Pre-Populate AD Groups upon Provisioning of AD User
I've been trying to figure out how to auto-populate groups in AD for users based on a single attribute in the OIM User Profile.
For example, if a user's geographic code on the OIM User Profile is TX and he has an Administrator title, then I want that user to be added to the TEXAS USERS and the TEXAS Administrators group.
How do I do this without using the Access Policy/Role configuration, but through adapter/lookup/triggers upon the provisioning of the AD account?
I have adapters that now pre-populate single-valued attributes and lookup table values. However, it doesn't look like the multi-valued attributes work this way.
Any ideas or references?
Thanks!
instead of pre-populate adapter write process task adapter through which you can populate all the required AD Groups on Child form using OIM API. attach this task on the success response of Create User task
multivalued attribute you can't prepopulate using design console mapping you have to write your own code.
follow the below steps
1. create process task adapter pass(Process Instance Key, User Definition->Graphic code,User Definition->title)
2. using API populate AD groups in AD child form based on condition. use below API
tcFormInstanceOperationsIntf.addProcessFormChildData();
3. create a task under "AD User" process def and integrate above adapter. map process data->process instance and other User Definition attributes which will decide what groups has to be given
4. attach this task on the success response of Create User Task
find API detail at below link
http://otndnld.oracle.co.jp/document/products/id_mgmt/idm_904/doc_cd/javadocs/operations/Thor/API/Operations/tcFormInstanceOperationsIntf.html#addProcessFormChildData%28long,%20long,%20java.util.Map%29
--nayan
Similar Messages
-
Pre-populate Portal sign-on screen
Is there a way to pre-populate the portal sign-on screen with user-id and password ? We are in the process of migrating users to SAP portal, and are looking at re-directing (auto login if possible (or) pre-populate login fields at the least) them to the new site when they access the old site.
I reviewed the HTMl source of the portal login page, but did not see a way to pass parameters in the URL.
Thanks in advance for any suggestion !Hi Srikanth,
You can send your user name & password to the portal as url parameters like:
http://<server>:port/irj/portal?j_user=your_user_name& j_password=your_password
Hope this helps,
Best Regards,
Nibu. -
Pre-Populate group membership details while provision
Hi,
We are using AD Connector 9.1.0.1 to provision OIM user to ADAM.
While provision I need to pre-populate group membership details of user like other user attributes.
Is it possible to do this using pre-populate adapter; if so then please provide us details to do this or is there any other approach to achieve this?
-HardewCan you explain the FormInstanceOpsIntf piece in a little more detail? I'm having a similar issue as the other two posters above, except mine is with OID.
1) So focusing first on just creating the adapter...
a. Create a new adapter of type Entity.
b. Create the adapter variables here???
-> Three variables of type long, and one of type object???
c. Add an adapter task
-> Type: Utility Task -> Oracle Identity Manager Api
-> New Object Instance
-> Task Name: <not important>
??? (is this correct) -> Application API - Thor.API.Operations.tcFormInstanceOperationsIntf
??? (is this correct) -> Methods - 17. public abstract long Thor.API.Operations.tcFormInstanceOperationsIntf.addProcessFormChildData(long,long,java.util.Map)
d. Complete the Parameter Data Mapping
-> Input: long - ??? (what to map here?)
-> Output: long - ??? (what to map here?)
-> Input: long - ??? (what to map here?)
-> Input: java.util.Map - ??? (what to map here?)
2) After the adapter is created, I will look up the "OID User" form in the Data Object Manager, and add the adapter I created under "Post-Insert".
Thanks! -
Pre-populate adapters behaviour during role based provisioning
Hi all,
I have a question about pre-populate adapters behaviour during role based provisioning.
I'll sortly describe our architecture: we have OIM 11.1.1.3, Active Direcotry connector and obviously Active Directory as target system.
Our scenario is: assigning a role to a user , OIM should provision two account for this user to the same target system but in two different organizational unit (Active Directory).
Here some sample information to better understand our request:
- OIM User userID: userid1
- Active Directory IT Resource: ADServer1
- Active Directory Organizational Units: OU1 and OU2
- Role: Example Role
- UserID of the account provisioned in OU1: admin.userid1 (in this organizational unit the UserID is composted by a prefix "admin." and the OIM User UserID "user1")
- UserID of the account provisioned in OU2: user.userid1 (in this organizational unit the UserID is composted by a prefix "user." and the OIM User UserID "user1")
To achieve this goal, we have created two access policies AP1 and AP2. The first access policy provision the user account in OU1; while the second one in OU2.
