Rule based Role membership in OIA is not pushing to OIM

Hi All,
Rule based Role membership in OIA is not pushing to OIM due to error as
00:01:38,055 DEBUG [DBIAMSolution] Group Role container for JDE.JDE_BHRUSRTT found...
00:01:38,144 ERROR [DBIAMSolution] Error Occured while adding users to role
Thor.API.Exceptions.tcAPIException: Error occurred while find User information: USER_NOT_FOUND
at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:234)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:348)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:259)
at Thor.API.Operations.tcGroupOperationsIntf_13pobh_tcGroupOperationsIntfRemoteImpl_1035_WLStub.getAllMemberUsersx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
at $Proxy396.getAllMemberUsersx(Unknown Source)
at Thor.API.Operations.tcGroupOperationsIntfDelegate.getAllMemberUsers(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Meth
Any one can help will be appreciate...
Thanks
Bikas
Edited by: Bikas Mandal on Mar 27, 2013 6:15 AM

Try these steps and let me know what you see:
Login to OIA > Administration > Configuration > Workflows
Select Role membership create workflow
And check if you have added OIM provisioning server in the Step5 of the workflow.
Cheers,
Vamsi.

Similar Messages

  • OIM 11g: Issue while evaluating rule for Role Membership

    Hello All,
    I have configured few General Rules using 2 of our User Defined Fields, these general rules are used to determine role membership.
    What we observed that once "Identity Status" attribute is set to "Disabled" for OIM User Profile then OIM stops evaluating these configured General Rules for Role Membership.
    Env Details:
    Product Version: Oracle Identity Manager 11.1.1.5.0
    App Server: WebLogic Server Version: 10.3.5.0
    OS: Red Hat Enterprise Linux Server release 5.5
    Database: Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64 bit
    Please let me know if any of you have encounter this issue and if there is any workaround available for it.
    Thanks,
    Shyam

    Re: OIM11g: Resource not revoked if the Identity Status is DISABLED
    XL.EvaluateMembershipForInactiveUser
    Workaround:
    You can make you of Event Handler and assign that group with APIs.

  • Error in auto role assignment based on membership rule

    Hi All,
    Now this is a strange behavior I am finding. I had created an auto-membership rule in OIM and had assigned that to a role in my OIM. Now whenever I created an user, and based on a custom attribute that I was setting in the create user page. Now this was working totally fine. After that I did LDAP Sync and all and I am sure it was working even then. Now suddenly the auto assignment of role has stopped working and the user doesn't seem to get the role automatically at all.
    And more strange is the point that when I modify any attribute in the user profile, the membership rule gets triggered just like it should during the user creation.
    Can someone suggest anything for this if they have faced the same?
    Thanks,
    $id

    I had been struggling with Role membership and access policies myself on 11.1.1.5.2.
    Look at the following articles if those help:
    Auto Role Membership Not Getting Evaluated On Create Event With Custom Post-Proccess Event Handler [ID 1469286.1]
    Role Memberships Given, But Access Policies Not Triggered For Enabled Users [ID 1473348.1]
    As for the limited release 11.1.1.5.2AK patch, it changes the way event handlers are triggered and the way access policy is re-evaluated. Also in that patch Oracle has given out new API for getting the service in event handler and that is supposed to bring order and synchronization of the event handlers. As far as confirmation from support goes, the event handlers are same from B2 to B3 and B4. Oracle is waiting to hear from customers about the results of the 11.1.1.5.2AK patch before it would be made available in GA.
    -Bikash
    Ref: {thread:id=2421106}

  • Issue in evaluation of Role Membership Rule in gtc trusted recon.

    Hi All,
    I got a issue in evaluation of role membership in gtc trusted recon.
    i created a custom UDF in user profile.i am updating that field from gtc trusted recon.
    i created a rule based on that custom UDF.But that is not triggering while we run the gtc trusted recon.users are coming to oim from database .but rule is not evaluating.
    if we manually create any user rule is evaluating.role is assingning .
    how to solve this problem.it is very urgent for me.
    thanks in advance.
    -Hanuman

    hi bikash,
    i am using oim 11.1.1.5 version.
    Access policy is triggering if role is assigned to the user ,when i directly create the user in oim, instead of gtc trusted recon.
    that udf field is mobile status.it is custom udf .
    Thanks & Regards,
    Hanuman. T

