Reapply Rules for existing users
Hello All IDMers;
We have a group called Seasonal for which the member access is based on rule that has two fields one is set to true and also based on employee type which is "Seasonal".
There are other users who are of different emp type BUT with the other field set to true.
Now what we decided is to put all those who have field set to true into the this group irrespective of their employee type.
So going forward for new users we can easily implement this because I am going to delete the Emp Type = Seasonal condition from Rule designer.
But Can you please tell me if there is a easy way jus by using design or admin console to apply this condition to all existing users.
I hope i didnt confuse you all.
Regards;
VSN
oh.. my bad. I looked mainly the Subject and was thinking about the rules all the time...
In your case, you can use the following function to add a user to a group. Please check in the Forum, there are lot of sample code for searching a user with a particular attribute value - then if you have the user key and group key, then you can use the below function to
Map usermap = new HashMap();
usermap.put("Users.User ID", User_id );
usermap.put("Users.Status", "Active"); //put only active users in the hashmap
Map grpmap = new HashMap();
grpmap.put("Groups.Group Name", Group_Name);
tcResultSet ts = userClient.findUsers(usermap); //find users - to get the ukey
tcResultSet tg = groupClient.findGroups(grpmap); //find requireq group
long ukey = ts.getLongValue("Users.Key");
long gkey = tg.getLongValue("Groups.Key"); //find group key
System.out.println("User Map: " + ts);
System.out.println("User Key: " + ukey);
System.out.println("Group Key: " + gkey);
int usrNumRec = ts.getRowCount(); //get number of all user records in OIM
System.out.println("There are: " + usrNumRec + " user records in OIM Dev");
//ADD the Member now
groupClient.addMemberUser(gkey,ukey); //add user back to a group
System.out.println("GROUP Added");
Search in google for the OIM functions such as addMemberUser - you will find better code in this forum or somewhere else...
Regards
Vijay Chinnasamy
Similar Messages
-
Access Policy for Existing Users
Hi,
Here is the Scenario:
1. We have AD resource object having "Allow Multiple" Unchecked
2. We have Users who are already provisioned to AD
We are trying to introduce Auto Provisioning into our system for AD, I know new users will be evaluated against Access policies and will be provisioned to the resource and hence groups management will be taken care automatically, Questions:
1. If I disable resources (and not revoke) for these new users what will be the group membership status -will they be removed from group?
2. How to pull existing users under this auto prov umbrella? My thoughts: by writing a custom scheduler that will check resource provisioned and make it as part of the group, but will resource be revoked automatically if group is removed for these users? If not what should be the approach for existing users?
Thanks in advanceI've completed a similar tasks using SQL.Take a look at the following table and you can do these tasks:
UPP, UPD, USG, POG and AD group table 'UD_ADUSRC' -
Pb with populating newly added AD fields for existing users
Hello,
Let's say that we have version 10 of the AD process form pushed to production.
Then we decided to push version 11 of the AD process form, which now has 4 more fields, to prod.
For new users, we can see that the new fields are populated and the data flows down to AD.
But, how do things work for existing users with existing AD account?
How can we make the new fields appear in the process form of an existing user with old AD account that did not contain the new 4 fields.
Thanks
KhanhFVC or Form Version Control Utility is specifically designed for this purpose. Refer OIM documentation & also have a look at the following links:
http://download.oracle.com/docs/cd/E10391_01/doc.910/e10363/appc.htm
http://oim-iam.blogspot.com/2010/04/oim-fvc.html
Thanks
SRS -
Create new mailbox for existing users?
Hi All,
I am new to JNDI concepts. I need to create new mailbox for existing users in domino directory. is it possible?
Scenario is : I have some users in domino directory. They dont have mail account now. I want to create it.
Kindly guide me...
Thanks,
RamHi,
You can try LSMW (Direct method) for uploading class values.
