager ITResource, comparing with our other environments. It is proper and we are not using AD Remote Manager ITResource anywhere.
<AttributeReference name="AD Remote Manager ITResource" attr-ref="AD Remote Manager ITResource" type="Long" length="10" widget="itresource-lookup" required="false" available-in-bulk="true"/>
Please let me know how to resolve this issue.
Thanks in Advance.
Edited by: 856226 on Oct 19, 2011 4:55 AMHi,
I think you should post this in an other forum, somewher in the Fusion stack, maybe Identy Management. This forums is ment for the Oracle database. So please post in a forum underneath https://forums.oracle.com/forums/category.jspa?categoryID=13&start=0
Herald ten Dam
http://htendam.wordpress.com -
Getting error while raising modify request for AD resource in OIM11g
Hi,
Getting below error in log, while raising modify request for AD resource, UI shows error while retrieving resource entity details.
<Oct 19, 2011 2:15:45 AM CDT> <Error> <oracle.iam.requesttemplate.agentry.operations> <BEA-000000> <The "itresource-type" property is missing for attribute reference AD Remote Manager ITResource, which is of type itresource-lookup.>
I verified the datasets for AD Remote Manager ITResource, comparing with our other environments. It is proper and we are not using AD Remote Manager ITResource anywhere.
<AttributeReference name="AD Remote Manager ITResource" attr-ref="AD Remote Manager ITResource" type="Long" length="10" widget="itresource-lookup" required="false" available-in-bulk="true"/>
Please let me know how to resolve this issue.
Thanks in AdvanceHi,
I think you should post this in an other forum, somewher in the Fusion stack, maybe Identy Management. This forums is ment for the Oracle database. So please post in a forum underneath https://forums.oracle.com/forums/category.jspa?categoryID=13&start=0
Herald ten Dam
http://htendam.wordpress.com -
Request Provision Resource Customization
Current Scenario:
A user logs into OIM (11.1.1.3.0) and creates a request for another user. He selects the 'Provision Resource' request template. He selects the user, and then selects the Oracle DB User resource. He then continues to the end of the workflow and submits the request.
Situation:
I have multiple Oracle databases, at different locations. During this request step, I need to be able to select the appropriate IT resource after having selected the Oracle DB User resource.
Desired Scenario:
A user logs into OIM (11.1.1.3.0) and creates a request for another user. He selects the 'Provision Resource' request template. He selects the user, and then selects the Oracle DB User resource. Then, depending on whether he needs to be provisioned to DB-A or DB-B, he selects ITResource-A or ITResource-B from a drop-down-list, or some sort of box. He then continues to the end of the workflow and submits the request.
Thank you kindly for any assistance.There are some Oracle By Examples (http://apex.oracle.com/pls/apex/f?p=9830:37:3789900036911568::NO:RIR:IR_PRODUCT,IR_PRODUCT_SUITE,IR_PRODUCT_COMPONENT,IR_RELEASE,IR_TYPE,IRC_ROWFILTER,IR_FUNCTIONAL_CATEGORY:,,OIM,OIM_11g,,,). However, with OIM it's always been learn while learning. It's a very large product, an even more with 11g. Most everyone will tell you the way to learn it is from usage and the headaches it causes. I would suggest you start with a simple connector and working to implement the request data set associated with it. Then try and tweak the dataset to be something different, and get a feel for modifications to the approval side of it, and build on it from there.
Others who have used 11g might be able to provide some insight, you'll just have to wait for their responses.
-Kevin -
Approvals for changes to a provisioned resource
I need to create an approval process for updating individual fields on the process form. The resource does not allow multiple accounts, so the option to update it doesn't seem possible. I know there is something I am missing here.
What is the best way to create an approval workflow for changes to an existing provisioned resource?
Any suggestions are greatly appreciated!
KCHi,
OIM dosn't support approval based resource modification,this is one thing we are lacking in OIM but there are few way to over come this.Here is one solution that I can think of.
1.Create a dummy resource for example "OID Resource Modification".
2.Create the resource form which will have all field name which can be modified.
3.Let this field value flow into process form of OID Resource Modification.
4.Create your approval process for this resource.
5.Now in the provisioning process of OID Resource Modification you can have task which will update the process form of orignal resource.
6.You will be requesting this resource modification.
Please let me know if you have any questions.