Here some access policies form details:
### AP1 ###
- AD Server: ADServer1
- Organization Name: OU1
(other fields are empty)
### AP2 ###
- AD Server: ADServer1
- Organization Name: OU2
(other fields are empty)
Our idea was to develope two pre-populate adapter: one to compose the userID with "admin." prefix and the other one to compose userID with "user." prefix. However this solution cannot work because obviously you can link only one pre-populate adapter to a resource form field.
Any suggestion to avoid to create a second resource form?
Thank in advise,
DanieleHi,
probably your confusion is caused by my english....anyway....
I'm trying to generate two userids and in our scenario it's simple map the organizational units. For example userids in organizational units OU1 have "admin." prefix; while organizational units OU2 have "user." prefix.
Do you suggest to create a pre-populate adapter that use a lookup to set the correct prefix based on organizational unit name?
Thank you
Daniele -
Pre-populate a multi-valued attribute on target?
Hi. I am working on pre-populating our I-Planet target resource with data we are storing in OIM User(Address data). it is a requirement by the AD group to store the data as a multi-valued attribute in the LDAP attribute postaladdress. I have tried setting up the resource form to use a pre-populate adapter to populate each line of the address, but I can only add the adapter once for the attribute. Any ideas on how to do this with a pre-populate adapter?
rkimbal45You will probably need to write your own custom code to connect to your ldap directory and perform any actions needed when the field is updated. So you'll need a pre-populate to fill in the date with some sort of delimiter. Then on provisioning, you'll want to trigger this task after the create user. Then when any updates are performed, you'll need to completely refresh the multivalue attribute in the target. I would suggest one function to be called in your custom code, then query ldap for what exists, and parse your data for any updates neccessary, and then do as needed based on what exists and what needs to be added/deleted/updated.
-Kevin -
Develop pre-populate adapter in request dataset in OIM 11G
Hi Friends,
I have a field say UD_TEMP_FORM_FIELDA on the process form which is going to be populated based on the value of a field SAY UD_TEMP_FORM_FIELDB on the request dataset.
So my request dataset will have only one field which is UD_TEMP_FORM_FIELDB.
And my process form will have two fields UD_TEMP_FORM_FIELDA and UD_TEMP_FORM_FIELDB.
And I developed a pre-populate adapter on the process form to populate UD_TEMP_FORM_FIELDA field based on the value of UD_TEMP_FORM_FIELDB during provisioning. But pre-population is not at all getting triggered during provisioning. I believe I need to put UD_TEMP_FORM_FIELDA also on the request dataset and pre-populate its value in request dataset itself and pass the value from request data set to process form. Is this correct?
If so, as per the documentation, we need to create a request dataset with pre-pop adapter in the below format.
<AttributeReference name="Domain" attr-ref="domain" available-in-bulk="true" type="String" length="20" widget="text">
<PrePopulationAdapter classname="oracle.iam.request.DomainPrepopulateAdapter"/>
</AttributeReference
As we are specifying only the class name in the above statement,
1) How to pass the value of UD_TEMP_FORM_FIELDB to this class.
2) Which method in the class will execute
3) How to Registert this class.
Can you please provide me some steps/urls for the above requirement?
Thanks,
MikeHi Nishith,
Thanks for your response.
As per my requirement I am going to keep UD_TEMP_FORM_FIELDA (Group Owner) and UD_TEMP_FORM_FIELDB (AD Group Name) in the child forms and I am going to use the below pre-populate adapter code to get the value for UD_TEMP_FORM_FIELDA based on value of UD_TEMP_FORM_FIELDB.
My question is:
If I raise a request with only one value in the child form, then the below code will code work. But, If I add more than one value say AD groups in the child form while raising a request, this code is going to retrieve same owner value for all AD groups as it will go by FOR loop.
