Provisioning with OIM

Similar Messages

• It's posible the OID role Provisioning With OIM?

  Hi experts,
  I'm installing and configuring the OIM connector for OID. However I've found on the installation guide the next 'warnings':
  - Reconciliation of roles is supported only for ODSEE and Novell eDirecotory target systems.
  - Provisioning of roles is supported only for ODSEE and Novell eDirecotory target systems.
  then my question is: how can I provision OID roles to any user using OIM??? If I can't do role provisioning to OID, I cant see so much utility for this connector.
  My request its to provisioning roles that I've created on OID, using OIM interface.
  Has anyone done this?
  Thanks for you time.
  regards.
  Edited by: Daniel Cermeño on Sep 10, 2012 4:39 PM

  Hi Leoncio and Gyanprakash,
  Tanks for your response, thats make me feel more quiet.
  I have still one question about this. In the installation and configuration guide says:
  - If you are using the default connector configuration, for every group in the target system, create a corresponding organizational unit (with the same group name) in Oracle Identity Manager. This ensures that all groups from the target system are reconciled into their newly created organizational units, respectively.
  - You can also configure the connector to reconcile the groups under one organization.
  Then, when I run the reconciliation of OID groups in OIM. I obtain one organization with one resource representing my OID group. Or, if I prefer, I obtaion one organization with many resource that represents all my OID groups. However, I dont find how to provision this resources to my OIM users, cause I need that one user be part of one o more groups. If I put the user in the organization that represent my OID group, how I can provision more groups?
  Furthermore, the reconciliations of OID groups creates resources/organizations, but in my understending this no create OIM roles isn't?
  I'm sorry for my ignorance. This maybe is a trivial question, but I hope you can clarify this concepts to me.
  Thanks for your time.
  regards.
  Edited by: Daniel Cermeño on Sep 11, 2012 8:08 AM

• Google Apps Provisioning with oim error

  Hi All,
  While I was doing the provisioning of Google apps by creating new user in oim I got this error:
  " java.lang.NoClassDefFoundError: com/google/gdata/client/appsforyourdomain/UserService "
  but have I copied the 4 jars into the ThirdParty dir.
  1.gdata-appsforyourdomain-1.0.jar
  2.gdata-core-1.0.jar
  3.gdata-client-1.0.jar
  4.google-collect-1.0-rc1.jar.
  Please suggest any solution regarding this error.
  -Ashish

  set in class path then try once, it will work.
  I think it is an OIM Bug. I did the below mentioned steps to resolve the issue:
  1.Remove all the jars (from database third party as well using “DeleteJar.sh”)
  2.Add all the four jars into the classpath and with the same window start Managed Server.
  Edited by: User 247 on Feb 9, 2012 10:29 PM

• Please help:  Simple AD Provisioning with OIM issue

  Hi everyone,
  Hopefully someone can lend a helping hand. I am trying to provision to AD, but I am getting the following error:
  16:21:50,937 INFO [STDOUT] Running Get Attribute Map
  16:21:51,500 INFO [STDOUT] Running Get Path
  16:21:51,546 INFO [STDOUT] Running Create User
  16:21:51,609 ERROR [ACTIVEDIRECTORYCONTROLLER] Problem creating object: javax.na
  ming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001C6, problem 2001 (NO_OBJECT), data 0, best match of:
          'DC=HappyGoLucky,DC=com'
  ]; remaining name 'cn=Jeff Chang'
  I have imported all XML files and copied the necessary jar files to the xellerate\javatasks and xellerate\ext folders. Additionally, I fully configured the IT Resource (AD Server) and successfully compiled the adapter via Adapter Manager. FWIW, I tested my IT Resource settings in Softerra LDAP Browser successfully. I am NOT using any type of approval workflow. The failure message occured after I created an Xellerate User and tried to provision a new AD resource. The IT Resorce is using dc=happygolucky,dc=com as the root context (which means it should provision to cn=users,dc=happygolucky,dc=com) and I am not using SSL.
  I am using JBoss 4.02, Windows Server 2003, and Oracle DB.
  Any help would be greatly appreciated.
  Thanks,
  Jeff Chang
  Message was edited by:
  user555460

  I don't think AD Server Cert to the Java keystore is required.
  Anyway, besides that - I can tell you 1 problem. remaining name 'cn=Jeff Chang' is the problem area. Your remaining name should be something like cn=Jeff Chang, ou=WhateverOu,DC=HappyGoLucky,DC=com .
  If you are able to add a user with the same credentials via LDAP Browser, this should work. I can even share a piece of code for doing the same:
  public String createUser(String cnvalue, String fname, String lname, String treevalue){
            String rtnval="EXECUTION_SUCCESS";
            String treenodevalue="ou=WhateverOu,DC=HappyGoLucky,DC=com";
            if(treevalue!="")
                 treenodevalue=treevalue;
            try {
                 BasicAttributes attrs      = new BasicAttributes();
                 BasicAttribute ocs           = new BasicAttribute("objectClass");
                                               ocs.add("top");
                                               ocs.add("person");
                                               ocs.add("rajnishbhatia19Class");
                 attrs.put(ocs);
                 attrs.put(new BasicAttribute("cn", cnvalue));
                 attrs.put(new BasicAttribute("sn", lname));
                 //attrs.put(new BasicAttribute("displayName", fname+" "+ lname)); // I named this custom attribute - your schema might not have it.
                 String fulldn="cn="+cnvalue+","+treenodevalue;
                 getContext().createSubcontext(fulldn, attrs);
            catch (Exception ex) {
                 rtnval="ERROR: "+ex.getMessage();
                 ex.printStackTrace();
                 return rtnval;
  I am also using this code on JBoss 4.02, Windows Server 2003, and Oracle DB environment. I have used this code to create user in Sun One DS & ADAM. I'm sure it should be consistent for AD as well.
  Hope this helps.

