Reconciliation of User's Manager Field using GTC

Hi,
Could anyone suggest how to manage the reconciliation of Manager field of users using GTC.
As for the first trusted reconciliation of users , the manager value coming from the source would not exist in OIM, so if we map the manager field of source with manager field in OIM, it would fail, as the manager user doesn't yet exist in OIM. How can we implement this.
Regards

Hi Rajiv,
Thanks for your response.
We have configured our GTC with the manager attribute mapped as well, in the sense, there are race conditions, manager user might not exist while OIM is reconciling and trying to create a user.
So, the recon event comes as Data Validation Failed. But eventually the users will be created and this Retry Failed Recon Events ST, which is OOTB will slowly resolve all the users as and when the users are created in OIM.
What happening is :- when i am running this Retry Failed Recon Events ST (as there are lots of failed recon events), OIM is crashing after every half n hour.
What i could see in logs is below:- Is this somehow related to CPU usage and Memory???
at oracle.iam.reconciliation.scheduledtasks.ReconRetrySchedulerTask.process(ReconRetrySchedulerTask.java:43)
at oracle.iam.reconciliation.scheduledtasks.ReconRetrySchedulerTask.process(ReconRetrySchedulerTask.java:43)
at oracle.iam.reconciliation.scheduledtasks.ReconRetrySchedulerTask.process(ReconRetrySchedulerTask.java:43)
>
/u01/oracle/admin/OIMDomain/mserver/OIMDomain/bin/startWebLogic.sh: line 180: 19488 Segmentation fault (core dumped) ${JAVA_HOME}/bin/java ${JAVA_VM} ${MEM_ARGS} -Dweblogic.Name=${SERVER_NAME} -Djava.se
curity.policy=${WL_HOME}/server/lib/weblogic.policy ${JAVA_OPTIONS} ${PROXY_SETTINGS} ${SERVER_CLASS}
<FINEST> <NodeManager> <Waiting for the process to die: 19417>
<INFO> <NodeManager> <Server failed so attempting to restart (restart count = 1)>
<INFO> <NodeManager> <Starting WebLogic server with command line: /u01/oracle/admin/OIMDomain/mserver/OIMDomain/bin/startWebLogic.sh >
<FINEST> <NodeManager> <Environment: TERM=xterm>
<FINEST> <NodeManager> <Environment: JAVA_HOME=/u01/oracle/product/fmw/11.1.2/jdk1.6.0_30>
Any Suggestions???
Thanks

Similar Messages

  • ABAP: SD user-exits - custom fields using from KNVV or VBAK

    Hi all,
    I have a technical question.
    I've created some custom fields in table KNVV. The values of these custom fields have to be used during Sales Order creation/modification for determining materials or princing, in sales order user-exits.
    My question is:
    During the Sales Order creation/modification, in the userexits:
    Is it preferable to get directly the values of the custom fields from KNVV?
    OR
    Is it preferable to transfer values of the custom fields from KNVV to VBAK (which was extended with the same custom fields like KNVV...) with transfer data, and then use only VBAK?
    Thanks in advance for your answers.
    Have a nice day!

    Anderton,
    I would prefer moving them to VBAK and then using it. Why?
    1. Once you have queried KNVV and moved it to VBAK you do not have to perform the select again.
    2. During SO change, you already have the data in VBAK so you do not have to fetch again from KNVV.
    3. Lets say the Z field was changed on KNVV after creation of SO and if your requirement is to use the Z field content when the SO was created, you cannot go back to KNVV since the data is changed. But if the same was stored in VBAK, you do not have that problem.
    Thanks,
    Vikram.M

  • How to register User custom field using PHP?

    Hi!
    I am looking for a way to share user specific data between connected users. For example, all participants should know each other IDs(our own system IDs, not LCCS).
    User's custom fields looks the best solution for this, but I can't find a way to register one using PHP, while creating room.
    How to register User's  custom field using PHP? Or may be there are better solution to make such things?

    Got it, just need to add new node to UserManager collection.
    const USER_MANAGER_COLLECTION = 'UserManager';
    static private $USER_MANAGER_CUSTOM_FIELD_CONFIGURATION = array(
       'accessModel'=>self::ROLE_VIEWER,
       'publishModel'=>self::ROLE_VIEWER,
       'persistItems'=>true,
       'modifyAnyItem'=>false,
       'userDependentItems'=>true,
       'sessionDependentItems'=>false,
       'itemStorageScheme'=>self::STORAGE_SCHEME_MANUAL,
       'allowPrivateMessages'=>true,
       'lazySubscription'=>false,
       'p2pDataMessaging'=>false
    const USER_INVITE_ID_CUSTOM_FIELD = 'inviteId';
    static private function createUserManagerCustomFields($room){
       $account = self::init();
       $collection = self::USER_MANAGER_COLLECTION;
       $account->subscribeCollection($room, $collection);
       $account->createNode($room, $collection, self::USER_INVITE_ID_CUSTOM_FIELD, self::$USER_MANAGER_CUSTOM_FIELD_CONFIGURATION);

  • New task assigned to user from CurrentItem:UserField using Assign task action is assigned to different user.

