Reconcile user groups to OIM (11g)

I would appreciate it if someone may let me know how to reconcile the organization and leadership structure information from an Oracle DB based identity vault into OIM (11g) to create organizational roles, for example, into the user group and user group membership tables, i.e. the UGP and USG table series. Many thanks.

yesy, I have defines correct search value but its again and again throwing error. I change the search values too. But its not working.

Similar Messages

User Groups in IDM 11G

Friends
Exist in Oracle Identity Manager 11g User groups as in version 9..?
Thanks

If this question is about: What has happened to User Groups in OIM 11G then:
The User Groups is now converted to Roles in OIM 11G.

Not able to add groups to the user ODSEE via OIM 11g R2

Hi,
I have created some groups in ODSEE and ran the recon job to sync these groups in OIM 11g R2.
Groups are populated in OIM 11g R2 and while raising the request for ODSEE Application Instance I can see these groups.
Now following are the issues I am facing :
1. ODSEE groups are not getting displayed in Catalog ( I have ran the Entittlement-List job also)
2. When I request for a group while creating the request, the group is not getting assigned to the user in ODSEE, wherein user is getting created in ODSEE successfully.
Please help.
Thanks

Please let me know what could be the reason of not adding the groups to the user in ODSEE.
I was able to add the groups successfully to user by assigning the groups while raising the request in OIM 11g R1.
But the same is not working in OIM 11g R2, if I check the OIM logs it is calling the function ADDUSERTOGROUP but the groups are not getting assigned to user.
Thanks

How to change a label of User Type in OIM 11g

How to change a label of User Type in OIM 11g. If we have to change label of First Name or Last name then we can change in User.xml and some in resource properties file but what is the procedure to change for User Type.

Follow this: http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14309/uicust.htm#BABDEGFE
i .Copy the $OIM_ORACLE_HOME/server/apps/oim.ear/admin.war/WEB-INF/lib/IdentityTaskFlow.jar to a local work directory, unzip it and locate UserAttributes.properties at /oracle/iam/resources/IdentityTaskFlow.
ii. Update the userAttributes.properties file in the IdentityTaskFlow.jar/oracle/iam/resources/IdentityTaskFlow and create a new IdentityTaskFlow.jar
iii. Copy the updated IdentityTaskFlow.jar to $OIM_ORACLE_HOME/ server/apps/oim.ear/admin.war/WEB-INF/lib/
For "User Type", try putting the property name as "user_type" or try "role". One should work.
HTH,
BB