• [OIM] Error in Direct Provisioning (with auto save form) - GTC DB App Table

  Hi,
  I am getting an error when setting up direct provision of a GTC DB App Conn using OIM access policy (and group membership) or through manual provisioning with prepopulate and auto save form.
  Manual provisioning with prepopulate ONLY (not with auto save form) WORKS!!!
  Some information about my OIM config:
  - Prepopulate adapters are set up on both forms (parent and child)
  - "Auto prepopulate" and "Auto save form" are set up at Process Definition
  - For direct provisioning, I have created an access policy with an associated group which has a membership rule
  What it is working:
  - Provisioning manually, using prepopulate adapters only, not auto save form. Both tables are updated properly
  - All *3 tasks are called and finished with status=Completed*: "System Validation", "Create User" and "Child Table UD_<connector child table name>_US row Inserted"
  Testing direct provisioning:
  - I have tested adding the resource manually with prepopulate and autosave form configured, and also through access policy/group membership. The error is the same on both tests
  - The resource is displayed as provisioned and it is created an entry in the parent table of the resource, but not on child table
  - I also observed that only: "System Validation" and "Create User" tasks were executed (status=Completed). But it is missing the task "Child Table UD_<connector child table name>_US row Inserted"
  - The error log info displays only an error regarding to UGP table (Groups info) but I am not sure if that is the cause of entry creation on child table.
  It seems the SQL stmt tries to get ugp_name (group name) using ugp_key but that has null value.
  "SELECT ugp_name FROM ugp WHERE ugp_key=java.sql.SQLSyntaxErrorException: ORA-00936: missing expression"
  Note: When testing manually (without auto save form), I got "SELECT ugp_name FROM ugp WHERE ugp_key=1" which it is the same SQL stmt but the value is provided.
  My guess:
  - It seems that error is aborting the whole execution process so "Child Table UD_<connector child table name>_US row Inserted" task does not run, even though previous tasks are finished with the status=Completed. Consequently, the entry is not created on child table.
  Please, any guess or help would be very helpful. In case nothing works, I guess I will have to create and customize a "Update child Form" task as an workaround which would be called after "Create User" task.
  Regards,
  Hugo
  My environment:
  - Windows 2003, WebLogic 10.3.0.0, OIM 9.1.0.2 BL4, Oracle 10g, Java 1.6, DB App Table Connector 9.1.0.2 (from October 2009)
  - Target Resource: Parent and Child Table (Oracle 10g - the same OIM DB)

  An update:
  I solved that error about "ORA-00936: missing expression" applying OIM 9.1.0.2 BP05. That was not impacting my issue regarding direct provisioning with auto save form and child form.
  So please if anyone can confirm:
  - Can I set up prepopulate adapters on child forms AND also use "auto save form" on GTC DB App Table connector?
  If not, any suggestion?
  Regards
  Hugo

• OIM 11gR2 provisioning with GTC

  Hello,
  We are curently implementing Oracle Identity Manager 11gR2, and we are having difficulties with the implementation of the provisioning from OIM to the Target Systems exposed through a webservice on Oracle Service Bus.
  We are using the Generic Technology Connectors as a basis of working. And initially we have created a GTC with only reconciliation Transport & Format Providers:
  Connector Name TargetSystem1
  Transport Provider (Provisioning):
  Format Provider (Provisioning):
  Transport Provider (Reconciliation): Database Application Tables Reconciliation
  Format Provider (Reconciliation): Database Application Tables Reconciliation
  We have configured the Process Definition of TargetSystem1 with all the operations (Create User, Update User, Enable User, Disable User, Delete User, etc.) connected with custom Java implementations, that are working just fine is we trigger them form Eclipse. The “Create User” task has only “Required for Completion”, “Allow Cancelation while Pending” and “Allow multiple instances” check boxes set to CHECKED; it also has all the fields in Integration TAB mapped, Responses mapped, but when we create a User in OIM and provision it with an account on the TargetSystem1_GTC Application Instance, the provisioning process in not accessing the “Create User” task to make the provisioning in the target system. The user that we are trying to provision has the account Status set to “Provisioning” and the Account Type set to “Unknown”. We have also checked the logs of OSB, but there is no activity there, because no request from OIM is being received.
  After we investigated more closely the Oracle documentation for the Generic Technology Connectors we discovered that if we do not select Transport & Format Providers during the GTC creation, then the corresponding steps are not performed and they are not initialized, thus the provisioning cannot be done. The documentation also states that if we need to create custom providers in order to make the Provisioning with the GTC, but unfortunately we have no knowledge or any examples on how to do such custom providers for the provisioning of Users from OIM on the target systems via the Oracle Service Bus.
  We have installed a second GTC with both provisioning and reconciliation Transport & Format Providers:
  Connector Name: TargetSystem2
  Transport Provider (Provisioning): Web Services
  Format Provider (Provisioning): SPML
  Transport Provider (Reconciliation): Database Application Tables Reconciliation
  Format Provider (Reconciliation): Database Application Tables Reconciliation
  The Web Services and SPML options were the only options that we could select from the out of the box connectors that are installed, and we did not find any other connectors in the download section of Oracle for this product, that can accommodate such communication. So, we configured the provisioning accordingly, and modified the “Create User” task from the TargetSystem2_GTC Process Definition, in order to use our custom adaptor instead of the adpTargetSystem2_GTC adapter that was preset when the TargetSystem2_GTC is created. But this does not help us, because the provisioning is not done, and the “Create User” task is not used. The user that we are trying to provision has the account Status set to “Provisioning” and the Account Type set to “Unknown”.
  Next we tried to see if the GTC can be used to communicate directly with the OSB, using the Web Services Transport Provider and SPML Format Provider, and we did not make any modifications to the after the normal installation of the TargetSystem2 GTC. In this case the we can see that the OSB is being accessed by OIM, but unfortunately this case does not help us also, because the operations implemented on the OSB webservice have a different structure then the one SPML expects as default:
  Caused by: com.thortech.xl.gc.exception.XSDValidationException: The SOAP response does not contain a valid SPML response type. Should be one of these -->addResponse modifyResponse deleteResponse resumeResponse suspendResponse setPasswordResponse
  Do you have any suggestion on how to make the provisioning process work?
  Edited by: user1717356 on 22.10.2012 03:22