How to pre-populate the individual owner for the individual AD group given in the child form? Please let me know.
public class PrepopEBSRespValue implements PrePopulationAdapter {
public Serializable prepopulate(RequestData requestData) throws RequestServiceException,
tcAPIException,
tcInvalidLookupException,
tcColumnNotFoundException {
List<Beneficiary> beneficiaries = null;
List<RequestBeneficiaryEntity> benEntities = null;
List<RequestBeneficiaryEntityAttribute> benAttrs = null;
String ownerValue="";
beneficiaries = requestData.getBeneficiaries();
if (beneficiaries != null && !beneficiaries.isEmpty())
for (oracle.iam.request.vo.Beneficiary beneficiary : beneficiaries)
benEntities = beneficiary.getTargetEntities();
if (benEntities != null && benEntities.size() > 0)
for (oracle.iam.request.vo.RequestBeneficiaryEntity benEntity : benEntities)
benAttrs = benEntity.getEntityData();
if (benAttrs != null && benAttrs.size() > 0)
for (oracle.iam.request.vo.RequestBeneficiaryEntityAttribute benAttr : benAttrs)
if(benAttr.hasChild())
java.util.List <oracle.iam.request.vo.RequestBeneficiaryEntityAttribute> list = benAttr.getChildAttributes();
java.util.Iterator iterator = list.iterator();
while(iterator.hasNext())
oracle.iam.request.vo.RequestBeneficiaryEntityAttribute attribute =(oracle.iam.request.vo.RequestBeneficiaryEntityAttribute)iterator.next();
String attrName=attribute.getName();
if (attrName.equalsIgnoreCase("Owner"))
String lookupName="Lookup.Owner.values";
System.out.println("Getting decoded value for the given code key..");
String attrValue=attribute.getValue().toString();
HashMap searchcriteria = new HashMap();
searchcriteria.put("Lookup Definition.Lookup Code Information.Decode", attrValue);
Thor.API.Operations.tcLookupOperationsIntf lookupIntf=Platform.getService(Thor.API.Operations.tcLookupOperationsIntf.class);
tcResultSet result = lookupIntf.getLookupValues(lookupName,searchcriteria);
for(int i=0;i<result.getRowCount();i++)
result.goToRow(i);
ownerValue = result.getStringValue("Lookup Definition.Lookup Code Information.Code Key");
System.out.println("Decoded Value::"+ownerValue);
return (Serializable) ownerValue;
} -
Pre-populate the process form as part of Role Alignment - Need suggestion
Hi,
As part of implementation we are going to take over the Provisioning of AD (Via Groups-->Access Policy) using OIM which was initially configured to provision manually. Now as part of migration we required to assign a base group to the users who has already AD reconciled resource (and align it with policy via SQL updates -->POL_key is process form, OIU_POLICY_BASED in OIU table). We are doing this as part of direct SQL updates. The other part of the requirement to align the process form values using the configured pre-populate adapters (for e.g. if the current value of any attribute is X and the prepopulate adapter suggest that it should be Y then the migration should also update this attribute.) We tried to use the prepopulateProcessForm API of tcFormInstanceOperationsIntf but it seems this is working only when the System Validation is in Pending state. The other option we are thinking of putting java code and then call the prepopulate adapter by passing each input params and updating tha value via API if any update is required. Just wondering if there is anything else we can use as part of bext practices. If anyone has done this kind of implemntation please let us know your inputs. ThanksHero,
You want to ...
1. create users
2. give them privileges
3. assign them to groups
4. assign a default groups to users
You will need to do this in the following sequence of steps...
1. Populate the user entries in OID, and assign the default group
2. Create the groups in OID and assign the users to them
3. Assign the appropriate portal privileges to the groups
For step 1 and 2, I'll have to refer you to the OID Administrator's Guide for Release 9.0.2.
This document contains a lot of good information, but in particular, you'll want to review Appendix I ...
"Migrating User Data from Application-Specific Repositories". This addresses the LDIF migration tool
and describes the schema elements needed for the IAS user accounts.
For step 3, the easiest way would be to assign the privileges to the groups through the user interface. Once the groups are defined
in OID, you can select them via the Portal UI to assign the portal privileges to them.
The proper place to locate portal instance-specific groups is under the portal instance group base, which is
cn=portal_groups, cn=groups, <subscriber_base>. The following white paper
may be helpful to understand the organization of the directory information tree. -
Pre populate adapter in OIM 11gr2 not triggered in database
Hello,
Folowing is the steps for creation of pre populated adapter in OIM
** we have created one form in OIM which is provisioned to Database**
Steps
· Installed GTC connector for Database Web App 9.*
· Created new user and Table in Database
· Created IT resource for Database
· Created Sandbox, App Instance and Form, published sandbox
· Started catalog synchronization job scheduler
· Created user and and request account to app instance.