Getting error while provisioning user to AD - OIM 11g R2

Hi,
I have installed the AD connector and I am able to do the user and group reconciliation between AD and OIM 11g R2.
But when I am trying to provision the user to AD, I am getting the below error :
oracle.iam.connectors.icfcommon.prov.ICProvisioningManager : createObject : Error while creating user[[
java.lang.NumberFormatException: null
     at java.lang.Long.parseLong(Long.java:375)
     at java.lang.Long.parseLong(Long.java:468)
     at oracle.iam.connectors.icfcommon.prov.ICProvisioningManager.init(ICProvisioningManager.java:104)
     at oracle.iam.connectors.icfcommon.prov.ICProvisioningManager.init(ICProvisioningManager.java:123)
     at oracle.iam.connectors.icfcommon.prov.ICProvisioningManager.createObject(ICProvisioningManager.java:267)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpADIDCCREATEOBJECT.CREATEOBJECT(adpADIDCCREATEOBJECT.java:109)
     at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpADIDCCREATEOBJECT.implementation(adpADIDCCREATEOBJECT.java:54)
     at com.thortech.xl.client.events.tcBaseEvent.run(tcBaseEvent.java:196)
     at com.thortech.xl.dataobj.tcDataObj.runEvent(tcDataObj.java:2492)
     at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(tcScheduleItem.java:3148)
     at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(tcScheduleItem.java:716)
     at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:602)
     at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:474)
     at com.thortech.xl.dataobj.tcORC.insertNonConditionalMilestones(tcORC.java:847)
     at com.thortech.xl.dataobj.tcORC.completeSystemValidationMilestone(tcORC.java:1162)
     at com.thortech.xl.dataobj.tcOrderItemInfo.completeCarrierBaseMilestone(tcOrderItemInfo.java:757)
     at com.thortech.xl.dataobj.tcOrderItemInfo.eventPostInsert(tcOrderItemInfo.java:173)
     at com.thortech.xl.dataobj.tcUDProcess.eventPostInsert(tcUDProcess.java:235)
     at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:602)
     at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:474)
     at com.thortech.xl.dataobj.tcTableDataObj.save(tcTableDataObj.java:2910)
     at com.thortech.xl.dataobj.tcORC.autoDOBSave(tcORC.java:3008)
     at com.thortech.xl.dataobj.util.tcOrderPackages.createOrder(tcOrderPackages.java:471)
     at com.thortech.xl.dataobj.util.tcOrderPackages.orderPackageForUser(tcOrderPackages.java:180)
     at com.thortech.xl.dataobj.tcOIU.provision(tcOIU.java:639)
     at com.thortech.xl.dataobj.tcOIU.eventPostInsert(tcOIU.java:357)
     at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:602)
     at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:474)
     at com.thortech.xl.dataobj.tcTableDataObj.save(tcTableDataObj.java:2910)
     at com.thortech.xl.dataobj.tcUserProvisionObject.insertImplementation(tcUserProvisionObject.java:288)
     at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:591)
     at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:474)
     at oracle.iam.provisioning.spi.DOBProvisioningUtil.provisionObject(DOBProvisioningUtil.java:128)
     at oracle.iam.provisioning.spi.DOBProvisioningMechanism.provision(DOBProvisioningMechanism.java:341)
     at oracle.iam.provisioning.impl.ProvisioningServiceImpl$4.process(ProvisioningServiceImpl.java:483)
     at oracle.iam.provisioning.impl.ProvisioningServiceImpl$4.process(ProvisioningServiceImpl.java:471)
     at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:13)
     at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:6)
     at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:128)
     at oracle.iam.platform.tx.OIMTransactionManager.oimExecute(OIMTransactionManager.java:46)
     at oracle.iam.provisioning.impl.ProvisioningServiceImpl.provision(ProvisioningServiceImpl.java:471)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
     at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
     at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
     at oracle.iam.platform.utils.DMSMethodInterceptor.invoke(DMSMethodInterceptor.java:25)
     at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
     at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
     at $Proxy380.provision(Unknown Source)
     at oracle.iam.provisioning.api.ProvisioningServiceEJB.provisionx(Unknown Source)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
     at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
     at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
     at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
     at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
     at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
     at com.oracle.pitchfork.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:34)
     at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
     at com.oracle.pitchfork.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:42)
     at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
     at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
     at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
     at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
     at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
     at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
     at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
     at $Proxy379.provisionx(Unknown Source)
     at oracle.iam.provisioning.api.ProvisioningService_p7m7x_ProvisioningServiceRemoteImpl.__WL_invoke(Unknown Source)
Please help me in solving this issue.
Thanks.
Edited by: user9212679 on May 9, 2013 4:17 AM

Hi Kevin,
Thanks for the reply. As suggested by you I have assigned the default value as 0 for all the checkbox type in form designer for AD User form but still I am getting the same error while provisioning the AD resource.
Please help.

How to create Lookup field in user form in OIM 11g - Urgent

Hi Experts,
How to create Lookup field in User Form - OIM 11g.
Pls. provide your support on priority.
Regards
Karan

Thanks all for your suggestion.
Our requirement, is we need to have a user defined field similar to how its there in "Organisation".
For example we need to create an user defined field like "Service Holding" which holds different services say like Service 1, Service 2, Service 3 etc.
Under each service there are multiple roles....
Eg:
Service 1 - Role 1, Role 2, Role 3
Service 2 - Role 4, Role 5
Service 3 - Role 6, Role 7, Role 8
Is there a way to store multi-valued attribute in OIM UDF? If so, pls. guide us
If its not possible we would need to create a Lookup field (something similar to Organization or Manager). User clicks on the button (lens button), which should invoke an API wherein he can select specific Roles and save in User. Eg. like Service 1 - Role 1#Service 2 # Role 5 and store in the backend database.
Is this possible. Pls. guide.
Regards,
Karan

Export User Attributes in OIM 11g

Hi,
Can anyone let me know how to export User defined attributes in OIM 11g (11.1.1.5)? I couldn't find option in export manager for user defined fields (as in 9.x version).