  Hi,
  I think you need to put this check only for few attributes?
  If Yes, then lets suppose you want to have a check for Country Field in Database which once modified by target Admin, then OIM should know.
  1) Create one dummy field CountryDummy (Hidden) in OIM TargetProcess form and dont map it to any target attributes. This dummy field will only store values populated from OIM user profile to -> DB Connector Process Form.
  2) On success of "Reconcilation Update Recievced", Put a custom process task which does a comparison with "CountryDummy" & "Country" and inform Admin using email notifications that this mismatch has been found.
  HTH,
  ~J

• Errors in OIM Provisioning with SunJavaSystemDirectoryServer -- Please help

  Hi,
  I am new to Oracle Identity Manager Technology. I am stuck up with this issue for more then 3 days.
  I installed the OIM version 9.1.0.1 successfully with the below configuration
  Application Server : JBoss
  DB :MS SQL Server
  DS : Sun Directory Server 5.2
  Sun Java Directory Server Connector : SJSDS_90440
  I followed the "Connector Guide for Sun Java System Directory Release 9.0.4 E10446-07" for configuring the connector. I did the necessary changes in Sun DS and installed the connector successfully.
  Now, When I try to do the provisioning from OIM to Sun DS, I am getting the below exception in console:
  11:03:05,416 INFO [PropertyMessageResources] Initializing, config='org.apache.struts.taglib.html.LocalStrings', returnNull=true
  11:04:03,146 INFO [STDOUT] Running Get Target Attribute Mapping
  11:04:03,177 INFO [STDOUT] Running IPNT Get Lookup Values
  11:04:03,208 INFO [STDOUT] Running Get Process Data
  11:04:03,364 INFO [STDOUT] Running USEXLORGSTRUCTURE
  11:04:03,364 INFO [STDOUT] Target Class = java.lang.String
  11:04:03,364 INFO [STDOUT] Running ISSSL
  11:04:03,364 INFO [STDOUT] Target Class = java.lang.String
  11:04:03,364 INFO [STDOUT] Running GETPATH
  11:04:03,364 INFO [STDOUT] Target Class = com.thortech.xl.util.adapters.tcUtilLDAPOrganizationHierarchy
  11:04:03,364 INFO [STDOUT] Running CREATEUSER
  11:04:03,364 INFO [STDOUT] Target Class = com.thortech.xl.integration.iplanet.tcUtilIPlanetUserOperations
  11:04:03,490 ERROR [SJSDS] ====================================================
  11:04:03,490 ERROR [SJSDS] com.thortech.xl.integration.iplanet.util.tcUtilLDAPOperations : connectToLDAP() : : Unable to create Initial LDAP Context[LDAP: error code 34 - Invalid DN]
  11:04:03,490 ERROR [SJSDS] ====================================================
  11:04:03,490 ERROR [STDERR] javax.naming.InvalidNameException: [LDAP: error code 34 - Invalid DN]
  11:04:03,490 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2946)
  11:04:03,490 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2753)
  11:04:03,490 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2667)
  11:04:03,490 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:287)
  11:04:03,490 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
  11:04:03,490 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
  11:04:03,490 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
  11:04:03,490 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
  11:04:03,490 ERROR [STDERR] at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
  11:04:03,490 ERROR [STDERR] at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
  11:04:03,490 ERROR [STDERR] at javax.naming.InitialContext.init(InitialContext.java:223)
  11:04:03,490 ERROR [STDERR] at javax.naming.InitialContext.<init>(InitialContext.java:197)
  11:04:03,490 ERROR [STDERR] at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.integration.iplanet.util.tcUtilLDAPOperations.connectToLDAP(Unknown Source)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.integration.iplanet.tcUtilIPlanetUserOperations.createUser(Unknown Source)
  11:04:03,490 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  11:04:03,490 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  11:04:03,490 ERROR [STDERR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  11:04:03,490 ERROR [STDERR] at java.lang.reflect.Method.invoke(Method.java:597)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpIPLANETCREATEUSER.CREATEUSER(adpIPLANETCREATEUSER.java:431)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpIPLANETCREATEUSER.implementation(adpIPLANETCREATEUSER.java:124)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(Unknown Source)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(Unknown Source)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.ejb.beansimpl.tcProvisioningOperationsBean.retryTasks(Unknown Source)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.ejb.beans.tcProvisioningOperationsSession.retryTasks(Unknown Source)
  11:04:03,490 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  11:04:03,490 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  11:04:03,490 ERROR [STDERR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  11:04:03,490 ERROR [STDERR] at java.lang.reflect.Method.invoke(Method.java:597)
  11:04:03,490 ERROR [STDERR] at org.jboss.invocation.Invocation.performCall(Invocation.java:359)
  11:04:03,490 ERROR [STDERR] at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionContainer.java:237)
  11:04:03,490 ERROR [STDERR] at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:158)
  11:04:03,490 ERROR [STDERR] at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstanceInterceptor.java:169)
  11:04:03,490 ERROR [STDERR] at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:63)
  11:04:03,490 ERROR [STDERR] at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:121)
  11:04:03,490 ERROR [STDERR] at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:350)
  11:04:03,490 ERROR [STDERR] at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:181)
  11:04:03,490 ERROR [STDERR] at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:168)
  11:04:03,490 ERROR [STDERR] at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
  11:04:03,490 ERROR [STDERR] at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:138)
  11:04:03,490 ERROR [STDERR] at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:648)
  11:04:03,490 ERROR [STDERR] at org.jboss.ejb.Container.invoke(Container.java:960)
  11:04:03,490 ERROR [STDERR] at sun.reflect.GeneratedMethodAccessor134.invoke(Unknown Source)
  11:04:03,490 ERROR [STDERR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  11:04:03,490 ERROR [STDERR] at java.lang.reflect.Method.invoke(Method.java:597)
  11:04:03,490 ERROR [STDERR] at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
  11:04:03,490 ERROR [STDERR] at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
  11:04:03,490 ERROR [STDERR] at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
  11:04:03,490 ERROR [STDERR] at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
  11:04:03,490 ERROR [STDERR] at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
  11:04:03,490 ERROR [STDERR] at org.jboss.invocation.local.LocalInvoker$MBeanServerAction.invoke(LocalInvoker.java:169)
  11:04:03,490 ERROR [STDERR] at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:118)
  11:04:03,490 ERROR [STDERR] at org.jboss.invocation.InvokerInterceptor.invokeLocal(InvokerInterceptor.java:209)
  11:04:03,490 ERROR [STDERR] at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:195)
  11:04:03,490 ERROR [STDERR] at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:61)
  11:04:03,490 ERROR [STDERR] at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:70)
  11:04:03,490 ERROR [STDERR] at org.jboss.proxy.ejb.StatelessSessionInterceptor.invoke(StatelessSessionInterceptor.java:112)
  11:04:03,490 ERROR [STDERR] at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:100)