  • Custom plugin based on user role membership

    Hi all,
    I would like to develope a custom plugin that generates account userid (on process form) with different syntax against role membership.
    With "syntax" I mean name.surname.random_number for employee users and surname.company.random_number for example.
    I'll try to explain the scenario more in details:
    1. I create a user identity through a request
    2. After user identity has created successfully, I assign a role to the user. Since roles are associated with access policies, role assignment triggers provisioning on target system.
    3. The custom plugin that I would like to develope shuold be able to generate proper userid against role membership. For example if I assigned the role "Project Manager" the custom plugin should generate the account userid with name.surname.random_number format; viceversa if I assigned the role "External Reseller" the custom plugin should generate the account userid with surname.company.random_number format.
    Looking for custom plugin based on role membership in forum, I found a couple of threads about this subject:
    - Email notifications after role grant
    - Re: OIM 11g Role Membership Event Handlers.
    I tried to implement what explained in the threads, but I would be sure about what I've done.
    Here what I've done:
    1. created plugin.xml file
    2. created EventHandler.xml metadata file
    3. developed a java calss for testing pourpose
    4. copied the custom plugin class to OIM server for example in $MIDDLEWARE_HOME/OIMPlugins/lib
    NOTE: during this operation I have exactly mantained the same directory structure of custom java package.
    For example custom plugin class is under my.custom.plugin java package and I have copied custom java class under $MIDDLEWARE_HOME/OIMPlugins/lib/my/custom/plugin folder
    5. created a zip file containing custom plugin class (always with its directory structure) and plugin.xml file
    6. copied the zip file to $OIM_HOME/server/plugins
    7. edited ant.properties file (under $OIM_HOME/server/plugin_utility) setting wls.home and oim.home variables
    8. built the wlfullclient.jar (only the first time)
    9. registered the custom plugin
    10. created the custom plugin dataset file
    11. imported it in OIM database using "weblogicImportMetadata" utility
    12. purged cache using "PurgeCache" utility
    NOTE: all the steps above was executed using the system user running OIM process
    test java class
    package com.zeropiu.sky.custom.eventhandlers;
    import java.io.Serializable;
    import java.util.HashMap;
    import com.thortech.util.logging.Logger;
    import oracle.iam.platform.kernel.spi.ConditionalEventHandler;
    import oracle.iam.platform.kernel.spi.PostProcessHandler;
    import oracle.iam.platform.kernel.vo.AbstractGenericOrchestration;
    import oracle.iam.platform.kernel.vo.BulkEventResult;
    import oracle.iam.platform.kernel.vo.BulkOrchestration;
    import oracle.iam.platform.kernel.vo.EventResult;
    import oracle.iam.platform.kernel.vo.Orchestration;
    import oracle.iam.platform.context.ContextManager;
    import java.util.Set;
    public class TestUserAnonimi implements PostProcessHandler, ConditionalEventHandler {
         private static final Logger logger = Logger.getLogger("com.zeropiu.sky.custom.eventhandlers");
    private static final String className = "TestUserAnonimi";
         @Override
         public void initialize(HashMap<String, String> arg0) {
              // TODO Auto-generated method stub
              String methodName = "initialize";
              System.out.println("###### " + className + " - " + methodName);
         @Override
         public boolean isApplicable(AbstractGenericOrchestration abstractGenericOrchestration) {
              // TODO Auto-generated method stub
              String methodName = "isApplicable";
    System.out.println("###### " + className + " - " + methodName + " - STARTED");
    System.out.println("###### " + className + " - " + methodName + " - ContextManager.getContextType(): " + ContextManager.getContextType());
    System.out.println("###### " + className + " - " + methodName + " - ContextManager.getContextSubType(): " + ContextManager.getContextSubType());
    System.out.println("###### " + className + " - " + methodName + " - abstractGenericOrchestration.getOperation(): " + abstractGenericOrchestration.getOperation());
    System.out.println("###### " + className + " - " + methodName + " - Printing ContextManager parameters");
    HashMap allContextManagerPairs = ContextManager.getAllValuesFromCurrentContext();
    Set<String> allContextManagerParams = allContextManagerPairs.keySet();
    String[] parameters = allContextManagerParams.toArray(new String[allContextManagerParams.size()]);
    for (int i = 0; i < parameters.length; i++) {
              System.out.println("###### " + className + " - " + methodName + " - Context parameter " + i + ": " + parameters[i] + " - Object type is: " + Utils.getObjectType(ContextManager.getValue(parameters)));
    System.out.println("###### " + className + " - " + methodName + " - ENDED");
    return true;
         @Override
         public boolean cancel(long arg0, long arg1,     AbstractGenericOrchestration arg2) {
              // TODO Auto-generated method stub
              String methodName = "cancel";
              System.out.println("###### " + className + " - " + methodName);
              return false;
         @Override
         public void compensate(long arg0, long arg1, AbstractGenericOrchestration arg2) {
              // TODO Auto-generated method stub
              String methodName = "compensate";
              System.out.println("###### " + className + " - " + methodName);
         @Override
         public EventResult execute(long arg0, long arg1, Orchestration orchestration) {
              // TODO Auto-generated method stub
              String methodName = "Eventresult execute";
              System.out.println("###### " + className + " - " + methodName);
              return null;
         @Override
         public BulkEventResult execute(long arg0, long arg1, BulkOrchestration arg2) {
              // TODO Auto-generated method stub
              String methodName = "BulkEventResult execute";
              System.out.println("###### " + className + " - " + methodName);
              return null;
    plugin.xml file
    <?xml version="1.0" encoding="UTF-8"?>
    <oimplugins xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <plugins pluginpoint="oracle.iam.platform.kernel.spi.EventHandler">
    <plugin pluginclass="com.zeropiu.sky.custom.eventhandlers.TestUserAnonimi" version="1.0" name="TestUserAnonimi">
    </plugin>
    </plugins>
    </oimplugins>
    EventHandler.xml metadata file
    <?xml version='1.0' encoding='UTF-8'?>
    <eventhandlers xmlns="http://www.oracle.com/schema/oim/platform/kernel" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.oracle.com/schema/oim/platform/kernel orchestration-handlers.xsd">
    <action-handler class="com.zeropiu.sky.custom.eventhandlers.TestUserAnonimi" entity-type="RoleUser" operation="CREATE" name="TestUserAnonimi" stage="preprocess" order="1007" sync="FALSE" />
    </eventhandlers>When I assign a role to a user through OIM web interface, I can see in OIM log file all System.out.println contained in initialize(), isApplicable() and BulkEventResult execute() methods. Is it correct? Can I implement my custom plugin logic now, or my starting point is wrong?
    ###### TestUserAnonimi - initialize
    ###### TestUserAnonimi - isApplicable - STARTED
    ###### TestUserAnonimi - isApplicable - ContextManager.getContextType(): ADMIN
    ###### TestUserAnonimi - isApplicable - ContextManager.getContextSubType():
    ###### TestUserAnonimi - isApplicable - abstractGenericOrchestration.getOperation(): CREATE
    ###### TestUserAnonimi - isApplicable - Printing ContextManager parameters
    ###### TestUserAnonimi - isApplicable - Context parameter 0: origuser - Object type is: java.lang.String
    ###### TestUserAnonimi - isApplicable - Context parameter 1: oimuser - Object type is: java.lang.String
    ###### TestUserAnonimi - isApplicable - Context parameter 2: RESOLVED_LOCALE - Object type is: java.lang.String
    ###### TestUserAnonimi - isApplicable - Context parameter 3: counter - Object type is: java.lang.String
    ###### TestUserAnonimi - isApplicable - Context parameter 4: TIME_ZONE - Object type is: java.lang.String
    ###### TestUserAnonimi - isApplicable - Context parameter 5: ipaddress - Object type is: java.lang.String
    ###### TestUserAnonimi - isApplicable - ENDED
    ##### TestUserAnonimi - BulkEventResult execute
    Thanks,
    Daniele
    Edited by: 886636 on Jan 24, 2012 2:53 AM
    Edited by: 886636 on Jan 24, 2012 2:53 AM