Upload file can hae following structure:
OBJEK | ATINN | KLART | ATWRT
Release Grou+Release strategy | Characteristic name | Class type | Class Value
e.g. rel grp is PO, rel strategy is 01, characteristic name is EBAN_EKORG, and class value is 1000 then
OBJEK | ATINN | KLART | ATWRT
PO01 | EBAN_EKORG | 032 | 1000
multiple characterstics can be
OBJEK | ATINN | KLART | ATWRT
PO01 | EBAN_EKORG | 032 | 1000
PO01 | EBAN_EKGRP | 032 | 100
Regards,
Yogesh -
Problems with a certain program for existing users
Hello,
We have problems with a third party software application. We have installed this software program on a terminal server (server 2003 32bit) and when we open this software with a existing user account the application crashes with the following entry in the
eventviewer:
Application Error 100
Faulting application ProTime.exe, version 4.1.0.9, faulting module msvbvm60.dll, version 6.0.97.82, fault address 0x000fd0d9.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
We have checked the eventlog on the server but the only error that we see is the application error 100 when we open the program. Also we checked the rights on the program's database and folders but that doesn't help either.
The last thing we did was;
- Installing the software on a brand new virtual server with server 2003 x86 (no other software installed)
- Installing the software on a new virtual machine with server 2008 r2 x64 (no other software installed)
The strange thing is when we change something in the compatibility mode setting for example run as windows xp then we can run the program just fine but when the user logs off and log on again it doesn't work until you change something at the compatibility
mode setting (doesn't mather which setting)
When we create a new domain user then the software works properly without any settings changed.
Any idea what could cause this problem?
Thanks
With kind regards,
LarsHi Jesper,
Sorry for the late response. We think so, atleast the software company says it is.
We should not use the compat. mode because the application is not working on server 2003 x86, server 2003 x64, server 2008 r2.
It is just really strange. Software company has no clue how to fix this problem and they say it is caused by the active directory because when we add a new user then the application starts properly. User accounts created a long time ago are not able to start
the application. -
PF attribute modification in Access Policy for existing users.
Hi Guys,
I have an access policy for provisioning a resource. Suppose if I make some changes for the process form attribute value inside the access policy,How can I have the same attribute value reflected in the process form of users who are already provisioned by the access policy?
Direct database update wont be a good idea here as I am having multiple access policies for the same resource. Is there any table which is having the relation between provisioned resource and curresponding access policy if at all I have to go for a custom scheduled task?
Thanks,Does this solution also supposed to work in OIM 11g? I Tried it but data on the main form does not get reflected on the process form of existing users. For child data it does work.
Edited by: bsteen on Aug 5, 2011 5:21 AM -
Error "550 5.1.1 ADR.RecipNotFound" for existing user
Hello!
Our Exchange infrastructure description, briefly:
1. Using Exchange 2013 CU7
2. 2 x MBX+CAS servers (EX1, EX2)
3. 2 x Edge servers (mx1, mx2)
4. DAG, 4 DBs
5. Hybrid Configuration: 200 local users, 15 cloud users
Our case: sometimes our users receive NDR while sending messages to existing mailboxes:
"Remote
Server returned '550 5.1.1 RESOLVER.ADR.RecipNotFound; not found'
For example, user sent 2 messages, first caused NDR, second was successfully delivered:
Get-MessageTrackingLog -Sender [email protected] -Recipient [email protected] | fl EventId, Source, TimeStamp, EventData
EventId : HAREDIRECT
Source : SMTP
Timestamp : 15.04.2015 16:58:36
EventData : {[DeliveryPriority, Normal], [AccountForest, local.domain.ru]}
EventId : RECEIVE
Source : SMTP
Timestamp : 15.04.2015 16:58:36
EventData : {[FirstForestHop, EX1.local.domain.ru], [Oorg, domain.ru], [ProxiedClientIPAddress, 10.0.100.21], [Proxie
dClientHostname, mx1.domain.ru], [ProxyHop1, EX1.local.domain.ru(192.168.0.11)], [DeliveryPriority, Normal]
, [AccountForest, local.domain.ru]}
EventId : AGENTINFO
Source : AGENT
Timestamp : 15.04.2015 16:58:36
EventData : {[AMA, SUM|action=st|error=|atch=0], [DeliveryPriority, Normal], [AccountForest, local.domain.ru]}
EventId : FAIL
Source : ROUTING
Timestamp : 15.04.2015 16:58:36