* select application instance to catalog and checkout.
** we have created adapter as per the following link
http://idmrockstar.com/blog/2009/08/how-to-create-a-prepopulate-adapter-in-oim/
create a pre populated adapter that will populate the firstname of user in email using java class
source code:
public class AdapterClass{
public String email( String fname )
return fname;
Steps:
1) In the design console I have open the Adapter Factory and create a new adapter name :firstname
adapter type: pre-populate rule generator
click on save
2) select variable list tab:
variable name:Firstname
type:String
Map to : Resolve at runtime
click on save
3) select Adapter Task tab
* click add and select logical task
* select SET VARIABLE and click continue
* Operand Type:variable
* Operand Qualifier : FIrstname
click save and save the adapter
4) compile the java class into jar file and move the jar file into OIM_HOME\server\JavaTasks
5)Create a new Adapter with the following"
Adapter name:Email
Adapter type: Pre-populate rule Generator
click save
6) select variable list tab:
variable name: var1
Type:String
Map to:Resolve at runtime and click save
7) select Functional Task tab:"
select java click continue
select the following information:
Task name:email
Api source: JavataskJar:Adapterclass.jar( the jar file which you have create)
application api: adapteclass
click save
8) In the Application method parameters,select the first input: String
Cange Map to:Adapter variables
Set the name to:var1 and click save
9) select the output:STring
change map to:Adapter variables
set name to: return variable
10) click save and save the adapter and click on Build
Adapter is now build the next step isto join it to the form
** join the adapter to the form**
Steps:
1) click on form designer and search the related form which we have created
2) In the respective form click on create a new version and create a new version
3) and then click on Pre populate tab and click on ADD
4)select adapter field to firstname
Rule : default
Adapter : Firstname
and click on save
5) In the adapter variable field click on firstname and fill the following
map to: Process data
Qualifier : firstname
6) Repeat steps 3 to 5 to map the email adapter
7) click on save.
Now we have done with all the steps and now we have created one User submit the user
we have click on request acounts ---> search the catalog and select the application instance (select the app instance "database provisioning") ---> add to cart ---> and check out ---> fill the form leaving email field --> ready to submit ---> submit
now we have check this user in database but still pre populated fields are not reflected. since this not working so we have found the other three links
Re: OIM 11gR2 - Prepopulate Field Empty Problem
http://fusionsecurity.blogspot.in/2013/01/populating-request-attributes-in-oim.html
http://identityandaccessmanager.blogspot.in/2011/07/prepopulate-adapter-in-oim-11g.html
according to these links they mention to implements the prepopulationadapter interface into the java class and create the plugin.xml for the class which we have used in jar.
so we prepared a plugin.xml
<?xml version="1.0" encoding="UTF-8" ?>
<oimplugins xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<plugins pluginpoint="oracle.iam.request.plugins.PrePopulationAdapter">
<plugin pluginclass= "com.oracle.demo.iam.prepop.plugin.UserLoginPrePop" version="1.0" name="UserLoginPrePop">
<metadata name="PrePopulationAdapater">
<value> My_users::email</value>
</metadata>
</plugin>
</plugins>
</oimplugins>
and the java class which implements "PrePopulationAdapter".
they mention to put that jar into one directory named "lib"and paste the xml and lib folder into the OIM_HOME\server\plugin
BUt we stuck on how to configure the adapter or what is the next steps for the above process. or there is something that we have missed in the process
please do reply its urgent
Regards,
Tushar Palekarhii i have followed all your steps regarding the pre populated adapter ,but no luck.
java code :
package com.oracle.demo.iam.prepop.plugin;
import java.io.Serializable;
import oracle.iam.request.plugins.PrePopulationAdapter;
import oracle.iam.request.vo.RequestData;
public class Userfname implements PrePopulationAdapter {
public Serializable prepopulate(RequestData requestData){
String fname = "xyz";
System.out.println("Returning fname ==== " + fname );
return fname ;
2)i have create a jar for this code and paste it into lib folder.