  11:04:03,490 ERROR [STDERR] at $Proxy332.retryTasks(Unknown Source)
  11:04:03,490 ERROR [STDERR] at Thor.API.Operations.tcProvisioningOperationsClient.retryTasks(Unknown Source)
  11:04:03,490 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  11:04:03,490 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  11:04:03,490 ERROR [STDERR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  11:04:03,490 ERROR [STDERR] at java.lang.reflect.Method.invoke(Method.java:597)
  11:04:03,490 ERROR [STDERR] at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
  11:04:03,490 ERROR [STDERR] at Thor.API.Security.LoginHandler.jbossLoginSession.runAs(Unknown Source)
  11:04:03,490 ERROR [STDERR] at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
  11:04:03,490 ERROR [STDERR] at $Proxy790.retryTasks(Unknown Source)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.webclient.actions.ResourceProfileProvisioningTasksAction.retryTasks(Unknown Source)
  11:04:03,490 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  11:04:03,490 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  11:04:03,490 ERROR [STDERR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  11:04:03,490 ERROR [STDERR] at java.lang.reflect.Method.invoke(Method.java:597)
  11:04:03,490 ERROR [STDERR] at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:280)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(Unknown Source)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.webclient.actions.tcActionBase.execute(Unknown Source)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.webclient.actions.tcAction.execute(Unknown Source)
  11:04:03,490 ERROR [STDERR] at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
  11:04:03,490 ERROR [STDERR] at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
  11:04:03,490 ERROR [STDERR] at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
  11:04:03,490 ERROR [STDERR] at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
  11:04:03,490 ERROR [STDERR] at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
  11:04:03,490 ERROR [STDERR] at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
  11:04:03,490 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
  11:04:03,490 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  11:04:03,490 ERROR [STDERR] at com.thortech.xl.webclient.security.SecurityFilter.doFilter(Unknown Source)
  11:04:03,490 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
  11:04:03,490 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  11:04:03,490 ERROR [STDERR] at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
  11:04:03,490 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
  11:04:03,490 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  11:04:03,490 ERROR [STDERR] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
  11:04:03,490 ERROR [STDERR] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
  11:04:03,490 ERROR [STDERR] at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182)
  11:04:03,490 ERROR [STDERR] at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
  11:04:03,490 ERROR [STDERR] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
  11:04:03,490 ERROR [STDERR] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
  11:04:03,490 ERROR [STDERR] at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
  11:04:03,490 ERROR [STDERR] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
  11:04:03,490 ERROR [STDERR] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
  11:04:03,490 ERROR [STDERR] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
  11:04:03,490 ERROR [STDERR] at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
  11:04:03,490 ERROR [STDERR] at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
  11:04:03,490 ERROR [STDERR] at java.lang.Thread.run(Thread.java:619)
  11:04:03,568 ERROR [SJSDS] ====================================================
  11:04:03,568 ERROR [SJSDS] com.thortech.xl.integration.iplanet.util.tcUtilLDAPOperations : connectToLDAP() : : Unable to create Initial LDAP Context[LDAP: error code 34 - Invalid DN]
  11:04:03,568 ERROR [SJSDS] ====================================================
  11:04:03,568 ERROR [STDERR] javax.naming.InvalidNameException: [LDAP: error code 34 - Invalid DN]
  11:04:03,568 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2946)
  11:04:03,568 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2753)
  11:04:03,568 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2667)
  11:04:03,568 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:287)
  11:04:03,568 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
  11:04:03,568 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
  11:04:03,568 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
  11:04:03,568 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
  11:04:03,568 ERROR [STDERR] at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
  11:04:03,568 ERROR [STDERR] at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
  11:04:03,568 ERROR [STDERR] at javax.naming.InitialContext.init(InitialContext.java:223)
  11:04:03,568 ERROR [STDERR] at javax.naming.InitialContext.<init>(InitialContext.java:197)
  11:04:03,568 ERROR [STDERR] at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.integration.iplanet.util.tcUtilLDAPOperations.connectToLDAP(Unknown Source)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.integration.iplanet.util.tcUtilLDAPOperations.search(Unknown Source)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.integration.iplanet.tcUtilIPlanetUserOperations.isObjectExists(Unknown Source)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.integration.iplanet.tcUtilIPlanetUserOperations.createUser(Unknown Source)
  11:04:03,568 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  11:04:03,568 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  11:04:03,568 ERROR [STDERR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  11:04:03,568 ERROR [STDERR] at java.lang.reflect.Method.invoke(Method.java:597)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpIPLANETCREATEUSER.CREATEUSER(adpIPLANETCREATEUSER.java:431)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpIPLANETCREATEUSER.implementation(adpIPLANETCREATEUSER.java:124)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(Unknown Source)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(Unknown Source)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.ejb.beansimpl.tcProvisioningOperationsBean.retryTasks(Unknown Source)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.ejb.beans.tcProvisioningOperationsSession.retryTasks(Unknown Source)
  11:04:03,568 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  11:04:03,568 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  11:04:03,568 ERROR [STDERR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  11:04:03,568 ERROR [STDERR] at java.lang.reflect.Method.invoke(Method.java:597)
  11:04:03,568 ERROR [STDERR] at org.jboss.invocation.Invocation.performCall(Invocation.java:359)
  11:04:03,568 ERROR [STDERR] at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionContainer.java:237)
  11:04:03,568 ERROR [STDERR] at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:158)
  11:04:03,568 ERROR [STDERR] at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstanceInterceptor.java:169)
  11:04:03,568 ERROR [STDERR] at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:63)
  11:04:03,568 ERROR [STDERR] at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:121)
  11:04:03,568 ERROR [STDERR] at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:350)
  11:04:03,568 ERROR [STDERR] at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:181)
  11:04:03,568 ERROR [STDERR] at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:168)