bbagaria wrote:
madhatter wrote:
BTW, the result of exporting the "User UDF" category contains the /file/User.xml too. So, you need not deal with metadata directly to get this file.Interesting, never worked for me.Use the code snippet in the Export section at http://idmclub.wikidot.com/import-export-deployment-artifacts
Use "User UDF" instead of "Resource". You will get something like the following:
<?xml version="1.0" encoding="UTF-8"?>
<xl-ddm-data version="2.0.0.0" user="XELSYSADM" database="jdbc:oracle:thin:@localhost:1521/orcl" exported-date="1312490747931" description="">
<Form repo-type="RDBMS" name="USR" subtype="User UDF">
<SDK_ORC>0</SDK_ORC>
<SDK_SCHEMA>DEV_OIM</SDK_SCHEMA>
<SDK_DATA_LEVEL>2</SDK_DATA_LEVEL>
<SDK_DESCRIPTION>Users - User Defined Fields</SDK_DESCRIPTION>
<SDK_UPDATE>1304799781000</SDK_UPDATE>
<SDK_ACTIVE_VERSION>0</SDK_ACTIVE_VERSION>
<SDK_LATEST_VERSION>0</SDK_LATEST_VERSION>
<SDK_TYPE>S</SDK_TYPE>
<FormField repo-type="RDBMS" name="USR_UDF_LS_CHG_CODE">
</FormField>
<FormAdministrator repo-type="RDBMS">
</FormAdministrator>
</Form>
<UserXml repo-type="MDS" name="User" mds-path="/file" mds-file="User.xml">
<completeXml>
<UserXml>
<entity-definition xmlns="http://www.oracle.com/schema/oim/entity">
</entity-definition>
</UserXml>
</completeXml>
</UserXml>
<DataObjectDef repo-type="RDBMS" name="com.thortech.xl.dataobj.tcUSR">
</DataObjectDef>
</xl-ddm-data>Enjoy the UserXml XML element!
Disclaimer: I use 11.1.1.3, not 11.1.1.5
Edited by: madhatter on Aug 5, 2011 1:10 AM

Populate enddate after change in user status in OIM 11g ?

Hello experts,
We have a requirement whenever a user is getting 'Disabled' end-date needs to be set to the current system date and When the user is enabled end-date need to be reset to some predefined date
We are planning to go with custom adapter for this. Now in OIM 11g USR_STATUS is not working as expected. Then how do we trigger for disable or enable.
Is event handler is the only option for this scenario ? Please advice.
Thanks,
Deepak

there are two ways to handle this
first is to use post update event handler
get the user status and update end date and start date
second, using custom adapter.
no need to put trigger.
just attach your code on the response of enable user and disable user task in AD,OID ...or so on work flow.
try and let me know
regards,
nishith nayan

User Provisioning in OIM 11g to Oracle DB 11g R2

Hi All,
We have installed OIM 11.1.1.5. We have created User in OIM and wanted to provision it to database 11g R2. For this we have created a table in DB.
We are not sure about the next steps or which connectors to use....
Experts can u please guide me through steps or link or snapshots to achieve the above scenario?
Regards,
Newbie

Hi Kevin,
Thanks , that was a complete document.
However I achieved User Provisioning by creating GTC. This i found in below document-
http://tooweaktogivein.com/2010/02/16/oim-provisioning-db/
Now my query is how do i fetch the values entered in UDF by admin (User Form) to the Form which comes when we select Resource Object (probably process form as i don't see any option as Object form in 11.1.1.5).
Currently- 1. Admin creates user
2. Admin selects Resource Object (Created via GTC)
3. Admin has to re-enter the values which we created in our table (To be stored in DB).
Summary- how to populate the values entered in step 1 to step 3
Thanks & Regards,
Newbie