3) i have create a plugin.xml
<?xml version="1.0" encoding="UTF-8" ?>
<oimplugins xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<*plugins pluginpoint="oracle.iam.request.plugins.PrePopulationAdapter">*
*<plugin pluginclass= "com.oracle.demo.iam.prepop.plugin.Userfname" version="1.0" name="Userfname">*
*<metadata name="PrePopulationAdapater">*
*<value>register::LAST_NAME</value>*
*</metadata>*
*</plugin>*
*</plugins>*
*</oimplugins>*
4)i register the plugin using ant -f pluginregistration.xml register
5)i have restartthe oim server and then i create a user using the same app instatnce in which i have create the form(ie.register),and
request acount-->select app instance ---> add to cart
but the last name xyz as per the java code is not reflected in the dadbase table.
please help
tushar palekar -
Why do basic dates pre-populate on a create order with reference?
When manually creating a production order with reference to another, we sometimes have basic dates pre-populate and greyed out/protected when the 1st screen comes up. Most of the time the dates are open for input and unpopulated. Certain materials cause this to happen. We do not know why. Can you tell me what causes this? We need to know how to predetermine this circumstance to use a BDC.
Thanks,
AdaHi Caetano,
Thank you for your response.
I have checked, I have already assigned the work center and the operation in OPJG.
I have created a task list group in CA11 in which I have filled in the work center, the base quantity and the machine time.
When I try to create a production order, the standard sequence and the operation are created (it was not the case before). But the Start date is still not updated. I have the following error message :
"Not all standard values maintained
Message no. C7067
Diagnosis
You have not maintained all standard values in the operation.
Procedure
Maintain the standard values in the operation."
Please consider that I am a junior PP consultant and if it is possible thanks to be clear and precise in your responses. -
LOV Decode value returned by Pre-populate Adapter
Hi,
I have a lot of UDFs of type LOV, in particular System LOV( that point to custom Lookup Field definitions).
My problem is to get and return not the Lookup Decode value and not the Lookup Code Key (default OIM behavior) by a Pre-populate adapter.
May you help?
Thanks and regards,
Gabriele.Hi Kevin,
may you provide a sample code fro that?
What you said it's true for UI/RequestTemplate that is: the Lookup Decode value it's displayed; but it's not true for a Pre-populate adapter mapped on a Provisioning Form.
In particular my custom pre-populate adapter is like the following:
CUSTOM Prepopulate Field Value
Adapter Name: CUSTOM Prepopulate String Field Value
Adapter Type: Pre-populate Rule Generator
Description: return input field value (String)
[Save]
[Variable List]
[Add]
Variable Name: string_field_value
Description: string_field_value
Type: String
Map to: Resolve at runtime
[Adapter Tasks]
[Add]
Logical Task + SET VARIABLE
Variable Name: Adapter Return Variable
Operand Type: Variable
Operand Qualifier: string_field_value
[Build] (Compile Status = OK)
[Save]
and it is mapped on AD Provisioning Form (Form Designer - UD_ADUSER - Pre-Populate):
Field Name: Description
Rule: Default
Adapter: CUSTOM Prepopulate String Field Value
[Save]
[Map] string_field_value
Map to: User Definition
Qualifier: <UDF LOV attribute>
where the <UDF LOV attribute> it's my custom sttribute type System LOV. It returns the Code Key value not the Decode value. -
Generating Manager field in OID by using Pre-populate Adapter
Hi All,
I created a pre-populate Adapter that uses First name and Last name of user and add the manager field to OID during provisioning.
But during provisioning i am getting Naming Exception.
This is what i found in JBoss application server.
