Pull User Role from identity manager in BPM process

Hi,
How can I pull user name, user role from different identity manager in order to configure hierarchy workflow in BPM process? can any one guide me on that??
Regards,
Amik

I'm having the same problem on WebLogic 10.3

Similar Messages

  • Block users in Oracle Identity Manager 9.1.0.2

    Hi,
    I have a status query (User Locked) user in Oracle Identity Manager 9.1.0.2.
    The option to block users, seen in the web administration console of Oracle Identity Manager appears in a disabled state. As I can enable this functionality in Oracle Identity Manager 9 ..?
    Thanks for the support

    Didn't get your question exactly.
    Whenever someone tries to login with wrong password then he gets Locked into OIM. You'll have to go to Admin Console and Unlock it. You can also do this from DB as well.
    To lock user from Admin console, you'll have to create a custom button and extend the same action class to Lock that user into OIM.
    Workaround
    Create a UDF called LOCK.
    Create a trigger on this UDF i.e. whenever LOCK value changes to TRUE then lock the user using DB query or API (UPDATEUSER -- Users.Lock User)

  • Problem while loading security information (users/roles) from repository

    Iview have stopped connecting to our MDM, All repositories, all IViews Very strange
    Here is what I see in the logs.... Any ideas? Please if you have seen this before only
    Marty
    com.sap.mdm.extension.MetadataException: Problem while loading security information (users/roles) from repository 'PORTAL_CUSTOMERS'
    at com.sap.mdm.extension.MetadataManager.loadRoleCache(MetadataManager.java:559)
    at com.sap.mdm.extension.MetadataManager.internalGetRoleSet(MetadataManager.java:502)
    at com.sap.mdm.extension.MetadataManager.getRoleSet(MetadataManager.java:471)
    at com.sap.mdm.extension.MetadataManager.createMetadataKey(MetadataManager.java:464)
    at com.sap.mdm.extension.MetadataManager.getRepositorySchema(MetadataManager.java:197)
    at com.sap.mdm.uwl.MdmUwlConnector.createUserSessionContext(MdmUwlConnector.java:1463)
    at com.sap.mdm.uwl.MdmUwlConnector.new_retrieveItems(MdmUwlConnector.java:546)
    at com.sap.mdm.uwl.MdmUwlConnector.getItems(MdmUwlConnector.java:129)
    Caused by: com.sap.mdm.commands.CommandException: com.sap.mdm.net.ConnectionException: java.io.IOException: Unexpected socket read.  Result is -1.
    at com.sap.mdm.security.commands.GetUserListCommand.execute(GetUserListCommand.java:72)
    at com.sap.mdm.extension.MetadataManager.loadRoleCache(MetadataManager.java:526)
    Caused by: com.sap.mdm.net.ConnectionException: java.io.IOException: Unexpected socket read.  Result is -1.
    at com.sap.mdm.internal.protocol.manual.AbstractProtocolCommand.execute(AbstractProtocolCommand.java:102)
    at com.sap.mdm.security.commands.GetUserListCommand.execute(GetUserListCommand.java:69)
    at com.sap.mdm.internal.net.DataSocket.receiveData(DataSocket.java:62)
    at com.sap.mdm.internal.net.ConnectionImpl.readInt(ConnectionImpl.java:497)
    at com.sap.mdm.internal.net.ConnectionImpl.readInt(ConnectionImpl.java:490)
    at com.sap.mdm.internal.net.ConnectionImpl.nextMessage(ConnectionImpl.java:629)
    at com.sap.mdm.internal.net.ConnectionImpl.receiveMessage(ConnectionImpl.java:572)
    at com.sap.mdm.internal.net.ConnectionImpl.send(ConnectionImpl.java:233)
    at com.sap.mdm.internal.protocol.manual.AbstractProtocolCommand.execute(AbstractProtocolCommand.java:99)
    com.sap.mdm.commands.CommandException: com.sap.mdm.net.ConnectionException: java.net.SocketException: There is no process to read data written to a pipe.

    Early this month we upgraded the MDM server to:
    MDM Server version: 5.5.63.57
    And the portal components:
    MDM 5.5 SP06 Technology Patch 3 (Build 5.5.63.57)
    MDM 5.5 SP06 Application Patch 3 (Build 5.5.63.57)
    MDM 5.5 SP06 Java API Patch 3 (Build 5.5.63.57)
    However the issue just began 2 days ago?
    We started intgrating MDM Workflow with UWL and assigned Roles and Iviews to the Universal Worklist Configuration
    It seems the Iviews work for a while and then after some time everything gives up? Very confounding
    And yes we are using standard Iviews (search, Result and detail)
    Thanks
    Edited by: Marty Monroe on Oct 31, 2008 3:07 PM