    Hello ! 
    I have run into "funny" problem. 
    I have following workflow:
    User is creating item in ListA. In new form he needs to put Manager which is User Field column type. From people picker he is choosing login name Domain\jo (Two letters seems to be important here). User is resolved correctly to John Doe. Item is saved and
    added to list correctly. In list view John Doe is displayed in Manager column. In view item John Doe is in Manager field. In powershell Id;#John Doe is as a Manager field value. 
    Now the "funny" part:
    After item is added to ListA workflow is started automatically. Workflow is assigning new task to user from Manager (CurrentItem:Manager) field using Assign task action. Now the new task is assigned to different person i.e. John Dimagio with login name DOMAIN\jod
    ! When I am logging value to wf history of the CurrentItem:Manager field I am getting sth like i;123#DOMAIN\jod . So value is completely different and wrong. 
    Can someone explain why is this happening? 
    My guess is that using two letters login name can cause such case but why ?
    Regards,

    Hello ! 
    I have run into "funny" problem. 
    I have following workflow:
    User is creating item in ListA. In new form he needs to put Manager which is User Field column type. From people picker he is choosing login name Domain\jo (Two letters seems to be important here). User is resolved correctly to John Doe. Item is saved and
    added to list correctly. In list view John Doe is displayed in Manager column. In view item John Doe is in Manager field. In powershell Id;#John Doe is as a Manager field value. 
    Now the "funny" part:
    After item is added to ListA workflow is started automatically. Workflow is assigning new task to user from Manager (CurrentItem:Manager) field using Assign task action. Now the new task is assigned to different person i.e. John Dimagio with login name DOMAIN\jod
    ! When I am logging value to wf history of the CurrentItem:Manager field I am getting sth like i;123#DOMAIN\jod . So value is completely different and wrong. 
    Can someone explain why is this happening? 
    My guess is that using two letters login name can cause such case but why ?
    Regards,

  • Populate Manager Field on Recon

    Hi, the manager attribute in the user-search-profile of the console is empty after each recon using DBAT connector to a non-dba_users table (by the way, the DBUM connector to a dba_users table DOES populate the manager field using the scheduled jobs). I'd like to get that job working that populates the manager field working with the DBAT table (which is the majority of accounts).
    When searching the manager field, the available choices are either full name or userid.
    Which path should I take to modify the DBAT job to populate the manager field?

    If you have to search on the basis of some value of manager and if nothing is available directly, don't write this manager key population code in the Process Event Handlers.
    Because since Process Event Handlers will always be triggered and they will always try to obtain Manager Login from your Database, even for any other user attribute.
    Also, it would mean that for 10000s of user records, 10000s times individual user records will connect with the trusted database for picking up their individual managers... Then it defeats the Trusted Source recon purpose...
    Rather write one separate custom scheduler which will be executed after say 30 minutes... It will Create database connection with your trusted database just once... So, in this way you are simply extending the OOTB Trusted Recon functionality... If you had the source code for OOTB database trusted recon, you would have embedded the logic to figure out the manager login for the user then and there itself... Since you don't have source code, you should let the OOTB recon do its default behavior. Don't use OOTB for manager, just populate USR_UDF_CUSTOM_MANAGER_SOME_VALUE attribute...
    And on day 0 Trusted recon when the volume will be a lot, after all recon events are properly linked, then execute your second custom scheduler for populating manager and also some other things which your OOTB doesn't provide for in a straight forward way... Don't use Event Handlers for handling this functionality... Use Event Handlers only if there is a way to figure out the manager login within OIM Database... And yes, in that case writing custom scheduler will be an overkill... At the same time if for figuring out manager is not straight-forward and you have to hit the Trusted Database on an individual basis, use custom scheduler which will be able to process 10000s records in one go... Take into consideration all points before making your design...