EventData : {[DeliveryPriority, Normal], [Oorg, domain.ru], [AccountForest, local.domain.ru]}
EventId : HAREDIRECT
Source : SMTP
Timestamp : 15.04.2015 18:17:23
EventData : {[DeliveryPriority, Normal], [AccountForest, local.domain.ru]}
EventId : RECEIVE
Source : SMTP
Timestamp : 15.04.2015 18:17:23
EventData : {[FirstForestHop, EX2.local.domain.ru], [ProxiedClientIPAddress, 10.0.100.22], [ProxiedClientHostname,
mx2.domain.ru], [ProxyHop1, EX2.local.domain.ru(192.168.0.12)], [DeliveryPriority, Normal], [AccountForest,
local.domain.ru]}
EventId : AGENTINFO
Source : AGENT
Timestamp : 15.04.2015 18:17:23
EventData : {[AMA, SUM|v=0|action=|error=|atch=0], [AMA, EV|engine=M|v=0|sig=1.195.3371.0|name=|file=], [TRA, ETR|ruleI
d=068e0c20-5de5-48e0-9b53-ea90e5deb5b9|st=12.12.2014 18:27:31|action=SetSCL|sev=1|mode=Enforce], [CompCost
|AMA=0|ETR=0], [DeliveryPriority, Normal], [AccountForest, local.domain.ru]}
EventId : SEND
Source : SMTP
Timestamp : 15.04.2015 18:17:25
EventData : {[E2ELatency, 4.863], [Microsoft.Exchange.Transport.MailRecipient.RequiredTlsAuthLevel, Opportunistic], [
DeliveryPriority, Normal], [AccountForest, local.domain.ru]}
EventId : DELIVER
Source : STOREDRIVER
Timestamp : 15.04.2015 18:17:25
EventData : {[MailboxDatabaseName, IT], [Mailboxes, c1357fa5-52f2-4d16-8c70-09c9f9c4ab0e], [ToEntity, Hosted], [E2ELate
ncy, 4.863], [DeliveryPriority, Normal], [AccountForest, local.domain.ru]}
How can I investigate this issue?Hi Turboon,
Thank you for your question.
Did this issue occur when mailbox was moved to office 365?
"Remote Server returned '550 5.1.1 RESOLVER.ADR.RecipNotFound; not found'’ could be occurred if the on-premises mail-enabled user who represents the moved mailbox isn't stamped correctly with the target address. The Exchange server generates an NDR
message because the on-premises Active Directory Domain Services (AD DS) can't locate the user in order to route the mail correctly. We could add the target address, also known as the service routing address, to the mail-enabled user in the on-premises environment
by the following steps:
In a web browser on your local Exchange 2013 server, browse to the Exchange Admin Center,
Click Recipients, and then click Mailboxes.
Click the user, and then click Edit.
Click Email Address, and then click Add, .
Under Email Address, click SMTP, and then enter the email address. Use the
<alias>@<domain>.mail.onmicrosoft.com format for the email address.
Click OK, and then click Save.
We could refer to the following link:
https://support.microsoft.com/en-us/kb/2685437
If there are any questions regarding this issue, please be free to let me know.
Best Regard,
Jim
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
Jim Xu
TechNet Community Support -
Business Rules for Business Users
Folks,
There is a requirement from my clients to use Business rules by Business users, apparently it is difficult to give them jdeveloper and ask to devlop, have you come across such situation? if so what is the best way to handle such scenarios.
FYI: we're implementing 11g BRE
TIA
SriniThe only way is to use Rules SDK. We had a similar requirement and had to develop a custom GUI with all CRUD operations using Rules SDK.
The starting points are:
http://download.oracle.com/docs/cd/E12839_01/apirefs.1111/e10663/toc.htm
http://download.oracle.com/docs/cd/E12839_01/integration.1111/e10227/toc.htm (especially RuleSession)
or simply starting from the master index (search for Business rules)
http://download.oracle.com/docs/cd/E12839_01/nav/portal_booklist.htm
rgds -
Change display name for existing users
Hi,
We have alot of users in our Active Directory. After an migration our existing users are displaying their name wrong. When we create a new user the display name is set FirstName LastName. But all of our old users have their User logon name as display name.
Is there a way to change the display name of our old users to FirstName LastName instead of the user logon names they are displaying now? Doing this per user is a hell of a job so this really isn't an option.
Example:
Full name: Peter Peterson. User logon name: pepeter. Display name: pepeter. (old user)
Full name: Tom Thompson. User logon name: tothomp. Display name: Tom Thompson. (new user)
Greetz,
TomI have found a script for Powershell that may be the answer to my question. There is only one thing that is not in the script. The script runs for all users. The PageSize is set to 2000 so it runs 2000 entries. Is there a way that I can run this script for
all Users in AD that start with the letter "A" or with an other letter. :P
$previewMode = $true #change value to $false ONLY after you have verified the preview!!!