Regards
Nitesh -
Password Field not mapped between Request and Provisioning Form
Hi to all. I'm working with OIM 11g. I've faced a strange issue. I'm not sure I'm working properly, so let me explain you my case. In my installation I've got the SSH connector, which is correctly connected with the physical resources. I've loaded the resource dataset ProvisionResourceSSH User bundled with the connector. Consider now that the user "goofy", with "ALL USERS" role, tries to make a request Provision Resource SSH User (Request Based provisioning). He fills in all the field in the appropriate manner, but when OIM triggers "Create User" provisioning task, after the required approval process, the password field is always blank (although goofy filled it in!!!).
I've thought: "ok, it seems a role trouble". And effectively, if goofy has got also the role "REQUEST ADMINISTRATORS", the provisioning form shows the password field correctly valued (as goofy stated in his request).
Note that all the fields are correctly mapped between request dataset and the provisioning form (I'm using the original dataset and the original provisioning form installed by the connector). So all other fields filled by goofy on the request form (request based provisioning) are correctly passed to the provisioning form. All the fields, except for the password.
Am I wrong in something? How Could I make possible to pass the data filled on the request for the password field to the provisioning form even if the requester has not the role "REQUEST ADMINISTRATORS"?
Thank you in advance for the help.This sure seems goofy! ;-) ... can you try making the ALL Users have all the permissions on the Resource Object and the Process Form and test it out? Also try from the backend at the database and see if the table has NULL for the password field? ... What's the type of password field in the dataset and the process form? Encrypted/Secret at both ends or mis match? Try making them plain text both the places as well.
-Bikash -
User self request for a RESOURCE
Hi Experts,
I am facing the problem to self request the user for AD resource and getting the below error
Exception java.lang.ClassCastException: java.lang.String was thrown in adapter "ADCS Create User". The Adapter Response was "java.lang.String" .Setting task status... "java.lang.String" does not correspond to a known Response Code. Using "UNKNOWN".
But in the admin console when user request for the AD resource through AccessPolicy/Resource Profile user can able to provisioning into the AD resource.
Thanks and regards,
SantoshHi
1) In process form i checked the auto populate and autosave option in this scenario administrator can easily provisioned into the AD resource and in the object form m populating organization filed.If i wont do this then i have to edit the the process form and save it, then only user can provisioned in to AD.
2) If i am not populate the fields then i am not getting the error which was sent in earlier post but showing pending status(without approval) and user not provisioned in AD.
3) In self request you don't populate the field, it stays null which results in the class cast exception in the provisioning code. as u said , in this case if i want to provision the user through Adminconsole and as well as user self request for Provisioning in AD Resource case a) From adminconsole user provisioned
b) User self request not working and showing status as pending.
Thanks and Regards,
Santosh -
Error obtained while provisioning resource to the organisation
Hi,
I have created a workflow to connect to a target and provision resource.But when i am trying to provision resource to the organisation i am getting the below error.
l
Either you do not have the appropriate permissions to complete this action or a system error has occured.
Please contact your administrator for further assistance.
logs show that one entity adapter is throwing error as its reading a OBJ_key as 0 ..why is that so
Please help.
Its urgent.
Thanks
SkYou have an entity adapter where? Can you explain the whole process from beginning to end what happens when you submit the request?
-Kevin -
Unable to configure Request based provisioning in OIM 9.1.0.1
Hi,
I have been trying to configure request based provisioning wherein Admin can request to provision a resource for a certain user. I have checked on the Auto Prepopulate and Auto Save options in the Process Definition. The problem which I am facing is that if I uncheck the Auto save option, admin's request is completed properly and an Approval request is generated. If the admin approves it, the resource status is set to Provisioning. Inside the resource object, there's only one task System Validation with status completed. The process form is empty if I view it. But if i go to edit i can see the fields being populated. After saving the form, i can see the data in the "View" option too. After this, I am able to add a task "Create User" and provision the user to Active Directory.
But if i check the Auto Save option in the Process definition, the request is completed but no approval task is generated. There is nothing in the User's resource profile as well.
What could be the reason for this and what could be a probable solution in such a scenario? I seek all your help in order to resolve this issue.I have configured the approval tasks and the provisioning is working fine. The error which i am facing now is with 2nd level approver. I want the first level approver to be the requestor's manager, which is working fine. But when i am trying to fetch the Manager details of the requestor's manager (Requestor->Manager-> Manager), I am facing the below error.