  11:04:03,568 ERROR [STDERR] at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
  11:04:03,568 ERROR [STDERR] at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:138)
  11:04:03,568 ERROR [STDERR] at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:648)
  11:04:03,568 ERROR [STDERR] at org.jboss.ejb.Container.invoke(Container.java:960)
  11:04:03,568 ERROR [STDERR] at sun.reflect.GeneratedMethodAccessor134.invoke(Unknown Source)
  11:04:03,568 ERROR [STDERR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  11:04:03,568 ERROR [STDERR] at java.lang.reflect.Method.invoke(Method.java:597)
  11:04:03,568 ERROR [STDERR] at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
  11:04:03,568 ERROR [STDERR] at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
  11:04:03,568 ERROR [STDERR] at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
  11:04:03,568 ERROR [STDERR] at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
  11:04:03,568 ERROR [STDERR] at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
  11:04:03,568 ERROR [STDERR] at org.jboss.invocation.local.LocalInvoker$MBeanServerAction.invoke(LocalInvoker.java:169)
  11:04:03,568 ERROR [STDERR] at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:118)
  11:04:03,568 ERROR [STDERR] at org.jboss.invocation.InvokerInterceptor.invokeLocal(InvokerInterceptor.java:209)
  11:04:03,568 ERROR [STDERR] at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:195)
  11:04:03,568 ERROR [STDERR] at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:61)
  11:04:03,568 ERROR [STDERR] at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:70)
  11:04:03,568 ERROR [STDERR] at org.jboss.proxy.ejb.StatelessSessionInterceptor.invoke(StatelessSessionInterceptor.java:112)
  11:04:03,568 ERROR [STDERR] at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:100)
  11:04:03,568 ERROR [STDERR] at $Proxy332.retryTasks(Unknown Source)
  11:04:03,568 ERROR [STDERR] at Thor.API.Operations.tcProvisioningOperationsClient.retryTasks(Unknown Source)
  11:04:03,568 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  11:04:03,568 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  11:04:03,568 ERROR [STDERR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  11:04:03,568 ERROR [STDERR] at java.lang.reflect.Method.invoke(Method.java:597)
  11:04:03,568 ERROR [STDERR] at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
  11:04:03,568 ERROR [STDERR] at Thor.API.Security.LoginHandler.jbossLoginSession.runAs(Unknown Source)
  11:04:03,568 ERROR [STDERR] at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
  11:04:03,568 ERROR [STDERR] at $Proxy790.retryTasks(Unknown Source)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.webclient.actions.ResourceProfileProvisioningTasksAction.retryTasks(Unknown Source)
  11:04:03,568 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  11:04:03,568 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  11:04:03,568 ERROR [STDERR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  11:04:03,568 ERROR [STDERR] at java.lang.reflect.Method.invoke(Method.java:597)
  11:04:03,568 ERROR [STDERR] at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:280)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(Unknown Source)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.webclient.actions.tcActionBase.execute(Unknown Source)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.webclient.actions.tcAction.execute(Unknown Source)
  11:04:03,568 ERROR [STDERR] at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
  11:04:03,568 ERROR [STDERR] at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
  11:04:03,568 ERROR [STDERR] at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
  11:04:03,568 ERROR [STDERR] at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
  11:04:03,568 ERROR [STDERR] at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
  11:04:03,568 ERROR [STDERR] at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
  11:04:03,568 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
  11:04:03,568 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  11:04:03,568 ERROR [STDERR] at com.thortech.xl.webclient.security.SecurityFilter.doFilter(Unknown Source)
  11:04:03,568 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
  11:04:03,568 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  11:04:03,568 ERROR [STDERR] at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
  11:04:03,568 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
  11:04:03,568 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  11:04:03,568 ERROR [STDERR] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
  11:04:03,568 ERROR [STDERR] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
  11:04:03,568 ERROR [STDERR] at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182)
  11:04:03,568 ERROR [STDERR] at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
  11:04:03,568 ERROR [STDERR] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
  11:04:03,568 ERROR [STDERR] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
  11:04:03,568 ERROR [STDERR] at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
  11:04:03,568 ERROR [STDERR] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
  11:04:03,568 ERROR [STDERR] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
  11:04:03,568 ERROR [STDERR] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
  11:04:03,568 ERROR [STDERR] at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
  11:04:03,568 ERROR [STDERR] at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
  11:04:03,568 ERROR [STDERR] at java.lang.Thread.run(Thread.java:619)
  11:04:03,615 ERROR [SJSDS] ====================================================
  11:04:03,615 ERROR [SJSDS] com.thortech.xl.integration.iplanet.util.tcUtilLDAPOperations : connectToLDAP() : : Exception : Unable to search LDAPnull
  11:04:03,615 ERROR [SJSDS] ====================================================
  11:04:03,615 ERROR [SJSDS] ====================================================
  11:04:03,615 ERROR [SJSDS] com.thortech.xl.integration.iplanet.tcUtilIPlanetUserOperations : isObjectExists() : Generic Exception: com.thortech.xl.integration.iplanet.util.tcUtilLDAPOperations: Exception : Unable to search LDAP [null]
  11:04:03,615 ERROR [SJSDS] ====================================================
  11:04:03,615 ERROR [SJSDS] ====================================================
  11:04:03,615 ERROR [SJSDS] com.thortech.xl.integration.iplanet.tcUtilIPlanetUserOperations : createUser() : Generic Exception: com.thortech.xl.integration.iplanet.tcUtilIPlanetUserOperationscom.thortech.xl.integration.iplanet.util.tcUtilLDAPOperations: Exception : Unable to search LDAP [null]
  11:04:03,615 ERROR [SJSDS] ====================================================
  11:04:03,615 ERROR [SJSDS] ====================================================
  11:04:03,615 ERROR [SJSDS] com.thortech.xl.integration.iplanet.util.tcUtilLDAPOperations : disconnectFromLDAP() : : Unable to close LDAP Context. The context was probably not created, since it is null
  11:04:03,615 ERROR [SJSDS] ====================================================
  11:04:03,615 ERROR [SJSDS] ====================================================
  11:04:03,615 ERROR [SJSDS] com.thortech.xl.integration.iplanet.tcUtilIPlanetUserOperations : createUser() : CommunicationException: Error while connecting to target. com.thortech.xl.integration.iplanet.util.tcUtilLDAPOperations: Unable to close LDAP Context. The context was probably not created, since it is null
  11:04:03,615 ERROR [SJSDS] ====================================================
  I am running out of time, so please reply me as soon as possible.
  Thanks in advance.
  Regards,
  ~Senthil Nathan