    Probably I don't explain myself clearly....sorry for that!
    Anyway you are right, the role of the user can change after the user is initially provisioned.
    I'll try to summarize to be sure to have understood your answer and to explain my scenario more in details:
    1. After user identity creation, I'll assign the role "Project Manager". Before role assignment the user has not any role. So using a pre-populate adapter I can retrieve the assigned role and compose the right userid.
    2. After step 1, I need to assign another role to the user, the new role should be "External Reseller" for example. In this case the user has a role already. What I would is: basing on the role that I'm assigning (External Reseller), the pre-populate should compose the right userid. Obviously this second userid will be different from the first one and this means a new account will be created for the user. At the moment I don't care to deprovisioning the first userid.
    Is it possible with pre-populate adapter?
    Sorry again for my not very clear explanations.
    Daniele
    Edited by: 886636 on Jan 24, 2012 4:10 AM

  • Implementing roles and rules based authorisation with Azure AD

    Hi all,
    I would greatly appreciate some input on feasibility and patterns I should look at for a complex technical requirement that I am currently tasked with designing.
    We have a system that comprises a web and mobile app. In the past we have implemented session based authentication through ADAM and authorisation through custom business rules contained within the applications. The authentication mechanism is in the process
    of being migrated to Azure AD and authorisation is planned to be moved to Azure AD for our next release.
    Existing authorisation within our web application is already complex. We have users that belong to different groups with a range of permissions such as read, write or admin. Additionally each user is granted access to N customers and also N locations within
    each customer. We have a requirement that any number of combinations of customers and locations be supported. Users also need to have different permissions for each entity, i.e. read access to customer 1 location 2, write access to customer 4 and administer
    customer 7. Currently these privileges are maintained within a relational database and enforced as part of each PageLoad(). Essentially this is a combination of roles and rules based authorisation.
    We are struggling to represent this complex matrix structure within Azure AD and efficiently implement the authorisation decision in Azure AD. The driver for this technical requirement is to provide re-usability of the authorisation component to other (as
    yet unidentified) applications.
    Currently the best option we have come up with is implementing custom attributes for each class of permissions and storing within this 2048 bit field a bitmask that represents whether this permission is granted for a given location (which has a many to one
    relationship with customer).
    Any help or comment would be gratefully received,
    Phil

    Hi
    When "Advance routing" is used for Task assignment; the task service asserts the folllowing fact types : Task, PreviousOutcome and TaskAction to the rules engine. These facts gives all the reqd info about the task (like outcome of the participant, task stage .. etc)
    Now in the defined ruleset; we can have rules as per our requirement that can extract info from the asserted fact types and assign task to the required/next participant.
    Also note that we write the advance rules for exception cases only.
    For example; let's say all participants have 2 possible Outcomes [COMPLETE, RECHECK]. We have defined the ideal task routing flow as :
    Participant A -> Participant B -> Participant C. This is the flow when all participant selects "COMPLETE"
    Now suppose B selects outcome as "RECHECK" then the task shld move back to A. So for this case only we need to write a advance rule.
    Pls refer to the code sample at : http://download.oracle.com/technology/sample_code/hwf/workflow-106-IterativeDesign.zip
    Also dev guide : refer to section 28.3.7.2 http://download.oracle.com/docs/cd/E14571_01/integration.1111/e10224/bp_hwfmodel.htm#BABBFEJJ
    Thanks
    Edited by: Kania on May 19, 2010 2:41 AM

  • Date-based group or role membership

    Hello,
    For a particular application, using Sun ONE DS 5.2, I'd like to be able to define start and end dates for a users membership of a group or a role. I realise I can do this by using an external program to examine start and end date attributes for a user and then adjusting an attribute that either makes them a member of a dynamic group or a role.
    But is there any way to do it entirely within the Directory Server itself by clever group/role/CoS definitions and comparison of date attributes ?
    Any thoughts / hints / suggestions would be greatly appreciated.