$CurrentDomain = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
$Domain = [System.DirectoryServices.DirectoryEntry]"LDAP://$CurrentDomain"
$Searcher = New-Object System.DirectoryServices.DirectorySearcher
$Searcher.PageSize = 2000
$Searcher.SearchScope = "Subtree"
$Searcher.Filter = "(&(objectCategory=person)(objectClass=user)(!(objectClass=computer)))"
$Searcher.PropertiesToLoad.Add("userPrincipalName") > $Null
$Searcher.PropertiesToLoad.Add("givenName") > $Null
$Searcher.PropertiesToLoad.Add("sn") > $Null
$Searcher.PropertiesToLoad.Add("distinguishedName") > $Null
$Searcher.SearchRoot = "LDAP://" + $Domain.distinguishedName
$SearchResults = $Searcher.FindAll()
$dnsSuffix = $CurrentDomain.Name
foreach ($Result in $SearchResults){
$firstName = $Result.Properties.Item("givenName")
$lastName = $Result.Properties.Item("sn")
$newLogonName = "$firstName $lastName"
[System.DirectoryServices.DirectoryEntry]$userObject = $Result.GetDirectoryEntry()
$oldLogonName = $userObject.sAMAccountName
Write-Host "Changing $oldLogonName to $newLogonName..."
try {
if (!($previewMode)) {
$userObject.cn = $newLogonName
$userObject.CommitChanges()
Write-Host "$oldLogonName successfully changed to $newLogonName."
catch{
Write-Host "Error changing $oldLogonName to $newLogonName." -
Mountain Lion upgrade effects mail rules for all users
After upgrading to Mountain Lion, the mail rules appear to be "shared" for all user on our Mac. When a user adds a rule, everyone sees this rule. Some mail rules are lost in the process. How can we fix this?
If it is hanging on the 'upgrading database' portion please see this discussion and the solution posted by registerednderd at the bottom of the first page. It worked for me at least to get past the 'upgrading database' hangup and then to import the old messages.
https://discussions.apple.com/thread/4137441 -
What does the Mac App store mean for existing users of Aperture?
I was wondering how the Mac App store will affect existing users of the software. I have purchased Aperture and upgrades since its launch but because I've not purchased through the App store, how will I gain access to future upgrades?
When I go to the Aperture app in the store it shows as being installed but as I've not purchased it through the store, will I be eligible for future upgrades or will Apple expect me to purchase again?There is no way Apple can update Aperture 3 without offering that update to every user, regardless of where the app was purchased. So, expect that Aperture 3.1.2 or whatever will be available to you in some fashion.
When the next paid Upgrade (to Aperture 4?) comes along, then we'll have to see what arrangements the offer.
Regards
TD -
*** SPAM *** - rule for all users
hello.
is it possible to create one rule to all users that move all emails with *** SPAM *** in subject line to specific folder eg SPAM? or push one rule to all users?
SLES10+GW8
regards
MirekOn 3/29/2012 9:36 AM, leroyjjr wrote:
>
> Michael Bell;2186127 Wrote:
>> On 3/29/2012 1:16 AM, mmadej wrote:
>>>
>>> Thank you,
>>> I can change only subject, no add X-spam header.
>>>
>>> 3. every user create rule - simple and free
>>>
>>> regards
>>> Mirek
>>>
>>>
>> Well you have more talented users than most. ;)
>
> Michael,
> Will that also work for GroupWise2012 on SLES11/OES11 as
> well?
>
> Leroy Joseph
> Visual Click Software
> 'eDirectory Management and Reporting | DSRAZOR for eDirectory'
> (http://www.visualclick.com/content/d...edirectory.htm)
>
>
will WHICH work?
1. yes, built into admin snapins, and gwia
2. yes, but you'll need a windows workstation to run vertigo on, because
it uses a mixture of soap and admin api, the latter only beig
available on windows
3. yes, but it depends on user education. -
I currently use Adobe Standard CS 5. It was bought with the Education discount. I would like to upgrade to Creative Cloud and see that they have special pricing for existing customers that use past versions of Creative Suite. I am no longer in Education, so I will have to buy a full version. This is fine, but it won't accept my serial number for the discounted pricing. Is there something else I should be doing?