  Hi Suren,
  Thanks for your quick reply.I checked the connection parameters and everything looks fine.
  Here is my IT Resource Details
  IT Resource Name : iPlanet User
  IT Resource Type : LDAP Server
  Remote Manager
  Parameter Value
  Trusted Source Reconciliation Time Stamp : 0
  Target Resource Reconciliation Time Stamp :0
  SSL:false
  Server Address: 10.239.63.164
  Port:11580
  Root DN :cn=OIM User,ou=administrators,ou=topologymanagement,o=netscaperoot
  Admin Id:OIMUser
  Admin Password:******
  Prov Attribute Lookup Code : AttrName.Prov.Map.iPlanet
  Use XL Org Structure:true
  Recon Attribute Lookup Code:AttrName.Recon.Map.iPlanet
  Prov Role Attribute Lookup Code:AttrMap.iPlanetRole
  Prov Group Attribute Lookup Code:AtMap.iPlanetGroup
  Group Reconciliation Time Stamp:0
  Role Reconciliation Time Stamp:0
  Regards,
  ~Senthil Nathan

• OIM - Users provisioned with different resource form versions

  Hi !!
  we are having some problems with different resource form versions and maybe you can help us.
  We have two different versions of one resource form. One of them has 2 extra fields.
  Some users were provisioned with that resource with the previous form version (no extra fields) and some with the new one (extra fields).
  The problem is that now, if we try to edit that resource for the users with the old version, we are not able to edit or even see the information for those extra fields.
  It seems that they have been associated with the old version and we need to change it in order to make them use the new one. Is that possible? How can we fix that?
  Thanks in advance.