    Probably I don't explain myself clearly....sorry for that!
    Anyway you are right, the role of the user can change after the user is initially provisioned.
    I'll try to summarize to be sure to have understood your answer and to explain my scenario more in details:
    1. After user identity creation, I'll assign the role "Project Manager". Before role assignment the user has not any role. So using a pre-populate adapter I can retrieve the assigned role and compose the right userid.
    2. After step 1, I need to assign another role to the user, the new role should be "External Reseller" for example. In this case the user has a role already. What I would is: basing on the role that I'm assigning (External Reseller), the pre-populate should compose the right userid. Obviously this second userid will be different from the first one and this means a new account will be created for the user. At the moment I don't care to deprovisioning the first userid.
    Is it possible with pre-populate adapter?
    Sorry again for my not very clear explanations.
    Daniele
    Edited by: 886636 on Jan 24, 2012 4:10 AM

  • OIM 11g R2 Membership rules and roles

    All,
    I have noticed that the NOT operator is not available while creating the membership rules in roles.
    Is there any work around for this?
    I am planning to write a post process event handler to add the roles if I can't find any other way around this.

    You can add elements but that would be difficult to manage. Suppose you have 100 departments and you want exclude Department 1000 then it would be difficult to add Department 1 to Department 999 in your rule.
    As of now you can go ahead with your Event handler.
    I opened an ER with Oracle long back.

  • Rule based ATP is not working for Components

    Hi All,
    Our requirement is to do availability check through APO for Sales order created in ECC,so we are using gATP.
    Requirement: We are creating salesorder for BOM header (Sales BOM) and avaialbility check should happen for components i.e. Product avalaibility & Rule based substitution.
    Issue: Product availiabilty is working for components but rules based substituion is working,  mean Rules are not getting determind for components.
    Settings:
    - Header doesnot exist in APO and compnents do exist in APO
    - Availability check is not enabled for header item category and enabled for Item category for components
    - Rules have been created for Components in APO
    - Rule base ATP is activated in Check instructions
    We have also tried MATP for this i.e. PPM created in APO but still didn't get the desired result.
    If we create salesorder for the component material directly then Rule based ATP is happening, so for components Rule based ATP is not working.
    How do we enable enable Rulesbased ATP for components, i mean is there any different way to do the same.
    Thanks for help.
    Regards,
    Jagadeesh

    Hi Jagdeesh,
    If you are creating BOM in ECC and CIFing PPM of FG/Header material to APO, I think you need to CIF Header material, too, with material integration model.
    Please include header material in you integration models for material, SO and ATP check as well.
    For component availability check, you can use MATP; but for MATP, FG should be in APO. You need not to CIF any receipts of FG (stock, planned orders, POs etc), so that MATP will be triggered directly. Then maintaining Rules for RMs will enable to select available RMs according to the rule created.
    Regards,
    Bipin