Hi there
Please contact our Sales team who will assist with your order - 800-585-0774
Thanks
Bev -
Change EXPIRY_DATE for existing user
Hello dba-gurus !
Since I'm a beginner (and the real dba is on holiday) maybe this is a stupid question :
How can I change the value of EXPIRY_DATE ??
The Backup user account "rman" is expired.
when i query dba_users i'll get :
USERNAME EXPIRY_DA ACCOUNT_STATUS
RMAN 20-MAY-10 EXPIRED
is there away to disable expiration or set the expiration to a date of my choice ?
All i found in google was default profile related.
Does this also effect existing users ?
regardsthanks, thats exactly what i want to know.
I executed "ALTER PROFILE DEFAULT LIMIT PASSWORD_LIFE_TIME UNLIMITED;"
and when i query the dba_users expired,expiry date is the same values.
Shouldn't these values also change or are they just ignored?
However, I'ill see this on next rman-logs. -
More rules for Unlimited users to consider. Are you among the 5%?
This is taken from the this website's "Important Plan Information" link found on the "Change Minutes, Text or Data" page.
(My underlines)
DATA SERVICES
Verizon Wireless strives to provide customers the best experience when using our network, a shared resource among tens of millions of customers. To help achieve this, if you use an extraordinary amount of data and fall within the top 5% of Verizon Wireless data users we may reduce your data throughput speeds periodically for the remainder of your then current and immediately following billing cycle to ensure high quality network performance for other users at locations and times of peak demand. Our proactive management of the Verizon Wireless network is designed to ensure that the remaining 95% of data customers aren't negatively affected by the inordinate data consumption of just a few users.
You may use Mobile Hotspot or any other Wi–Fi hotspot or tethering service to use your smartphone or basic phone as a Wi–Fi hotspot or to tether it to your computer or tablet. If you subscribe to a data plan or package with an unlimited data allowance, there is an additional $20/month fee to do so.
We further reserve the right to take measures to protect our network and other users from harm, compromised capacity or degradation in performance. These measures may impact your service, and we reserve the right to deny, modify or terminate service, with or without notice, to anyone we believe is using Data Plans or Features in a manner that adversely impacts our network.Hi all,
In my case, the customized add-on (huge & extensive add-on modules) for a single customer company we are developing right know is almost complete and will be installed at the client production server (without the newly developed add-on) which Go-Live a few days already.
The add-on is being tested on several sap b1 laptop (pro licensed installed) and I assume it is running with compatibilty mode.
Now the issue is, since it only means for that particular company add-on and won't be SAP certified or resell, we just decided to ignore the add-on identifier in the coding side. Does it also will leads us to Jan 2008 compatibilty issue aferwards as well? No other forum thread or official announcement from SAP so far..any thoughts?
Any feedback is appreciated.
Shukri - Malaysia
Maybe you are looking for
-
Help creating an external array for a scoreboard
I'm trying to create an array in an external file that will recieve and arrange scores sent from Quiz.fla upon clicking the submit score button. I also want another fla file to be able to reference this external array and pull the top 15 scores from
-
Please fix Skype Credit page - it does NOT load pr...
I cannot get the Skype Credit page to load on many of my personal computers (4 to be exact) and also seen this problem on some friends' computers too. I get a page with a "Loading" text and a blue dot above it. That is all. What I've tried: - Latest
-
Sending a picture through photo app
I have the iPhone 5. When wanting to text a picture, I am unable to do that from the Photos app on the phone. (Using the small curved arrow button at the bottom does not work. It allows me to choose "message" but then nothing happens! The message
-
Access the URL Parameter from a Adaptermodule
Hi, I need to implement an adaptermodule to create a SOAP-Header element. I use the SOAP Adapter (receiver) in this case with the flag "Not use SOAP env.) One element within this header element will be the URL of the Webservice with I declare in the
-
Changing shipping conditions in stock transfer scheduling agreements EKPV
I am wondering if anyone has a solution or knows if SAP has any functionality enhancements to allow shipping data in stock transfer scheduling agreements to be changed. Currently we are on ECC 6.0 and are going to be applying EHP5 within the next few