  Alternatively you can manually update the form version in the OIM database.
  If it is a small number of forms it might be easier to do that then to bother with fvc.
  Best regards
  /Martin

• Issues with offline provisioning in OIM 11G

  We are facing an issue with OIM 11G where we are trying to provision few resources via offline provisioning. Ths issue is that when I do a provisioning/disable/enable on the resource the status of the resource says something like "provisioning in queue/Disable in queue/Enable in queue". This is not happenning all the time but seems to be consistent when I repeatedly disable/enable the resource. Once the status of hte resource remains "in queue" it is never changed back to the actual status which says provisioned/disabled/enabled. Can anyone provide me an insight of what is happenning here and how the offline events are processed within OIM? Is there any way to get the status of the resource back to normal? Please let me know.
  Thanks!

  Check
  http://docs.oracle.com/cd/E14899_01/doc.9102/e14761/offline_prov.htm
  Configuring the Remove Failed Off-line Messages Scheduled Task
  Configure the Remove Failed Off-line Messages scheduled task to schedule deletion of failed requests from the OPS table. While configuring this scheduled task, set a value for the Remove Failed Messages Older Than (days) attribute.
  Regards
  Shashank

• Error configuring Microsoft SQLSERVER 2005 with OIM 9.1.0.1

  Hi All,
  I was trying to Configure Microsoft SQLSERVER 2005 as a IT Resource with OIM 9.1.0.1. However after completing all the configuration,
  When I tried assigning the configured SQLSERVER IT Resource to a User, following error is thrown:
  Response: wrong number of arguments
  Response Description: Unknown response received
  Notes:
  *Assigned to User:  System Administrator[XELSYSADM]*
  Error Details
  Setting task status... "wrong number of arguments" does not correspond to a known Response Code. Using "UNKNOWN".
  If anyone has encountered this error before, then please help.
  Thanks
  Sunny
  Edited by: ajmerasunny on May 14, 2009 5:57 PM

  Are you using the Database User Management connector and trying to provision accounts to a MS SQL Server? Can you also post the logs from the error.
  -Kevin

• SOAP API integration problem with OIM 11g R1

  Hi,
  We're facing a problem when we are attempting to provision for a third party Web Service application in OIM 11g R1.
  During development and test running in an IDE environment, JDeveloper, the soap wsdl requests are triggered and a response is received successfully. However, when we shift the work and integrate it with OIM using design console, there seems to be an error indicating an invalid wsdl location. We have used the super class Exception, in try-catch block for handling of the exceptions. Please see the log message.
  Xl Home Dir :/oracle/Middleware/Oracle_IDM1/server
  Running CREATEUSERTASK
  Target Class = org.identityconnectors.Provisioning.QuickShareUserProvisioning
  URL : XXXXX
  User ID : XXXX
  Password : XXXX
  ERROR: Invalid wsdl location robi/XXXX_saved_wsdl.wsdl
  When we simply run the jar file from the command line, it gives us, java.lang.NoClassDefFoundError: javax/xml/rpc/Service
  [oracle@idmlab JavaTasks]$ java -jar archive1.jar
  URL : XXXXX
  User ID : XXXX
  Password : XXXX
  Exception in thread "main" java.lang.NoClassDefFoundError: javax/xml/rpc/Service
  at java.lang.ClassLoader.defineClass1(Native Method)
  at java.lang.ClassLoader.defineClassCond(ClassLoader.java:631)
  at java.lang.ClassLoader.defineClass(ClassLoader.java:615)
  at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:141)
  at java.net.URLClassLoader.defineClass(URLClassLoader.java:283)
  at java.net.URLClassLoader.access$000(URLClassLoader.java:58)
  at java.net.URLClassLoader$1.run(URLClassLoader.java:197)
  at java.security.AccessController.doPrivileged(Native Method)
  at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
  at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
  at org.identityconnectors.Provisioning.QuickShareUserProvisioning.createUser(QuickShareUserProvisioning.java:41)
  at org.identityconnectors.Provisioning.QuickShareUserProvisioning.main(QuickShareUserProvisioning.java:215)
  Caused by: java.lang.ClassNotFoundException: javax.xml.rpc.Service
  at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
  at java.security.AccessController.doPrivileged(Native Method)
  at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
  at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
  ... 14 more
  Any help or suggestion, appreciated!
  Thanks
  Tamim Khan

  Hi Kevin,
  Thanks a lot for the response. But, when i deployed the composite SAR in to the server from Jdeveloper, i checked the option to "Overwrite any existing composite with same revision ID". SO, i used the same revision ID (Say 1.0), will this also need to be disabled?
  Thanks,
  Srini

• AD Password Sync connector 9.1.1 With OIM 11g R2 - ERROR OVER SSL

  I have set up AD password sync with from AD to OIM 11G R2
  The password syncs from AD to OIM 11G R2 on non ssl port 389.
  But if fails on SSL Port 636.
  Errors in OIMMain.Log:_
  Debug [10/11/2012 10:49:34 AM] Inside ConnectToADSI
  Debug [10/11/2012 10:49:34 AM]
  ldap_connect failed with
  Debug [10/11/2012 10:49:34 AM] Server Down
  Debug [10/11/2012 10:49:34 AM]
  Steps Carried Out thus far:_
  AD is up and running.
  Configured AD Password Sync Connector on 636 and selected ssl.
  Created Certificate on OIM host, configured custom identity key store on weblogic. Restarted Weblogic.
  Imported Certificate to AD. After this, restarted the AD
  I can Telnet port 636 from OIM Box and also connect to AD through LDAP Browser on 636 and view OU and CN, so this seems fine.
  Provisioning from OIM through Connector Server to AD works over SSL and this works fine.
  Help would be appreciated.
  Many Thanks