  • Pull User details from Oracle Table (TSS)  to OIM

    Hi
    I am learning OIM so, please excuse if this is a silly question.
    I have created a Generic Technology Connector to connect to a user table in oracle database with correct parameters and the GTC was successful. I have done the field mapping between the source table - reconcilation staging and OIM.
    Now that I want to see the sample user details that I have stored in the oracle user table from the OIM.
    I have assumed that this oracle user table is the Trusted Source System and I have to pull the data from this table to OIM.
    So, after creating the connector, what is the next step i need to do so that I see these sample users in the OIM.
    I appreciate any help / directions.
    Thanks
    Sriram

    Hi,
    You have to do following:
    1.Run the GTC schedule task.
    2.Go to reconciliation manager and see if reconciliation event is getting generated and event is getting linked.
    3.When reconciliation is finished just go to web console.Users->Manage->Search
    Please let me know if you have any follow up questions
    Regards
    Nitesh

  • Get user comments from Service Manager 2012

    Hi all,
    For some Service Manager customizations, I want to "export" the user comments from incident tickets to an email message. I want to do this with Orchestrator.
    I was thinking to create a runbook with the follow components:
    - Get Incident
    - Get relationship (Related class = Trouble Ticket User comments)
    In the last activity "send mail", I want to add the user comments. But I can't find the user comments from the Published data. (see print screen) 
    Know anyone of you if it is possible to get the user comments? If Yes, How to do that?

    Hi!
    Yes, it is possible. "Get Relationship" does just exactly that, it only gets the relationship between the Incident object and the Trouble Ticket User Comment object. After you have retrieved this, you then need to get the actual related object.
    To do that, you Get Object, the class you want (in this case Trouble Ticket User Comment), then make sure you add a filter to search for the "Related Object Guid" from the published data of the Get Relationship.
    Make sure you select the "Related Object Guid"! It is a very common mistake to choose "SC Object Guid", but that is just the guid of the relationship...not the object you want ;)
    A bit tricky to understand at first, but easy enough after you get the hang of it.

  • User roles from external active directory

    Hi,
    I am using my own active directory and not the embedded LDAP on weblogic.
    On weblogic server, there the role names and the Provider configured
    at path Home >Summary of Security Realms >myrealm >Users and Groups > Groups tab
    The provider is configured at path
    Home >Summary of Security Realms >myrealm >Users and Groups >Providers
    Under 'Provider specific' tab, I have configured the Host, Port, Principal, Credentials etc.
    I want to get these roles for the user who is login to the app.
    I tried to follow the steps on http://biemond.blogspot.com/2008/12/using-weblogic-provider-as.html, However, when I run the 'Configure ADF Security' wizard I don't get the 'Identity Store' and 'LDAP Identity Store'.
    Can someone please guide me on this with the proper steps and some specific jars if required for this?

    I don't think these links are useful for me. Here is what I am trying to do. Not sure this is right way to do this. I am really stuck on this and need quick help. Please help.
      public boolean isInitiatorRole(String userName) {
          System.out.println("++++ Calling isInitiatorRole()");
          boolean hasRole = false;
          Hashtable factEnv = new Hashtable();
          Hashtable storeEnv = new Hashtable();
          IdentityStoreFactoryBuilder builder = new IdentityStoreFactoryBuilder();
          IdentityStoreFactory adFactory =null;
          IdentityStore idStore =null;
          System.setProperty("javax.net.ssl.trustStore", "/xxx/local/apps/oracle/SOA/jrmc-3.1.2-1.6.0/jre/lib/security/cacerts");
          System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
          String   storeLocation1 = System.getProperty("javax.net.ssl.trustStore")!=null?System.getProperty("javax.net.ssl.trustStore"):"###";
          String   storePass1 = System.getProperty("javax.net.ssl.trustStorePassword")!=null?System.getProperty("javax.net.ssl.trustStorePassword"):"###";
    // creating the factory instance
          factEnv.put(ADIdentityStoreFactory.ST_SECURITY_PRINCIPAL,"ABCD");
          factEnv.put(ADIdentityStoreFactory.ST_SECURITY_CREDENTIALS,"*****");
          factEnv.put(ADIdentityStoreFactory.ST_LDAP_URL, "ldap://xxx-xxxx-01.xxx.com:389/");
          factEnv.put("java.naming.security.protocol","SSL");
      // creating the store instance
          storeEnv.put(ADIdentityStoreFactory.ST_SUBSCRIBER_NAME,  "CN=itfusion,OU=Service Accounts,OU=Security,DC=adweb,DC=bmc,DC=com");
          System.out.println("++ AFTER setting prop storeLocation1:"+ storeLocation1 +  "   ++ storePass1:"+ storePass1);
            try {
                System.out.println("++++ TRY LOOP");
    //          System.out.println("++++ User from context: " +ADFContext.getCurrent().getSecurityContext().getUserRoles());
                adFactory  =  builder.getIdentityStoreFactory("oracle.security.idm.providers.ad.ADIdentityStoreFactory", factEnv);
                if(adFactory != null){
                  System.out.println("++++ adFactory not null");
                }else{
                  System.out.println("++++ adFactory  null");
                idStore= adFactory.getIdentityStoreInstance(storeEnv);
                if(idStore != null){
                  System.out.println("++++ idStore not null");
                }else{
                  System.out.println("++++ idStore  null");
                User user;
                user = idStore.searchUser(userName);          
                  if(user != null){
                      System.out.println("++++ User not null");
                      RoleManager roleManager;
                      roleManager = idStore.getRoleManager();
                      SearchResponse resp;
                      resp = roleManager.getGrantedRoles(user.getPrincipal(), true);
                      System.out.println("++++ IN WHILE LOOP");
                      while( resp.hasNext() ) {
                          System.out.println("++++ IN WHILE LOOP");
                          Identity id = resp.next();
                          String roleName = id.getName();
                          if(roleName != null){
                            System.out.println("Role Name:" + roleName);
                          }else{
                            System.out.println("Role Name is null");
          //                if( roleName != null && roleName.toUpperCase().indexOf("INITIATOR")>0) {
          ////                  if( roleName != null && roleName.toUpperCase().indexOf("XXXXX")>0) {
          //                    hasRole = true;
          //                    break;
                    }else{
                      System.out.println("User is null");
            } catch (IMException e) {
                log.info("??? Error occured while checking the role for Initiator");
            return hasRole;
    }