  • Sharepoint 2013 - Active Directory Import User Profile Property manager fields

    Hi there,
    I juste encountered actually a little issue regarding the Active Directory Import User Profil.
    Importation seems to work well but I have a little problem regarding the Manager field.
    When I verify a user profil through the sharepoint admin page ("Manage user profil") , I can see the manager field is correctly populated, but if I want to check my profil as a user (personal information), the manager field is not visible.
    With Sharepoint Admin and Manage Profil Properties, I haven't the possibility to modify some settings for the manager.
    For example, Policy parameters is greyed.
    The only way I found to show this field in a user profil is to give the permission "allow users to Edit values ...".... setting I don't want to set.
    Have you already this sort of issue ?
    Thanks for your help/idea.

    Hi Michael,
    I don't remember well what I did exactly regarding this issue because I played a lot with user profil.
    I know I used this powershell script from Sheyia which in fact help me a lot to clean and create a good profil setting.
    http://blogs.technet.com/b/sheyia/archive/2013/10/09/sharepoint-2013-another-way-to-change-order-for-user-profile-properties-via-powershell.aspx
    For example, this script help me to resolve some double entries.
    Let-me know if it help you (or not of course)

  • Generating Manager field in OID by using Pre-populate Adapter

    Hi All,
    I created a pre-populate Adapter that uses First name and Last name of user and add the manager field to OID during provisioning.
    But during provisioning i am getting Naming Exception.
    This is what i found in JBoss application server.
    09:30:58,828 INFO [STDOUT] Running CONCATENATEVARS
    09:30:58,828 INFO [STDOUT] Target Class = StringUtil
    09:30:58,921 INFO [STDOUT] Running CONCATENATEVARS
    09:30:58,921 INFO [STDOUT] Target Class = StringUtil
    09:30:59,640 INFO [STDOUT] Running GetTargetAttributeMapping
    09:30:59,703 INFO [STDOUT] Running GetProcessData
    09:30:59,859 INFO [STDOUT] Running SHOULDUSEXLORG
    09:30:59,875 INFO [STDOUT] Target Class = java.lang.Boolean
    09:30:59,875 INFO [STDOUT] Running SHOULDUSESSL
    09:30:59,875 INFO [STDOUT] Target Class = java.lang.Boolean
    09:30:59,875 INFO [STDOUT] Running CREATEUSER
    09:31:00,203 INFO [STDOUT] Target Class = com.thortech.xl.integration.OID.tcUtilOIDUserOperations
    09:31:00,250 INFO [OID] Parameter Variables passed into com.thortech.xl.integration.OID.tcUtilOIDUserOperations:tcUtilOIDUserOperations(s,s,s,s,s,o,o,b): are sServ
    sPort = 3060, sPrincipalDN = cn=orcladmin,
    09:31:00,281 INFO [OID] Parameter Variables passed into com.thortech.xl.integration.OID.util.tcUtilLDAPOperations:tcUtilLDAPOperations(): Login Variables are:: are
    = cn=orcladmin, sProviderURL = ldap://192.168.109.140:3060,
    09:31:00,281 INFO [OID] Parameter Variables passed into com.thortech.xl.integration.OID.tcUtilOIDUserOperations:createUser(S,S,S,S,S): are sContainerDN = cn=users,
    ER8,
    09:31:00,343 INFO [OID] com.thortech.xl.integration.OID.util.tcUtilLDAPOperations : connectToAvailableOID() : SSL option is not selected in ITResource
    09:31:00,359 INFO [OID] Parameter Variables passed into com.thortech.xl.integration.OID.tcUtilOIDUserOperations:formatOrgDN(s,s): are sOrgDN = cn=users, sRootDN =
    09:31:00,359 INFO [OID] Parameter Variables passed into com.thortech.xl.integration.OID.tcUtilOIDUserOperations:isObjectExists(S,S): are sContainerDN = cn=users,dc
    09:31:00,375 INFO [OID] Parameter Variables passed into com.thortech.xl.integration.OID.util.tcUtilLDAPOperations:search(S,S,b,S[]): are pSearchBase = cn=users,dc=
    09:31:00,390 INFO [OID] Parameter Variables passed into com.thortech.xl.integration.OID.util.tcUtilLDAPOperations:createObject(S,A): are pObjDN = cn=TESTUSER8,cn=u
    .BasicAttributes$IDEnumImpl@1217a79,
    09:31:00,515 ERROR [OID] ====================================================
    09:31:00,515 ERROR [OID] ERROR in OID:com.thortech.xl.integration.OID.util.tcUtilLDAPOperations:createObject(S,A) NamingExceptionUnable to create object
    09:31:00,515 ERROR [OID] ====================================================
    09:31:00,531 ERROR [OID] ====================================================
    09:31:00,531 ERROR [OID] cn=TESTUSER8,cn=users,dc=orademo,dc=com: [LDAP: error code 34 - Invalid DN Syntax]
    09:31:00,546 ERROR [OID] ====================================================
    09:31:00,546 ERROR [OID] ====================================================
    09:31:00,562 ERROR [OID] ERROR in com.thortech.xl.integration.OID.tcUtilOIDUserOperations:createUser(S,S,S,S,S) NamingExceptionError while connecting to target
    09:31:00,562 ERROR [OID] ====================================================
    09:31:00,578 ERROR [OID] ====================================================
    09:31:00,578 ERROR [OID] com.thortech.xl.integration.OID.util.tcUtilLDAPOperationsUnable to create objectNamingExceptioncn=TESTUSER8,cn=users,dc=orademo,dc=com: [LDA
    09:31:00,578 ERROR [OID] ====================================================
    09:31:00,593 ERROR [OID] ====================================================
    09:31:00,593 ERROR [OID] com.thortech.xl.integration.OID.util.tcUtilLDAPOperationsUnable to create objectNamingExceptioncn=TESTUSER8,cn=users,dc=orademo,dc=com: [LDA
    09:31:00,609 ERROR [OID] ====================================================
    Can anyone help me to come out of this.
    Thanks & Regards,
    Rajesh.