  • OIA : Import Users, Accounts, User Role Memberships and Entitlements

    Hi,
    I have intgrated OIM 11.1.1.5 with OIA 11.1.1.5. I am trying to execute scheduled job in OIA " Import Users, Accounts, User Role Memberships and Entitlements"
    which in turn invokes scheduled job some of them are :
    OIM Staging Tables Collection Status Failed with following exception
    Accounts imported from OIM staging table : Status In progress for more than 2 hours
    Please provide pointer to resolve this :
    11:06:15,915 DEBUG [RbacxDataImporterImpl] --> imported 28 metadata items StopWatch 'import Attribute Value Metadata': running time (millis) = 0
    11:06:15,917 INFO [IamDbEntitlementImportHelperImpl] Imported 28 entitlements
    11:06:15,917 DEBUG [DBIAMSolution] publishing import completed event...
    11:06:15,917 DEBUG [AuthenticationEventsListener] Listening application event
    11:06:15,917 DEBUG [DefaultIAMListener] Queuing IAM Event.com.vaau.rbacx.iam.IAMEvent[source=com.vaau.rbacx.iam.db.DBIAMSolution@133e9a5e]
    11:06:15,917 DEBUG [IamDbEntitlementImportHelperImpl] Completing import run id ---> 31
    11:06:15,917 DEBUG [DefaultJobMonitor] MonitorMap{status=3, totalCount=28, currentCount=28, iamType=ENTITLEMENTS IMPORT}
    11:06:15,917 DEBUG [DefaultJobMonitor] MergedMap{status=3, totalCount=28, currentCount=28, iamType=ENTITLEMENTS IMPORT}
    11:06:15,917 DEBUG [DBIAMSolution] Importing Users
    11:06:15,918 DEBUG [DefaultJobMonitor] MonitorMap{status=6, totalCount=0, currentCount=0, iamType=DATA IMPORT}
    11:06:15,918 DEBUG [DefaultJobMonitor] MergedMap{status=6, totalCount=0, currentCount=0, iamType=DATA IMPORT}
    11:06:15,918 DEBUG [IamDbUserImporterImpl] DBUsers Import Start ...
    11:06:15,918 DEBUG [DBIAMSolution] publishing import starting event...
    11:06:15,918 DEBUG [AuthenticationEventsListener] Listening application event
    11:06:15,918 DEBUG [DefaultIAMListener] storing new ImportRun
    11:06:15,918 DEBUG [SequenceGeneratorServiceImpl] Getting MemorySequence for sequence name com.vaau.rbacx.iam.domain.ImportRun
    11:06:15,918 DEBUG [SequenceGeneratorServiceImpl] Returning count for sequence name com.vaau.rbacx.iam.domain.ImportRun, count = 32
    11:06:15,920 DEBUG [SequenceGeneratorServiceImpl] Getting MemorySequence for sequence name ImportRunStepId
    11:06:15,920 DEBUG [SequenceGeneratorServiceImpl] Returning count for sequence name ImportRunStepId, count = 32
    11:06:15,924 DEBUG [IamDbUserImporterImpl] Starting import run id ---> 32
    11:06:15,987 ERROR [IamDbUserManagerImpl] Problem retrieving IAM userIds from db
    *org.springframework.jdbc.UncategorizedSQLException: SqlMapClient operation; uncategorized SQLException for SQL []; SQL state [null]; error code [0];*
    --- The error occurred in com/vaau/rbacx/iam/db/dao/ibatis/maps/IamDbUser.xml.
    --- The error occurred while executing query.
    --- Check the select id from oia_staging_users .
    --- Check the SQL Statement (preparation failed).
    --- Cause: java.sql.SQLException: Unable to start the Universal Connection Pool: oracle.ucp.UniversalConnectionPoolException: Cannot get Connection from Datasource; nested exception is com.ibatis.common.jdbc.exception.NestedSQLException:
    --- The error occurred in com/vaau/rbacx/iam/db/dao/ibatis/maps/IamDbUser.xml.
    --- The error occurred while executing query.
    --- Check the select id from oia_staging_users .
    --- Check the SQL Statement (preparation failed).
    --- Cause: java.sql.SQLException: Unable to start the Universal Connection Pool: oracle.ucp.UniversalConnectionPoolException: Cannot get Connection from Datasource
         at org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.translate(AbstractFallbackSQLExceptionTranslator.java:83)
         at org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.translate(AbstractFallbackSQLExceptionTranslator.java:80)
         at org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.translate(AbstractFallbackSQLExceptionTranslator.java:80)
         at org.springframework.orm.ibatis.SqlMapClientTemplate.execute(SqlMapClientTemplate.java:212)
         at org.springframework.orm.ibatis.SqlMapClientTemplate.executeWithListResult(SqlMapClientTemplate.java:249)
         at org.springframework.orm.ibatis.SqlMapClientTemplate.queryForList(SqlMapClientTemplate.java:296)
         at org.springframework.orm.ibatis.SqlMapClientTemplate.queryForList(SqlMapClientTemplate.java:290)
         at com.vaau.rbacx.iam.db.dao.ibatis.SqlMapIamDbUserDao.findAllUserIds(SqlMapIamDbUserDao.java:48)
         at com.vaau.rbacx.iam.db.manager.IamDbUserManagerImpl.getUserIds(IamDbUserManagerImpl.java:48)
         at com.vaau.rbacx.iam.db.helpers.IamDbUserImporterImpl.readUsers(IamDbUserImporterImpl.java:78)
         at com.vaau.rbacx.iam.db.DBIAMSolution.doDataLoad(DBIAMSolution.java:547)
         at com.vaau.rbacx.iam.db.DBIAMSolution.loadData(DBIAMSolution.java:284)
         at com.vaau.rbacx.iam.service.impl.RbacxIAMServiceImpl.dataLoad(RbacxIAMServiceImpl.java:510)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
         at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
         at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
         at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
         at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
         at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
         at $Proxy132.dataLoad(Unknown Source)
         at com.vaau.rbacx.scheduling.executor.iam.DbIamJobExecutor.execute(DbIamJobExecutor.java:83)
         at com.vaau.rbacx.scheduling.manager.providers.quartz.jobs.AbstractJob.execute(AbstractJob.java:72)
         at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
         at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:534)
    Caused by: com.ibatis.common.jdbc.exception.NestedSQLException:
    --- The error occurred in com/vaau/rbacx/iam/db/dao/ibatis/maps/IamDbUser.xml.
    --- The error occurred while executing query.
    --- Check the select id from oia_staging_users .
    --- Check the SQL Statement (preparation failed).
    --- Cause: java.sql.SQLException: Unable to start the Universal Connection Pool: oracle.ucp.UniversalConnectionPoolException: Cannot get Connection from Datasource
         at com.ibatis.sqlmap.engine.mapping.statement.MappedStatement.executeQueryWithCallback(MappedStatement.java:201)
         at com.ibatis.sqlmap.engine.mapping.statement.MappedStatement.executeQueryForList(MappedStatement.java:139)
         at com.ibatis.sqlmap.engine.impl.SqlMapExecutorDelegate.queryForList(SqlMapExecutorDelegate.java:578)
         at com.ibatis.sqlmap.engine.impl.SqlMapExecutorDelegate.queryForList(SqlMapExecutorDelegate.java:552)
         at com.ibatis.sqlmap.engine.impl.SqlMapSessionImpl.queryForList(SqlMapSessionImpl.java:118)
         at org.springframework.orm.ibatis.SqlMapClientTemplate$3.doInSqlMapClient(SqlMapClientTemplate.java:298)
         at org.springframework.orm.ibatis.SqlMapClientTemplate.execute(SqlMapClientTemplate.java:209)
         at org.springframework.orm.ibatis.SqlMapClientTemplate.executeWithListResult(SqlMapClientTemplate.java:249)
         at org.springframework.orm.ibatis.SqlMapClientTemplate.queryForList(SqlMapClientTemplate.java:296)
         at org.springframework.orm.ibatis.SqlMapClientTemplate.queryForList(SqlMapClientTemplate.java:290)