Auto Approval of Self User Registration Fails OIM 11g R2

Use Case : Auto Approval of Self User Registration
Steps followed
1. A New Approval Policy created with Auto Approval flag set as True for Request Level Approval.
2. A New Approval Policy created with Auto Approval flag set as True for Operation Level Approval.
3. The field Organization was pre populated using the Pre Population Adapter, as mentioned below.
+<AttributeReference name="Organization" attr-ref="act_key" type="Long" widget="ENTITY" length="256" required="false" available-in-bulk="false" entity-type="ORGANIZATION">+
+<PrePopulationAdapter name="OrgPrepopulateAdapter" classname="com.plugin.OrgPrepopulateAdapter"/>+
+</AttributeReference>+
4. A new user was created using the "Register New user" Link.
5. Log in as System Adminstration and under Track requests, found that the New request has failed.
6. On click of Request link, the request details shows the Organization field has populated with the expected value.
7. The Logs suggests that the Request failed due to Organization field going Null.
LOG
[2013-02-12T15:50:39.138+05:30] [oim_server1] [ERROR] [] [oracle.iam.request.impl] [tid: [ACTIVE].ExecuteThread: '7' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: e171ff3c1743d36a:6c2e4f90:13ccdc4a231:-8000-00000000000006f8,0] [APP: oim#11.1.2.0.0] Exception thrown java.lang.IndexOutOfBoundsException: Index: 0, Size: 0
[2013-02-12T15:50:39.138+05:30] [oim_server1] [ERROR] [] [oracle.iam.request.impl] [tid: [ACTIVE].ExecuteThread: '7' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: e171ff3c1743d36a:6c2e4f90:13ccdc4a231:-8000-00000000000006f8,0] [APP: oim#11.1.2.0.0] Exception thrown Index: 0, Size: 0[[
java.lang.IndexOutOfBoundsException: Index: 0, Size: 0
     at java.util.ArrayList.RangeCheck(ArrayList.java:547)
     at java.util.ArrayList.get(ArrayList.java:322)
     at oracle.iam.requestactions.approval.operationlevel.OrgBasedMethodology.getOrgDetails(OrgBasedMethodology.java:215)
-------------

Use Case : Auto Approval of Self User Registration
Steps followed
1. A New Approval Policy created with Auto Approval flag set as True for Request Level Approval.
2. A New Approval Policy created with Auto Approval flag set as True for Operation Level Approval.
3. The field Organization was pre populated using the Pre Population Adapter, as mentioned below.
+<AttributeReference name="Organization" attr-ref="act_key" type="Long" widget="ENTITY" length="256" required="false" available-in-bulk="false" entity-type="ORGANIZATION">+
+<PrePopulationAdapter name="OrgPrepopulateAdapter" classname="com.plugin.OrgPrepopulateAdapter"/>+
+</AttributeReference>+
4. A new user was created using the "Register New user" Link.
5. Log in as System Adminstration and under Track requests, found that the New request has failed.
6. On click of Request link, the request details shows the Organization field has populated with the expected value.
7. The Logs suggests that the Request failed due to Organization field going Null.
LOG
[2013-02-12T15:50:39.138+05:30] [oim_server1] [ERROR] [] [oracle.iam.request.impl] [tid: [ACTIVE].ExecuteThread: '7' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: e171ff3c1743d36a:6c2e4f90:13ccdc4a231:-8000-00000000000006f8,0] [APP: oim#11.1.2.0.0] Exception thrown java.lang.IndexOutOfBoundsException: Index: 0, Size: 0
[2013-02-12T15:50:39.138+05:30] [oim_server1] [ERROR] [] [oracle.iam.request.impl] [tid: [ACTIVE].ExecuteThread: '7' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: e171ff3c1743d36a:6c2e4f90:13ccdc4a231:-8000-00000000000006f8,0] [APP: oim#11.1.2.0.0] Exception thrown Index: 0, Size: 0[[
java.lang.IndexOutOfBoundsException: Index: 0, Size: 0
     at java.util.ArrayList.RangeCheck(ArrayList.java:547)
     at java.util.ArrayList.get(ArrayList.java:322)
     at oracle.iam.requestactions.approval.operationlevel.OrgBasedMethodology.getOrgDetails(OrgBasedMethodology.java:215)
-------------

Custom User Attributes not visible on user profile in OIM 11g

hi ,
As I have created a custom attribute in OIM11g. I am not able to view the attribute after I crate a User in OIM.
Please help me in solving my issue .
Thanks
srikanth

It's a very basic thing. Just try creating an Authorization Policy and you would know how to do it. For your refernce I am also pasting the excerpt from the same Metalink Article
After creating the UDF, please follow the below steps to make the UDF visible for modification by an admin user:
1. Navigate to create a new 'Authorization Policy'as below:
a. Login to UI and click on Administration
b. On the top left you will see the Authorization Policy tab
c. Now click on Create Authorization Policy
2. Please use the below information to create the Authorization Policy
a. Name: UDF policy
b. Entity Name: User Management
c. Permissionsc. Permissions:
i. Modify User Profile
ii. View User Profile
Please make sure that the UDF is selected in the attributes for these permissions.
d. Data Constraints: All Users
e. Policy assignment: All Users
3. Create a user called "useradmin' and add the below 2 roles:
a. All Users (This is default)
b. Identity User Administrators (This will provide the administrative tab to this user so that he can administer other users)
4. Create another end user called 'testuser1' populations the necessary fields.
5. Now login as 'useradmin'
6. Search for a user called 'testuser1' and open the user.