  • How to get Logged-in user detail from solution Manager.

    Hi to all,
             How can i get details of a user who is logged in into SAP Solution Manager through my webDynpro application. I need to read some values from SAP Solution Manager. How could i do it?? Shall i need to call RFCs??
    If anybody have idea please reply.
    If anybody has some code please send it.
    Points will be rewarded.
    Thanks in advance.

    Pankaj,
    Here is the code to get the logged in user in Web Dynpro.
         //Get the current logged user information
         IWDClientUser user = WDClientUser.getLoggedInClientUser();
         IUser usr = user.getSAPUser();
    String userId = usr.getUniqueName();
    Regards,
    Anand

  • User Roles from 9.3.1 to 11.1.2

    Dear All ,
    I am migrating the Groups,users, provisioning etc., from shared services 9.3.1 to 11.1.2 using CSSexport utility and modifying the exported file and matching with 11.1.2 files and using LCM.
    I have found that there is a role 'Essbase Write access' in 9.3.1 and there is no role 'Essbase write access' in 11.1.2 ? Is there any equivalant role in 11.1.2 ?
    Please get back to me how can assign this role in 11.1.2?
    Thanks
    MP

    Yes it is just a planning role and still exists in 11.1.2 as "Analytic Services Write Access", why it is named analytic that and not essbase I will never understand, maybe they have not got round to renaming it yet again but anyway you can find information on the roles at :- http://download.oracle.com/docs/cd/E17236_01/epm.1112/hss_admin/apas06.html
    Cheers
    John
    http://john-goodwin.blogspot.com/

  • Extract User List from Security Manager

    Hi,
    How to extract or export the list of users created in MII under Security Manager to some document like Excel.
    Regards,
    Adarsh

    Thanks Jeremy....
    It works great!!
    Just a thought......Is there a way to combine both Users and Roles and get the document like
    User Name and his corresponding role.
    Regards,
    Adarsh
    Edited by: Adarsh Sidnoor on Jun 8, 2009 3:36 PM

  • User Role and Profile Managment

    Hi All,
    I have task on role management , i have a profile assigned to like 20 users , but one of the user is asking me to have special authorization on particular Z Table he want to have modify rights.
    in order to give the rights to this guy fro that table , i have to make this profile modified so that it will apply for all of them, so i wan to have this rights to this particular user with the same profile , does any body ahs idea how to achieve this??
    Or can any one suggest me where can i put this question in the forums??
    Thanks in advance
    Regards,
    Sundar

    Dear Sundar,
    To create new Role, use T. Code: PFCG
    Now, Provide Role's name, and Click tab: Create (in 4.6 X) or Tab: Single Role or Composite Role (In ECC 6.0). Give Description.
    Now, click Tab: Menu --> Transaction (T. Codes etc.),
    Tab: Authorization --> Change Authorization Data (Auhorization to Profile i.e. change/ Display/reate etc.)
    Tab: User (user to which Role assignment is reqd) and then click: User comparison.
    Thats it....
    Rewards accordingly.
    Best regards,
    Amit

  • Change user role from "Publisher" to "Administrator"

    Have three users on a particular website - all need to be
    "administrators".
    Two are listed as administrators (one of which is me), the
    third is listed as a "publisher".
    How can I simply change this person to be an
    administrator?