  This question is now been fixed.
  Instead of explicitly stating 636 for SSL,
  Use the same port 389 for ssl and also configured oim port to be 140001 which is the ssl port for oim in the configuration of OIM Password Sync.
  Export Certificates from AD to java security keystore and to weblogic keystore
  Export .pem certificate created on OIM host machine to AD.
  Restart weblogic, oim and AD
  Everything would work fine.
  For all the other information, refer to doc.
  Thanks

• Target Recon does not link accounts with OIM user

  Hi all,
  We have developed a custom connector (provisioning and reconciliation connector) to integrate a custom LDAP server.
  It is not a trusted source, so, we are performing a target reconciliation.
  We have OIM populated with all the users (by a bulk load from a HR resource). Then, when we integrate the LDAP server resource, in the first time reconciliation, we expect that OIM will link LDAP accounts with OIM users, using OIM User ID and LDAP uid attribute for matching.
  Our reconciliation connector creates reconciliation events ok, but we always get "not match found" as reconciliation event status.
  In the Process Definition we have configured "User ID" as key field, mathed with "User ID" Field of the Resource Object, and uid LDAP attribute.
  We have defined all the reconciliation fields in the Resource Objetc.
  Why OIM is not matching resource account with OIM users, creating a resource (provisioned resource) for each OIM user?
  It seems that OIM is trying to match reconciliation events against already provisioned resources for users, and not against OIM users.
  Any ideas?

  Hi,
  After running bulk loading from the HR resource, all your target Users will get created at OIM. Now if you try to run Target Resource Reconciliation against that LDAP targetfor these records, the first thing OIM will do is to execute the reconciliation rule. After successful matching of this rule OIM will see for Process matching. So try this out after defining a reconciliation rule for your Resource Object with the following rule element values.
  User Profile Data - User Login
  Operator - Equals
  Attribute - uid LDAP attribute *(Primary Field at the target Or the filed against which you want the matching at OIM)*
  Transform - None
  Object should be Your RO + Rule should be Valid and Active
  After this matching you need to have the Reconciliation Action rules in place as well. Check that the following two rules exist:
  Go to Resource Object -> Object Reconciliation -> Reconciliation Action Rules
  1) One Entity match Found - Establish link \\\\\ *(must for your case)* \\\\\
  2) One Process Match Found - Establish link
  If not create the rules and Try then.
  Regards
  Edited by: rajsunny on Jan 27, 2009 4:20 AM

• Documentation(how to) for provisioning AD --OIM-- DB

  Hello all,
  Where i can find some "how to" about provisioning AD<--OIM-->DB? I need to install this resource , but i don't know how ? I didn't find (more difficult to me) a kind of "how to" about OIM-->DB provisioning.
  Thanks a lot.

  I was told that there is going to be (or potentially just has been) an OIM 9.1 training in Munich this spring.
  The core problem is that it is simply not possible to train someone on something as complex as OIM in just a few days so the basic bootcamp training has to focus on the basic principles and shield the user from all the evil details. The issue with this approach is that when the user gets back to the implementation project they are now seen as experts that should be able to resolve anything as they have attended the training.
  Find reconciliation in the fact that you now have a very marketable skill :)
  If OIM implementation was easy you would have to find a new job

• Error in Provioning Exchange2007 with oim 11g

  Hi All ,
  I installed a new Remote manager in the same server where Exchange is installed. Then I configured Exchange connector and IT resource with oim11g.
  While I was trying to provision a newly created user with Exchange2007 after provisioning with Active Directory.
  I got an error like this :
  Running CHECKPROCESSORDEREDFORUSER
  Target Class = com.thortech.xl.util.adapters.tcUtilXellerateOperations
  Running GETVALUE
  Target Class = com.thortech.xl.integration.Exchange.tcExchangeTasks
  Running GETSTRINGLENGTH
  Target Class = com.thortech.xl.util.adapters.tcUtilStringOperations
  Running Check Madatory
  Running Check If Email Alias Characters Are Invalid
  Running GETSERVICENAME
  Target Class = java.lang.String
  Running GETURL
  Target Class = java.lang.String
  Running GETSCRIPTPATH
  Target Class = java.lang.String
  Running GETREPORTLOGPATH
  Target Class = java.lang.String
  Running CheckRemoteManagerConnection
  <Jan 20, 2012 8:56:15 PM IST> <Error> <XELLERATE.REMOTEMANAGER> <BEA-000000> <Class/Method: RemoteManagerSupport/getRemoteManager encounter some problems: RManager1
  java.rmi.NotBoundException: RManager1
  at sun.rmi.registry.RegistryImpl.lookup(RegistryImpl.java:114)
  where RManager1 is the Remote manager service name.
  Any solutions please.
  -Ashish

  Make sure that the Remote Manager Service name is the same in the following two locations
  1. In OIM Design Console, under IT Resource of Type "Remote Manager" you specify the service name. I believe this must be set to RManager1.
  2. Now on the host where you have deployed Exchange Remote Manager, check the xlconfig.xml file and ensure that the service name specified there is also RManager1
  Restart the Remote Manager.
  Before trying to provision the mailbox, check the status of the Remote Manager from the Design Console -> Administration -> Remote Manager form.