Auto provision different groups in oim 11g

Hi,
While provisioning a user to AD, I need to add few different different groups based on the user's dept code.
We have around 250 dept codes and I dont want to create 250 access policies to provision different groups based on the dept code.
Is there any other way to resovle my issue?
I am using OIM11g. Please let me know.

Adding more to Bikash Reply...
Create a Lookup with codekey as Dept Code and Decode as Groups like
Dept1->Group1
Dept1->Group2
Dept1->Group3
Write a code which retrieves the groups for corresponding dept code from the lookp, and in the same code call addProcessFormChildData(under tcFormInstanceOperationsIntf) for each group retrieved from lookup. Attach this adpater to new process task and call this task on success of create user task.
Reference:
JavaTask to be called after AD User provisioning succeeds
HTH

Initial Loading of User Details into OIM 11g from Peoplesoft

Hi,
I wanted to pull user both (employee/contractor) details into OIM from People Soft. Which connector should i use.?
PSFT User Management? or PSFT Employee Recon?
Initially the users doesn't exist in OIM. I am looking for something like initial loading.
Regards,
Ashok

Hi Kevin
As per earlier version of PS ER connector, Oracle® Identity Manager Connector Guide for PeopleSoft Employee Reconciliation, Release 9.1.0, on section 3 Extending the Functionality of the Connector, there is guide on how to extend the connector to pull additional attributes from PS , by using peoplecode..
But in Oracle® Identity Manager Connector Guide for PeopleSoft Employee Reconciliation,Release 11.1.1, am not able to find this information anymore.
On how to pull additional attributes from PS like department, division and location, which is custom attributes in PS
Please help !
Many thanks

Audit query for user history in OIM 11g

I would like to know if we can come up with a query to get the details of when and by whom a user has been modified over a certain time frame.
Thank you in advance.
Edited by: 937937 on Jan 30, 2013 1:00 PM

You should be able to use the OOTB reports for the User Profile History. Here is the query that is used in the report:
SELECT DISTINCT UPA_USR.USR_LOGIN AS USERID,
upa_usr.usr_first_name as FirstName,
upa_usr.USR_LAST_NAME as CurrentLastName,
upa_usr.ACT_NAME as Organization,
upa_usr.USR_MGR_FIRST_NAME as ManagerFirstName,
upa_usr.USR_MGR_LAST_NAME as ManagerLastName,
upa_usr.USR_MGR_LOGIN as ManagerUID,
upa_usr.USR_STATUS as Status,
upa_usr.USR_EMP_TYPE as EmployeeType,
upa_usr.create_date as IdentityCreationDate,
UPA_USR.UPA_USR_EFF_FROM_DATE AS EFFECTIVEFROMDATE,
UPA_USR.UPA_USR_EFF_FROM_DATE AS EFFECTIVEFROMTIME,
f1.field_name as UserProfileParameterName,
f1.field_new_value as UserProfileParameterValue
FROM UPA_USR LEFT OUTER JOIN UPA_GRP_MEMBERSHIP
ON upa_usr.upa_usr_key = upa_grp_membership.upa_usr_key,
upa_fields f1
WHERE UPA_USR.UPA_USR_KEY = F1.UPA_USR_KEY
And f1.field_name not like '%Key%'
And (nvl(:p_varchar_FN, ' ') = ' ' or upper(upa_usr.usr_first_name) like upper(:p_varchar_FN))
And (nvl(:p_varchar_LN, ' ') = ' ' or upper(upa_usr.usr_last_name) like upper(:p_varchar_LN))
And (nvl(:p_varchar_UID, ' ') = ' ' or upper(upa_usr.usr_login) like upper(:p_varchar_UID))
And (nvl(:p_varchar_Org, ' ') = ' ' or upper(upa_usr.act_name) like upper(:p_varchar_Org))
And (nvl(:p_varchar_GrpN, ' ') = ' ' or upper(upa_grp_membership.ugp_name) like upper(:p_varchar_GrpN))
And (nvl(:p_varchar_MgrID, ' ') = ' ' or upper(upa_usr.USR_MGR_LOGIN) like upper(:p_varchar_MgrID))
And (nvl(:p_varchar_Status, ' ') = ' ' or upper(upa_usr.usr_status) like upper(:p_varchar_Status))
AND (NVL(:P_VARCHAR_EMPTYPE, ' ') = ' ' OR UPPER(UPA_USR.USR_EMP_TYPE) LIKE UPPER(:P_VARCHAR_EMPTYPE))
AND upa_usr.upa_usr_eff_from_date between :p_date_UDateFrm And :p_date_UDateTo
AND NVL(upa_grp_membership.upa_grp_eff_from_date,:p_date_GDateTo) <= :p_date_GDateTo
AND NVL(UPA_GRP_MEMBERSHIP.UPA_GRP_EFF_TO_DATE,:p_date_GDateFrm) >= :p_date_GDateFrm
Order by upa_usr.usr_login, EffectiveFromDate, EffectiveFromTime
-Kevin