         at com.vaau.rbacx.iam.db.dao.ibatis.SqlMapIamDbUserDao.findAllUserIds(SqlMapIamDbUserDao.java:48)
         at com.vaau.rbacx.iam.db.manager.IamDbUserManagerImpl.getUserIds(IamDbUserManagerImpl.java:48)
         at com.vaau.rbacx.iam.db.helpers.IamDbUserImporterImpl.readUsers(IamDbUserImporterImpl.java:78)
         at com.vaau.rbacx.iam.db.DBIAMSolution.doDataLoad(DBIAMSolution.java:547)
         at com.vaau.rbacx.iam.db.DBIAMSolution.loadData(DBIAMSolution.java:284)
         at com.vaau.rbacx.iam.service.impl.RbacxIAMServiceImpl.dataLoad(RbacxIAMServiceImpl.java:510)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
         at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
         at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
         at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
         at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
         at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
         at $Proxy132.dataLoad(Unknown Source)
         at com.vaau.rbacx.scheduling.executor.iam.DbIamJobExecutor.execute(DbIamJobExecutor.java:83)
         at com.vaau.rbacx.scheduling.manager.providers.quartz.jobs.AbstractJob.execute(AbstractJob.java:72)
         at org.quartz.core.JobRunShell.run(JobRunShell.java:203)
         ... 1 more
    Caused by: java.sql.SQLException: Unable to start the Universal Connection Pool: oracle.ucp.UniversalConnectionPoolException: Cannot get Connection from Datasource
         at oracle.ucp.util.UCPErrorHandler.newSQLException(UCPErrorHandler.java:541)
         at oracle.ucp.jdbc.PoolDataSourceImpl.throwSQLException(PoolDataSourceImpl.java:588)
         at oracle.ucp.jdbc.PoolDataSourceImpl.startPool(PoolDataSourceImpl.java:277)
         at oracle.ucp.jdbc.PoolDataSourceImpl.getConnection(PoolDataSourceImpl.java:647)
         at oracle.ucp.jdbc.PoolDataSourceImpl.getConnection(PoolDataSourceImpl.java:614)
         at oracle.ucp.jdbc.PoolDataSourceImpl.getConnection(PoolDataSourceImpl.java:608)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
         at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
         at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
         at com.vaau.commons.springframework.aop.interceptor.DataSourceInterceptor.invoke(DataSourceInterceptor.java:65)
         at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
         at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
         at $Proxy131.getConnection(Unknown Source)
         at org.springframework.jdbc.datasource.DataSourceUtils.doGetConnection(DataSourceUtils.java:113)
         at org.springframework.jdbc.datasource.TransactionAwareDataSourceProxy$TransactionAwareInvocationHandler.invoke(TransactionAwareDataSourceProxy.java:210)
         at $Proxy118.prepareStatement(Unknown Source)
         at com.ibatis.sqlmap.engine.execution.DefaultSqlExecutor.prepareStatement(DefaultSqlExecutor.java:519)
         at com.ibatis.sqlmap.engine.execution.DefaultSqlExecutor.executeQuery(DefaultSqlExecutor.java:173)
         at com.ibatis.sqlmap.engine.mapping.statement.MappedStatement.sqlExecuteQuery(MappedStatement.java:221)
         at com.ibatis.sqlmap.engine.mapping.statement.MappedStatement.executeQueryWithCallback(MappedStatement.java:189)
         at com.ibatis.sqlmap.engine.mapping.statement.MappedStatement.executeQueryForList(MappedStatement.java:139)
         at com.ibatis.sqlmap.engine.impl.SqlMapExecutorDelegate.queryForList(SqlMapExecutorDelegate.java:578)
         at com.ibatis.sqlmap.engine.impl.SqlMapExecutorDelegate.queryForList(SqlMapExecutorDelegate.java:552)
         at com.ibatis.sqlmap.engine.impl.SqlMapSessionImpl.queryForList(SqlMapSessionImpl.java:118)
         at org.springframework.orm.ibatis.SqlMapClientTemplate$3.doInSqlMapClient(SqlMapClientTemplate.java:298)
         at org.springframework.orm.ibatis.SqlMapClientTemplate.execute(SqlMapClientTemplate.java:209)
         at org.springframework.orm.ibatis.SqlMapClientTemplate.executeWithListResult(SqlMapClientTemplate.java:249)
         at org.springframework.orm.ibatis.SqlMapClientTemplate.queryForList(SqlMapClientTemplate.java:296)
         at org.springframework.orm.ibatis.SqlMapClientTemplate.queryForList(SqlMapClientTemplate.java:290)
         at com.vaau.rbacx.iam.db.dao.ibatis.SqlMapIamDbUserDao.findAllUserIds(SqlMapIamDbUserDao.java:48)
         at com.vaau.rbacx.iam.db.manager.IamDbUserManagerImpl.getUserIds(IamDbUserManagerImpl.java:48)
         at com.vaau.rbacx.iam.db.helpers.IamDbUserImporterImpl.readUsers(IamDbUserImporterImpl.java:78)
         at com.vaau.rbacx.iam.db.DBIAMSolution.doDataLoad(DBIAMSolution.java:547)
         at com.vaau.rbacx.iam.db.DBIAMSolution.loadData(DBIAMSolution.java:284)
         at com.vaau.rbacx.iam.service.impl.RbacxIAMServiceImpl.dataLoad(RbacxIAMServiceImpl.java:510)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
         at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
         at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
         at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
         at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
         at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
         at $Proxy132.dataLoad(Unknown Source)
         at com.vaau.rbacx.scheduling.executor.iam.DbIamJobExecutor.execute(DbIamJobExecutor.java:83)
         at com.vaau.rbacx.scheduling.manager.providers.quartz.jobs.AbstractJob.execute(AbstractJob.java:72)
         at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
         ... 1 more
    Caused by: oracle.ucp.UniversalConnectionPoolException: Cannot get Connection from Datasource
         at oracle.ucp.util.UCPErrorHandler.newUniversalConnectionPoolException(UCPErrorHandler.java:421)
         at oracle.ucp.util.UCPErrorHandler.newUniversalConnectionPoolException(UCPErrorHandler.java:389)
         at oracle.ucp.jdbc.DriverConnectionFactoryAdapter.createConnection(DriverConnectionFactoryAdapter.java:134)
         at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.createOnePooledConnectionInternal(UniversalConnectionPoolImpl.java:1613)
         at oracle.ucp.common.UniversalConnectionPoolImpl$UniversalConnectionPoolInternal.access$600(UniversalConnectionPoolImpl.java:1421)
         at oracle.ucp.common.UniversalConnectionPoolImpl.createOnePooledConnection(UniversalConnectionPoolImpl.java:488)
         at oracle.ucp.common.UniversalConnectionPoolImpl.addNewConnections(UniversalConnectionPoolImpl.java:988)
         at oracle.ucp.common.UniversalConnectionPoolBase.getInitialConnections(UniversalConnectionPoolBase.java:541)
         at oracle.ucp.common.UniversalConnectionPoolBase.start(UniversalConnectionPoolBase.java:655)
         at oracle.ucp.jdbc.PoolDataSourceImpl.startPool(PoolDataSourceImpl.java:271)
         ... 51 more
    Caused by: java.sql.SQLRecoverableException: IO Error: Invalid number format for port number
         at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:419)
         at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:538)
         at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:228)
         at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:32)
         at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:521)
         at oracle.ucp.jdbc.DriverConnectionFactoryAdapter.createConnection(DriverConnectionFactoryAdapter.java:130)
         ... 58 more