Running GETSECONDLEVELAPPROVERTYPEUSER
2012-10-31 13:20:28,956 INFO [STDOUT] Target Class = com.pldt.adapter.ad.TaskAssignment
2012-10-31 13:20:28,957 INFO [STDOUT] Running GETSECONDLEVELAPPROVERKEY
2012-10-31 13:20:28,957 INFO [STDOUT] Target Class = com.pldt.adapter.ad.TaskAssignment
2012-10-31 13:20:28,957 INFO [STDOUT] ***************************Inside getSecondLevelApprover***************
2012-10-31 13:20:28,974 INFO [STDOUT] **************************usrKey**********1
2012-10-31 13:20:29,039 INFO [STDOUT] *****************ResultSet1***********Thor.API.tcMetaDataSet@5b895cb9
2012-10-31 13:20:29,080 INFO [STDOUT] *****************ResultSet2***********Thor.API.tcMetaDataSet@68d6c6eb
2012-10-31 13:20:29,080 ERROR [STDERR] java.lang.ClassCastException: java.lang.Long cannot be cast to java.lang.String
2012-10-31 13:20:29,081 ERROR [STDERR] at com.thortech.xl.adapterfactory.events.tcAdpEvent.setKeyValue(Unknown Source)
2012-10-31 13:20:29,081 ERROR [STDERR] at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpGETSECONDLEVELAPPROVER.implementation(adpGETSECONDLEVELAPPROVER.java:56)
2012-10-31 13:20:29,081 ERROR [STDERR] at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
2012-10-31 13:20:29,081 ERROR [STDERR] at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
2012-10-31 13:20:29,081 ERROR [STDERR] at com.thortech.xl.dataobj.tcScheduleItem.handleTaskAssignPostInsert(Unknown Source)
2012-10-31 13:20:29,081 ERROR [STDERR] at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(Unknown Source)
2012-10-31 13:20:29,082 ERROR [STDERR] at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
I am passing the user key of the manager to fetch his manager's data. Please suggest a resolution for this. -
How to Configure OIM 9.1 for Request-Based Provisioning
Hi experts,
I am new to OIM and need to know how to configure request based provisioning. Here is the scenario.
My environment has two target systems (Sun LDAP and Novell EDirectory) configured for provisioning to OIM 9.1
A user should be able to login, request either or both (SUN LDAP and EDir) for self or others.
Now the request should go to an admin for approval.
Once approved, the requested accounts should be created on the target systems.
Please guide me on the procedure to be followed.
Many thanks in advanceYou will have to download the standard out of box connector for these target systems & will have to import it through the Deployment manager into OIM. Then you will have to create the Process definition of approval type & attach it to the same resource object. Please read the belo link before implementing any thing. This will provide you a better idea.
http://download.oracle.com/docs/cd/E10391_01/doc.910/e10363.pdf
Maybe you are looking for
-
Error in Report: Next to amount field i could see 'ERROR' word in report
Guys, Problem in Report: Next to amount field i could see 'ERROR' word in report Eg: Invoice Amount : "1200ERROR" it should be like "$1200". Pls help where do i need to check. Thanks
-
Setting SharePoint folder permissions
Our school has just got SharePoint 2013, and I have been tasked with setting up a folder structure for the Teachers. What they want is a Department Folder in the Root, and inside the Department Folder the Facility Folder, and inside that the Subject
-
Does IT services sales experience can be counted as a domain experience for SAP SD Fresher?
Hello All, I am new to SCN and i need your help. I am currently working as a Sales Executive with an IT consulting firm specialized in SAP & Oracle consulting services. I want to enter into SAP world and i thought that SAP SD is best for me because o
-
Hi, have an SC for approval. In one of the Std.Task 10008126, there is a multiline container &REQREQ.MATERIALGROUPLIST& which displays the material group. Also I am displaying a Total value, so the content is something like this: Total value is 100 a
-
Installed Flash Player 12 ActiveX not recognised - Windows 7 & Internet Explorer
On 2/5/2014 I downloaded Adobe Flash Player 12 ActiveX for the 4th time and yet the system is giving me an error message saying "You're mission the video converter tool." I have a HP Windows 7 system. Back in October, I was able to use the Internet