Event Handlers Invoked Everytime for update on User Profile.(OIM 11g)

Hi,
We had Custom event handlers for generating some fields on user form.
Everytime there is update on user profile on any field, All the event handlers fired, (As seen from logs).
I want to fire particular event handlers on particular update. Like if first name is updated then only display name event handler should fire. (not all)
How can i achieve this???

Here is my code..it is working fine for creation of the user. but when i am updating the user i am getting all null values except the updated one.
Example if there are 5 fields in that i am updating 2 .apart from those 2 fields the other 3 are coming as null which is making validation to fail.
package flatfilevalidation;
import java.io.Serializable;
import java.util.Date;
import java.util.HashMap;
import oracle.iam.platform.context.ContextAware;
import oracle.iam.platform.kernel.ValidationException;
import oracle.iam.platform.kernel.ValidationFailedException;
import oracle.iam.platform.kernel.spi.ValidationHandler;
import oracle.iam.platform.kernel.vo.BulkOrchestration;
import oracle.iam.platform.kernel.vo.Orchestration;
import oracle.iam.identity.usermgmt.api.UserManagerConstants.AttributeName;
import Thor.API.*;
import Thor.API.Exceptions.tcAPIException;
import Thor.API.Operations.*;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import oracle.iam.identity.usermgmt.api.UserManagerConstants;
import oracle.iam.identity.usermgmt.vo.User;
import oracle.iam.passwordmgmt.utils.MLSUtils;
import oracle.iam.platform.Platform;
import oracle.iam.platform.kernel.vo.OrchestrationTarget;
import oracle.iam.upgrade.changes.jaxb.Entity;
public class FFValidation implements ValidationHandler {
int count;
tcUserOperationsIntf userOperationsService;
Entity ent = null;
@Override
public void validate(long arg0, long arg1, Orchestration orchestration)
throws ValidationException, ValidationFailedException {
System.out.println("entered the Validation methode");
HashMap<String, Serializable> parameters = orchestration.getParameters();
System.out.println("****************************************************************");
User user = getUser(orchestration);
Object passwdOrchParam = parameters.get(UserManagerConstants.AttributeName.EMPLOYEE_NUMBER.getId());
System.out.println("***************************"+passwdOrchParam+"*************************************");
System.out.println("orch.getParameters() ============================ " + parameters);
String ceo="CEO";
String trainee="Trainee";
String Emp="EMP";
String Contractor="Contractor";
//int Skypecount,Empcount,phonecount;
String Role= getParameterValue(parameters, "Role");
String Designation = getParameterValue(parameters, "Designation");
Long Manager =getManagerid(parameters, "USR_MANAGER_KEY");
Date EndDate =getDate(parameters, "End Date");
String EmpNo=getParameterValue(parameters, "Employee Number");
String skypeid=getParameterValue(parameters, "SkypeId");
String Mobile=getParameterValue(parameters, "Mobile");
String skypeidDb="usr_udf_skypeid";
String MobileDb="usr_mobile";
String EmpDB="usr_emp_no";
//validating SkypeID
uniquevalidate(skypeid,skypeidDb);
//Validating Employee Number
uniquevalidate(EmpNo,EmpDB);
//Validating Employee Number
uniquevalidate(Mobile,MobileDb);
//CEO Validation
if(Designation.equals(ceo)){
if(Manager!=null){
String msg="ManagerID not required";
System.out.println("ManagerID not required ");
throw new ValidationFailedException(msg);
//Cotractor Validation
if(Role.equals(Contractor) && Designation.equals(ceo)) {
System.out.println(Designation.equals(ceo));
String msg="Contractor Cannot be CEO";
System.out.println("Contractor Cannot be CEO");
throw new ValidationFailedException(msg);
if(Role.equals(Contractor)&& EndDate==null) {
String msg="Contractor Endate is not provided";
System.out.println("Contractor Endate is not provided");