    Hi Pallavi,
    i have the same problem, can you provide me more specific details?
    -exactly oimjdbc.properties location please?
    -which is what I have to modify?
    Thanks in advance!

  • Nesting of Rules for Auto Group (Role) Membership Rules in OIM 11gR2

    Does anyone know how to nest rules for auto group (role) membership in OIM 11gR2. The General rules in Design Console are no longer used for auto group membership and the rules that can be configured in the Role properties cannot be nested as far as I can see.
    Any info is appreciated.
    Thanks!

    My mistake... this is possible in the web ui.

  • Rules based ATP not working

    Hi Experts,
    We are facing couple of issues with Rules based ATP . The scenario is we are using only location based  substitution
    1) We are creating an order for a material in ECC . This material is GATP relevant & the settings are made for rules based ( if no stock available at Plant 1 it would check for stock  at plant 2 and confirm the requested quantity if available )   , ATP check is happening after creation of order for plant1  , but it is not checking for quantity at plant 2  eventhough quantity is available at Plant 2 .
    I am checking the rules, it says no rule was found ,it is not possible to dispaly the rules , But for the sameif i am doing a ATP simulation in APO , it is working fine , the susbstitutions are happening & confirmations are being done.
    2) IS it possible to use both checking horizon & rules based ATP ? The situation is if we use Checking horizon  in check control , any SO will get confirmed based on checking horizon , if no receipts or stock is available before the CH . If the rules based ATP is present along with CH  for plants 1 & 2, the system is still confirming the quantity at the CH on Plant1 , even though there is enough quantity to be confirmed at Plant 2.
    Thanks for your help
    Regards
    Surendra

    The first issue  is solved . There was discrepancy in the data format between APO & ECC . The data when transferred to APO from ECC has been converted to a  format  which APO uses & when a SO is created in ECC the data that was entered in the SO is not being recognised by APO  so the error .
    Regards
    Surendra

  • Rule based engine

    I know that this is not a strictly related xml matter.
    I would like to know if anyone can help me in finding a business rule based engine to be used inside a campaign management application

    You raise a very important and interesting question regarding whether there is any framework for narrowing down the domain of a Business Process Expert.
    There are many frameworks out there:
    http://www.bpmg.org/8omega.php
    http://www.prosci.com/tutorial-design-mod1.htm
    http://www.intel.com/technology/itj/2004/volume08issue04/art11_collaboration/p01_abstract.htm
    From my experience, it is beneficial to focus on a critical "life support" process for the corporation.  Many times this can be started at the top level COO for instance, asking what is the # 1 thing which causes issues with customers, collections, services, etc..  One such item is "contract to cash" and specific sub-components of this process such as "unbilled hours" which if corrected prior to billing issuance will result in more accurate Invoices, and collections. An improvement of this nature shortens the cycle time of billing to collection, or hour entry to billing calculation, and with improved accuracy increases cash flow and lowers cost per transaction.
    What you are suggesting in terms of Media expert, etc.. is more associated with Roles which are aligned with Solution Scenarios within SAP.  Business Processes may span many roles, and are critical to the application being developed.
    I believe this is the purpose of BPM, but would welcome any further comments from colleagues regarding framework.
    Please take a look at the following BLOG as well as Lakshmikanth does a very good job explaning the landscape:
    /people/lakshmikanth.adiraju/blog/2006/09/19/soa-bpm-business-applications-netweaver-happy-customer
    Message was edited by: Fermin Iduate