09:30:58,828 INFO [STDOUT] Running CONCATENATEVARS
09:30:58,828 INFO [STDOUT] Target Class = StringUtil
09:30:58,921 INFO [STDOUT] Running CONCATENATEVARS
09:30:58,921 INFO [STDOUT] Target Class = StringUtil
09:30:59,640 INFO [STDOUT] Running GetTargetAttributeMapping
09:30:59,703 INFO [STDOUT] Running GetProcessData
09:30:59,859 INFO [STDOUT] Running SHOULDUSEXLORG
09:30:59,875 INFO [STDOUT] Target Class = java.lang.Boolean
09:30:59,875 INFO [STDOUT] Running SHOULDUSESSL
09:30:59,875 INFO [STDOUT] Target Class = java.lang.Boolean
09:30:59,875 INFO [STDOUT] Running CREATEUSER
09:31:00,203 INFO [STDOUT] Target Class = com.thortech.xl.integration.OID.tcUtilOIDUserOperations
09:31:00,250 INFO [OID] Parameter Variables passed into com.thortech.xl.integration.OID.tcUtilOIDUserOperations:tcUtilOIDUserOperations(s,s,s,s,s,o,o,b): are sServ
sPort = 3060, sPrincipalDN = cn=orcladmin,
09:31:00,281 INFO [OID] Parameter Variables passed into com.thortech.xl.integration.OID.util.tcUtilLDAPOperations:tcUtilLDAPOperations(): Login Variables are:: are
= cn=orcladmin, sProviderURL = ldap://192.168.109.140:3060,
09:31:00,281 INFO [OID] Parameter Variables passed into com.thortech.xl.integration.OID.tcUtilOIDUserOperations:createUser(S,S,S,S,S): are sContainerDN = cn=users,
ER8,
09:31:00,343 INFO [OID] com.thortech.xl.integration.OID.util.tcUtilLDAPOperations : connectToAvailableOID() : SSL option is not selected in ITResource
09:31:00,359 INFO [OID] Parameter Variables passed into com.thortech.xl.integration.OID.tcUtilOIDUserOperations:formatOrgDN(s,s): are sOrgDN = cn=users, sRootDN =
09:31:00,359 INFO [OID] Parameter Variables passed into com.thortech.xl.integration.OID.tcUtilOIDUserOperations:isObjectExists(S,S): are sContainerDN = cn=users,dc
09:31:00,375 INFO [OID] Parameter Variables passed into com.thortech.xl.integration.OID.util.tcUtilLDAPOperations:search(S,S,b,S[]): are pSearchBase = cn=users,dc=
09:31:00,390 INFO [OID] Parameter Variables passed into com.thortech.xl.integration.OID.util.tcUtilLDAPOperations:createObject(S,A): are pObjDN = cn=TESTUSER8,cn=u
.BasicAttributes$IDEnumImpl@1217a79,
09:31:00,515 ERROR [OID] ====================================================
09:31:00,515 ERROR [OID] ERROR in OID:com.thortech.xl.integration.OID.util.tcUtilLDAPOperations:createObject(S,A) NamingExceptionUnable to create object
09:31:00,515 ERROR [OID] ====================================================
09:31:00,531 ERROR [OID] ====================================================
09:31:00,531 ERROR [OID] cn=TESTUSER8,cn=users,dc=orademo,dc=com: [LDAP: error code 34 - Invalid DN Syntax]
09:31:00,546 ERROR [OID] ====================================================
09:31:00,546 ERROR [OID] ====================================================
09:31:00,562 ERROR [OID] ERROR in com.thortech.xl.integration.OID.tcUtilOIDUserOperations:createUser(S,S,S,S,S) NamingExceptionError while connecting to target
09:31:00,562 ERROR [OID] ====================================================
09:31:00,578 ERROR [OID] ====================================================
09:31:00,578 ERROR [OID] com.thortech.xl.integration.OID.util.tcUtilLDAPOperationsUnable to create objectNamingExceptioncn=TESTUSER8,cn=users,dc=orademo,dc=com: [LDA
09:31:00,578 ERROR [OID] ====================================================
09:31:00,593 ERROR [OID] ====================================================
09:31:00,593 ERROR [OID] com.thortech.xl.integration.OID.util.tcUtilLDAPOperationsUnable to create objectNamingExceptioncn=TESTUSER8,cn=users,dc=orademo,dc=com: [LDA
09:31:00,609 ERROR [OID] ====================================================
Can anyone help me to come out of this.
Thanks & Regards,
Rajesh.Hi Rajiv,
I am generating the value to the manager field in OID.I found this value getting generated in the OID user form.But this value is not provisioning during provisioning the user.
In the OID Configuration Lookup table i found the manager is mapped to ldapManager.But when i connected to OID through ldap browser i didn't find this attribute.The manager attribute is not there.
So can you help me to solve this.
Thanks & Regards,
Rajesh. -
Pre-Populate adapter for Oracle connector
Hi ,
We are using OIM to manage Oracle and AD users. I have a requirement to provision users to both the target system , For AD connector, predefine pre-populate adapters are available for populating login id , first name , last name etc…from OIM user form, but in case of Oracle I didn’t see any such pre-populated adapter. How can I populate a value in the Person_uid field for the oracle user what ever the value will given in the OIM user form.Should i need to write any custom code for pre-populate adapter.