throw new ValidationFailedException(msg);
//Trainee Validation
if(Role.equals(trainee) && Designation.equals(ceo)) {
System.out.println(Designation.equals(ceo));
if(Designation.equals(ceo)) {
String msg="Trainee Cannot be CEO";
System.out.println("Trainee Cannot be CEO");
throw new ValidationFailedException(msg);
//manager validation
if(!Designation.equals(ceo)){
if(Manager==null){
String msg="ManagerID Can not be Null";
System.out.println("ManagerID Can not be Null");
throw new ValidationFailedException(msg);
//Employee Validation
if(Role.equals(Emp)){
if(EndDate!=null) {
String msg="Employee End Date Should be empty";
System.out.println("Employee End Date Should be empty");
throw new ValidationFailedException(msg);
@Override
public void validate(long arg0, long arg1, BulkOrchestration arg2)
throws ValidationException, ValidationFailedException {
System.out.println("**************Inside BulkOrchestration****************");
HashMap<String, Serializable> parameters = arg2.getParameters();
System.out.println("orch.getParameters() ============================ " + parameters);
@Override
public void initialize(HashMap<String, String> arg0) {
private String getParameterValue(HashMap<String, Serializable> parameters,
String key) {
String value = (parameters.get(key) instanceof ContextAware) ? (String) ((ContextAware) parameters
.get(key)).getObjectValue()
: (String) parameters.get(key);
System.out.println("VALUE::" + value);
return value;
private boolean isNullOrEmpty(String str) {
return str == null || str.isEmpty();
private Long getManagerid(HashMap<String, Serializable> parameters,
String key) {
System.out.println(parameters);
Long managerLogin = (parameters.get(AttributeName.MANAGER_KEY.getId()) instanceof ContextAware)
? (Long) ((ContextAware) parameters.get(AttributeName.MANAGER_KEY.getId())).getObjectValue()
: (Long) parameters.get(AttributeName.MANAGER_KEY.getId());
System.out.println("managerLogin "+managerLogin);
return managerLogin;
private Date getDate(HashMap<String, Serializable> parameters,
String key) {
System.out.println("date "+ parameters);
Date date = (parameters.get(AttributeName.ACCOUNT_END_DATE.getId()) instanceof ContextAware)
? (Date) ((ContextAware) parameters.get(AttributeName.ACCOUNT_END_DATE.getId())).getObjectValue()
: (Date) parameters.get(AttributeName.ACCOUNT_END_DATE.getId());
System.out.println("EndDate "+date);
return date;
void uniquevalidate(String idvalue,String idDbvalue){
userOperationsService = Platform.getService(tcUserOperationsIntf.class);
HashMap<String, String> UMAttr = new HashMap<String, String>();
String msg="Entered Value is not unique" + idvalue;
System.out.println("idvalue="+ idvalue);
System.out.println("idDbvalue="+ idDbvalue);
if(idvalue!=null){
try {
System.out.println("in try block");
UMAttr.put(idDbvalue, idvalue);
tcResultSet USAttr = userOperationsService.findUsers(UMAttr);
System.out.println(USAttr);
System.out.println("User set count ========================= " + USAttr.getRowCount());
count=USAttr.getRowCount();
if(count>0)
throw new ValidationFailedException(msg);
catch (tcAPIException e) {
e.printStackTrace();
private User getUser(Orchestration orchestration)
if(orchestration.getTarget() != null && orchestration.getTarget().getEntityId() != null)
return new User(orchestration.getTarget().getEntityId());
HashMap orchParams = orchestration.getParameters();
User user = new User(null);
Set orchParamNames = orchParams.keySet();
String orchParamName;
for(Iterator i$ = orchParamNames.iterator(); i$.hasNext(); user.setAttribute(orchParamName, orchParams.get(orchParamName)))
orchParamName = (String)i$.next();
MLSUtils.setStringValuesForMLSAttributes(user);
System.out.println("+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"+user);
return user;
}

Reconcile user groups to OIM (11g)

Similar Messages

Maybe you are looking for