    Hi Rajiv,
    I am generating the value to the manager field in OID.I found this value getting generated in the OID user form.But this value is not provisioning during provisioning the user.
    In the OID Configuration Lookup table i found the manager is mapped to ldapManager.But when i connected to OID through ldap browser i didn't find this attribute.The manager attribute is not there.
    So can you help me to solve this.
    Thanks & Regards,
    Rajesh.

  • OIM 11gR2 Change default query on users manager field

    Hi, we are trying to change the default behaviour of users manager field.
    When a user is creating another user on OIM, he should only be able to select a particular type of users. So we would want to filter manager field based on a particular user role. For example: just show employees.
    At this point, we have checked User.xml searching for the associated query, we have tried to edit inputListOfValues for Manager on Create User form,... but still no idea on how this could be done.
    Could anyone point us on the rigth direction on how to achieve this?
    Thanks in advance!

    Karthik Perath
    Thanks for the answer....... but I guess you misread the question.  I am able to add new fields as columns to the search results table.  My problem is I want to add the searchable field to the query form.  Also, I do not want to use the Add Fields button (because that is a part of Saved Search which is Personalization and limited only to the creator) , I want the newly added searchable field. for example Employee Number ( which is not there by default)  to be made available to all the end users of Identity Self Service system..... Hope you got the problem... 

  • Deleting users using GTC - CSV connector

    Hi All,
    I am using GTC connector for trusted recon , create and update user functionality are working , but I am not able to delete the user using a GTC .
    Any Help would be highly appreciated .
    Thanks
    Regards
    Easwaran

    Lets assume we have a HR system and the user has got deleted in the system, the HR system drop a CSV file to a specified location with the details of the user to be deleted from the IDM system . Now the CSV GTC connector would need to read the record and delete the user .
    This can be done , I have done this using API calls , but i assume that there would be someway of doing this using the OOB GTC .I think we need to set the correct value for the status field to do this ..
    I am not sure what status to set.

  • Error -5002 when adding linked user defined field using DI API

    Hello,
    When I try to add a linked user defined field using DI API I get the error number -5002 with description:
    "The field 'Related Table' should consist of 8 alphanumeric characters with no valid or default values"
    I Get the error when I use the Add method.
    What is the solution for this problem? I use SBO 2005 A SP1 Patch 18
    The code I use is (.NET C# 2.0):
    SAPbobsCOM.IUserFieldsMD uf = (SAPbobsCOM.IUserFieldsMD)company.GetBusinessObject(SAPbobsCOM.BoObjectTypes.oUserFields);
    uf.Name = "S_BUCO";
    uf.TableName = "OPOR";
    uf.Type = SAPbobsCOM.BoFieldTypes.db_Memo;
    uf.SubType = SAPbobsCOM.BoFldSubTypes.st_Link;
    uf.LinkedTable = "S_BU";
    uf.Description = "Description";
    uf.Add()
    Regards,
    Jeffrey

    Hi Jeffrey,
    Your code above does not match the settings you are using in the UI. In particular, the type and subtype you are setting in code are not correct.
    To create the UDF via code, set the field types as follows:
    SAPbobsCOM.IUserFieldsMD uf = (SAPbobsCOM.IUserFieldsMD)company.GetBusinessObject(SAPbobsCOM.BoObjectTypes.oUserFields);
    uf.Name = "S_BUCO";
    uf.TableName = "OPOR";
    uf.Type = SAPbobsCOM.BoFieldTypes.db_Alpha;
    uf.EditSize = 8;
    uf.LinkedTable = "S_BU";
    uf.Description = "Description";
    uf.Add()
    There's no need to set the SubType property as you require a regular alphanumeric field.
    Kind Regards,
    Owen

  • Making Manager field in user details tab mandatory in GRC 10

    While raising the GRC Access request, I would like to make the Manager field madatory to be filled.  What is happening now,, the requestor is raising the request without manager field filled, and its not able to find the manager as per the route and the request get cancelled.
    Is there a option to modify the field to make it mandatory by red asterik as its there for other fields in user details tab.
    Response is appreciated.