    Create a new connection key with the role of administrtaor
    and send this to your publisher. He/she will replace the old
    connection with the new one, and you can delete the user from the
    publishers roles.

  • Users Disappeared from Workgroup Manager

    All I see is the admin user. All Users and Groups are gone.
    Strange thing is that I can still view the LDAP tree from another machine and see all the users and groups. Command line access to the Kerberos system also shows the users existing there as well. LDAP and login authentication is working just fine. Searches against the Directory also work from AddressBook on client machines on the network...
    If I add a new user via WGM, that user will appear as expected. I also see that new user in LDAP and Kerberos.
    I cannot create a user in WGM with one of the existing usernames either. I have also tried an Archive and Restore of the Open Directory data. Still only admin showing.
    Any ideas? I'd like to get these users back and viewable so they are selectable in setting permissions/access for other services...

    Update. From the backup I just made, I can see all of the users in the backup.ldif file. Is there a way I can import them back into Open Directory?
    One other strange thing. If I go to the Settings tab in Server Admin, and into Access, I can see some of the users listed as their apple-generateduid value - not as their usernames.
    This leads me to believe there was a linking thread that was broken somewhere. Strange. Very strange.

  • BPM user role access

    Hi Experts,
    Who all can access the BPM process? Is it possible to set the userrole access to the BPM process?
    Scenario :
    Through webservice, I have to call BPM process..But the BPM process should be accessed by particular user.
    For example, Manager related BPM process should not be accessable to the Developers.
    How to set/give the BPM user role access?
    Regards
    Sara

    It is not possible, if sender application has an athorization to send the message to XI the process will be instantiated using Receive step.
    Thanks
    Farooq.

  • User created in ECC system does not appear in Identity management

    Hi all,
    For the already new built GRC system, I am trying to configure buidling blocks 678: RiskAnalysis and Remediation.
    1- In section 5.2 (5.2     Add Roles to Existing Users in User Management Engine) I have to add roles to the users which were created in ECC system. But in Identity management I could not see those ID's existing.
    2 - I could not see these roles RE_ADMIN and CC_ADMIN in UME
    Could anybody help me moving forward.
    Thanks
    Lakshmi

    Hi,
    > 1- In section 5.2 (5.2     Add Roles to Existing Users in User Management Engine) I have to add roles to the users which were >created in ECC system. But in Identity management I could not see those ID's existing.
    >
    Have you defined Master User Source in RAR ?
    > 2 - I could not see these roles RE_ADMIN and CC_ADMIN in UME
    >
    Initially you have to upload Roles in Identity management. There will be 3 files:
    cc_ume_roles.txt
    ae_ume_roles.txt
    re_ume_roles.txt
    Upload them in identity management then you will get these roles.
    Thanks
    Sunny

  • Changing User Roles

    Hi,
    I need to change the user roles from Admin to some other roles from transaction. Is it possible to do this without going into UME and java codes? How to do this from BLS transaction?
    Regards,
    Senthil

    Sentil,
    I do not know BLS, but if you are trying to change Java users then you have to use a Java application like the UME identity management application to change them. You can change ABAP users with this application if the data source of the UME is the ABAP system in question. The standard ABAP tools for managing users and roles are SU01 and PFCG. Does that help?
    -Michael

Maybe you are looking for

  • Help Please: Glitches occurring with H.264 export

    Let me premise this post by acknowledging that I have little experience in the dslr video world. I'm trying to change that. I shot video for two fireworks shows this year as an experiment. I groomed the clips in After Effects (noise reduction, contra

  • When I place a call or receive a call, all I get is silence.

         I received my Samsung Galaxy s 4 today and I found that when I placed or received a call, I would pick it up or the the other party would and neither of us could hear the other.  About one in a dozen calls could be heard and when I restarted the

  • How to get the error in idoc removed?

    Hi all, I am getting this error in inbound ORDERS "VKORG, VTWEG, SPART cannot be determined for customer PEPSICO , vendor". The help on this error says that this is automatically filled? How could the IDoc sender have given these values.. I think a u

  • Directory sverly damaged on external drive, other programs than Disc W.

    I have an external Lacie USB 2 drive connected to my G5, now some files refuse to open, I ran the OsX Harddrive tools and it states that there is nothing wrong with the disc and when I do a harware check with Disc Warrior it states that the disc is f

  • Nokia c7 urgent info needed please!!

    Basically i was in an SMS converstaion with my sister when i went to send her a message saying "not sure" next thing i know she is saying why did you swear at me? i say i didnt what you on about then i go through my outbox and see i sent a message te