Version details
OIM – 9.1.0.1
Oracle Connector 9.1
Regards,
PoornaI hope that Kevin has explained but I am writing once again for your convenience
Create an adapter of type pre-populate
Add a variable, X, of type String and set the Map To to Resolve at Runtime.
Add a logical task SET VARIABLE.
Map Adapter Return value with variable X
Compile the adapter
Just attach this adapter with your fields on process form and map the variable with User Definition Fields like first name, last name etc.
It will work for you but keep in mind that it will populate String Fields of User Definition.
For Date and other fields you have to create a similar adapter -
Pre-populate adapter for setting the Active Directory OU for a user
Hi All
I created a pre-populate adapter that set the Active Directory OU for a user...
In the end the status of the resource is still showing "provisioning"..
It must be "Provsioned"..did I miss something ?
The logs speak as below :-
08:01:12,678 INFO [STDOUT] Running Create User
08:01:12,678 INFO [STDOUT] Before appending Root Context:OU=Human Resources,
08:01:12,678 INFO [STDOUT] tcUtilLDAPController.java : hierString : OU=Human Resources,dc=mydomain,dc=com
08:01:13,553 ERROR [ACTIVEDIRECTORYCONTROLLER] Problem creating object: javax.naming.OperationNotSupportedException: [LD
AP: error code 53 - 0000001F: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0
]; remaining name 'cn=ASYMONDS'
08:03:18,756 INFO [[xlWebApp]] action: LogonAction: User 'XELSYSADM' logged on in session 8116CBC0FA1481D06A207A1941B9
E096
08:22:31,256 ERROR [WEBAPP] Class/Method: ProvisionedResourcesForUserAction/confirmEnableSelection encounter some proble
ms: No checkbox was checked.Just verify the OU value is correctly populated , first try doing the provisioning by manually giving OU and everything .
Is it successful ?
Then we can check if something wrong going with pre pop.
Thanks
Suren -
Hi,
oim v 11G
I want to "use" the user password when provision to the DB .
I have created a prepopulate adapter
but then I can not seem to be able to connect this adapter to get the valuse form the user process.
in the "data object information" - i don't see the users form (as i used to see in v9 ) so i can not perform the operation.
any idea ?
thanks
s.Why would you need to put a pre-populate in the Data Object Manager form. Dont you put it in the Form Designer -> Pre-populate section ? ?
I hope it should be the same in 11g as well.
Where as if you are talking about Entity Adapter which is Event Handlers in 11G then its an altogether different process which involves:
- Creating an xml for your plugin
- Importing it into the MDS database using import utility
- Registering your plugin -
PP03 - Custom OM Action - Pre-populate fields on Infotype 1013
I have a requirement to configure a OM action via PP03. One of the infotypes getting created is the 1013 Employee Group/Subgroup related to the position. I need to have the screen pre-populate both the Employee Group and SubGroup values when this screen pops up. On the PA side, you can do this multiple ways. However, on the OM side, I'm not sure what way this could be done?
Keith,
I cannot access the system right now.
I can update you on Monday the earliest.
Let's wait for others' responses.
Regards,
Dilek
Maybe you are looking for
-
SYNCING / TRANSFERRING LONG VOICE MEMOS FROM IPHONE 4S to PC OR LION
Hi all, I have a 37 minute long Voice Memo on my Voice Memos. I want to put it on my PC or mac and then delete it on my iphone 4S. How do I sync or transfer it to my PC? At the moment, I connect to the PC and the files show up on itunes inside the vo
-
Process not picking up my control
Hi I have a process that runs some sql insert into test (test) values (:P28_SS_ID); and it is not picking up the value in P28_SS_ID there is a definately a value in there anyone any ideas why? Thanks in advance
-
Resizing datafile in a Physical Standby
I have created a physical standby db for testing. One of the tests was to resize a dbf on the primary, knowing that the file could not extend on the standby due to space limitations. This has caused arch files not to be applied to the standby db. How
-
I have corrupted fonts when i use firefox in my pc. Can you help me please ?
this hapens only when i use firefox.
-
I'm working in an application (doesn't matter which one, it's persistent in all apps) and choose [File, Open] (or [File, Save as]. Then I want to go to one of my HD's, so I want to select the HD. But then all of a sudden, upon clicking for the desire