    Hi ,
    Please Navigate to IMG > Governance, Risk and Compliance >  Access Control > User Provisioning > Maintain End User Personalization.
    There are four columns of fields that can be maintained:
    -  Default value
    - Mandatory
    - Editable
    - Visible
    By Choosing YES or NO from the dropdown list under the Mandatory field, any field on the Access Request screen can be made mandatory.
    Hope this helps.
    Vikas

  • What User Exit can I use to add a cust field to PO Item overview in ME23n?

    Hi,
    I need help!
    Does anyone have any examples of adding a new cust field to PO Item Detail screen with a user exit?
    In transactions ME21n, ME22n, ME23n I need to add a new field in PO Item overview (screen 1211 of SAPLMEGUI). The new field ZZUNSPSC, has been appended to table EKPO as a 30 char field, which will be enterable/changeable on the ME21n, ME22n screens and display only on ME23n.
    Which user exit I can use for the purpose of adding a new input/output field to the PO item overview on SAPLMEGUI screen 1211?
    We are on release SAP ERP Central Component 5.0

    Hi,
    Thank you for the response.  I tried this and found  Badi ME_PROCESS_PO_CUST.  Do you have any examples of adding a new cust field to PO Item overview screen using badi ME_PROCESS_PO_CUST? I have had little experience creating badi's, and would appreciate very much some sample code if possible.
    In transactions ME21n, ME22n, ME23n I need to add a new field in PO Item overview (screen 1211 of SAPLMEGUI). The new field ZZUNSPSC, has been appended to table EKPO as a 30 char field, which will be enterable/changeable on the ME21n, ME22n screens and display only on ME23n.
    Can you tell me if method FIELDSELECTION_ITEM of badi ME_PROCESS_PO_CUST the correct one to use for the purpose of adding a new input/output field to the PO item overview on SAPLMEGUI screen 1211?
    Thank you for help - much appreciated,
    Vicki

  • How to use user defined contact fields in the intelligent group builder

    In Apple Contacts it seems not being possible to build an intelligent contact group using an user defined, additional field. The builder seems to work exclusively with a system defined selection of the basic database fields. Please, tell me, that there is a way ...

    Please, can sombody out there help?

  • Update User Defined Field using DBDataSource

    Hi All,
    I'm trying to update the user defined field using the DBDataSource object.  However an error occurred - "Item is not a User-Defined Field".
    The code used is as follows:
    Dim oDS as SAPbouiCOM.DBDataSource
    Dim oForm as SAPbouiCOM.Form
    Set oForm = SBO_Application.Forms.GetForm("139", 1)
    Set oDS = oForm.DataSources.DBDataSources.Item("ORDR")
    oDS.SetValue("U_Field1",oDS.Offset,"abc")
    Please help.

    If you haven´t put the field directly in the standard form the user defined fields are in a different form. This form has the same type but with "-" before it.
    So so should use this code to get the user defined fields form:
    Set oForm = SBO_Application.Forms.GetForm("-139", 1)
    Maybe this can be the cause

  • How to populate manager field of user while recon

    Hi,
    I want to populate Manager field while recon. In recon i am getting manager's employee number for particular user so i have to fetch name for that number and i have to map to manager field for that particular user in oim
    how can i acheive this, i am thinking to implement post process event handler is it ryt way
    Regards,
    user7609

    Depending upon your target system you need to modify below given transformation lookup.
    If you have configured your target system as a target resource, then search for and open one of the following lookup definitions:
    Lookup.DBUM.DB2.TargetRecon.Transformation
    Lookup.DBUM.MSSQL.TargetRecon.Transformation
    Lookup.DBUM.MySQL.TargetRecon.Transformation
    Lookup.DBUM.Oracle.TargetRecon.Transformation
    Lookup.DBUM.Sybase.TargetRecon.Transformation
    Add In the Code Key, enter the resource object attribute name. In the Decode, enter the class name that implements the validation logic.
    You need to write separate translation adapter for each field.
    Hope this helps you!
    Thanks,
    Pallavi

Maybe you are looking for