  • Role membership operators

    hi all,
    In IDM 11gR2 I have noticed that there is no operator for the condition 'Not Equalto' i.e '!=' , in 11gR1 this condition operator was available, I have a requirement by which i need to evaluate a string (company name) as 'equalto' for one Role and 'not equalto' for another role but 'not equalto' doesn't exist anymore what to do?
    even 'else' condition is not there with IF statement of the Rule.

    Yes, R2 UI doesn't allow NOT condition. In this case you can create membership rule using Design Console->Rule Designer as earlier. Now the problem is how can you attach the same because UI doesn't have option to attach Design console's membership rule. You can try updating DB directly(RGP table). set the RUL_KEY(rule key) and UGP_KEY(role_key). commit it and restart oim. I haven't tried it.
    http://docs.oracle.com/cd/E27559_01/user.1112/e27151/role_mangmnt.htm#BABHAEHE
    or better raise SR for attaching design console's Rule with role.

  • How do you apply rules based on read status?

    I migrated to Mail.app from PowerMail, and one of the powerful options available when creating a filter/rule in PowerMail was the ability to check the status of the message (message is/is not read) before applying the rest of the rule.
    Is there a way to apply this same check within a rule in Mail.app?
    This option is used to create rules that file mail ONLY AFTER it has been read.
    Obviously, the user must apply the rule manually since rules are only fired off when mail comes in, or when one highlights one or more message(s) and then selects the "Apply Rules" option from the contextual menu or from the Message menu.
    What makes this so powerful is that rather than having to manually file every message after you read it you can create rules that check status for read, if it is check to see if it matches other criteria, and if it does, put it in a folder with other like messages.
    Like many people, I have a large number of folders and subfolders into which I file my messages. By creating such a rule, I only have to file a message that matches other criteria once, use that to set up the criteria for the rule, and on subsequent messages that match that criteria, I only have to apply the rule after I have read it.
    I could just file all the messages directly into their appropriate folders, but then I have to keep watch on the subfolders for new mail, rather than just watching the inbox, reading the new mail, then using the Apply Rules item to have the read message checked and then filed based on the criteria that it matches.
    The logic might look like this.
    Is Read status true
    AND
    The subject contains "Intranet"
    THEN
    Move message to /On My Mac/Work Mail/Current Projects/Intranet Project/ mail folder
    THEN
    Stop processing rules.
    Without the ability to test the message's "read status" I have to select the message, right click to select "Move To>" from the contextual menu, then mouse through four sub panes to put the read message in the folder where I want to store it.
    I also cannot select a number of read messages and use the Apply Rules option to allow my filing rules to move any number of read messages to their proper storage folders.
    If anyone has a method for doing this, please let me know. It is the one thing I miss most about PowerMail.
    Message was edited by: rnsyderpsu

    I have been doing some of this, and while it does provide some of the functionality that is lost without the ability to apply rules only to read messages, it is not a complete solution. One of the biggest drawbacks is that it is not easy to selectively limit what new mail shows up the smart mailbox. One approach that works, sort of, is to limit the smart mailbox to only messages from people in my address book. However, not all relevant messages are from people already in my mailbox, so it requires constantly double checking to make sure that things are slipping through the cracks.
    The best thing about being able to apply rules, after receiving them, based on the status of a message is that it puts the control in the users hands. It allows you to selectively apply rules, only when you want to apply them. Rather than always/never, you have the ability to apply rules "sometimes/as needed." It allows for fuzzy logic, rather than hard conditions.

Maybe you are looking for

  • I cannot route to remote subnets from cisco vpn client and pptp client

    Hi guys, I've a big problem, I configured a 877 cisco router as a cisco vpn server (the customer use it to connect to his network from pc) and a pptp vpn server (he use it to connet to the network from a smartphone). In this router I created 2 vlan,

  • OIM Email Notification issue with custom E-mail user attribute

    Hi All, We have a requirement where we need to send e-mail notification programmatically after a OIM account is created for the user through trusted reconciliation. Post process event handler is being used for this. We have created our own Custom Not

  • Still missing content after 9.1.6 "upgrade" and content re-installs

    I updated to 9.1.6 and immediately I noticed that various .aif files were missing, from my ESX24 instruments and Garageband loops. After reading other peoples' similar stories and solutions here, I spent some hours (and probably $$ for all the bandwi

  • Post XML over HTTPS in a loop

    HI, I have a requirement to post XMLs over HTTPS. I also am supposed to retrieve the response XML, interpret it and do some processing based on the response status in the response XML. This has to be done for each XML. Currently I am establishing a n

  • GPS in-Car Navigation

    Hi Does anyone know of an in-Car GPS system that is compatible with a MacBook Pro Version 10.6.8 Snow Leopard. (IE: Navman is not compatible). Thanks in advance Don.