Self Register User Auto Approval Scenario in OIM 11g

Hello,
I was working on scenario of suppressing approval while Self-Registrating user, following steps were performed
1) Export SelfCreateUserDataSet.xml using weblogicExportMetadata.sh
2) Modified SelfCreateUserDataSet.xml [removed approver-only tag from organization attribuite]
3) Imported SelfCreateUserDataSet.xml using weblogicImportMetadata.sh
4) Restarted OIM & SOA server.
5) Created approval policies i.e. Request Level & Operational Level bote with Auto Approve condition.
6) Made a clone of Self-Register User template & added organization restriction & added Self Operator role.
7) When tested above scenario then xelsysadm had to approve for request & operational level,organization was already selected ,so shouldnt it get approved
automatically as i have mentioned Auto-Approve in approval policy ?
Tested using following link:
http://hostname:port/oim/faces/pages/USelf.jspx?E_TYPE=USELF&OP_TYPE=SELF_REGISTRATION&T_ID=Clone of Self-Register User
Thanks,
Rahul

Hello,
No i cannot see organization field as i have restricted organization to 'xyz' .
My Issue is resolved & problem was that i had changed password of OIM,weblogic also updated boot.properties file in oim & soa,but for some reason my SOA was not working although SOA server was running,so changed password of SOAADMIN from EM,restarted all 3 servers & now my scenario of Self Register Auto Approve works.
Now only thing i am curious is that when i self register user,it shows Request failed,but when checked in OIM user is created .
Thank-You
Rahul

Similar Messages

  • Self-registered users : Auto activate and add ESS role ?

    Hi all ,
    we are allowing users to self-register for our ESS portal. We would like to auto-activate the users and give them the ESS role without any Admin action .
    Is this possible ?
    Regards
    Daniel

    Hello Daniel,
    please assign your ESS Role to the group "everyone".
    Then the self registered(but also every other user on the portal) will have this role by default.
    Assign Default Role to User
    Regards
    Frank

  • Self-Register User Notifications

    I need to send out several email notifications during a self-register user request: Request Initiated, Request Awaiting Approval, Request Approved/Rejected. It seems that OIM 11g/SOA is only setup to handle 2 out of these 4. The SOA engine can notify the approver of the pending approval. OIM can notify the end-user that the account was approved and created based on the Self-Register User Event. Unfortunately, there doesn't seem to be an OIM event or enough data passed to SOA to handle the Request Initiated or Request Rejected scenarios. I am wondering if anyone knows of a way to meet these requirements?
    Thanks,
    Pete

    Here is a solution but will work only if users click on the appropriate self registration links. Also may not be very feasible in cases where self registered user need to be added to a group from large number of groups.
    In the workflow step did you configure multiple targets?
    You can configure multiple targets under the workflow domain you have chosen.
    To self-register a user under a particular group you need to provide a self registration link to users with ObDomainName query string configured appropriately.
    Eg:
    Self registration Workflow domain is dc=acme, dc=com
    Say you want users to be added to groups
    cn=users1,dc=acme,dc=com and
    cn=users2,dc=acme,dc=com.
    For this create 2 Targets in 2nd step of your workflow for the two groups you want user should be added to. Now you have effectively two self registration urls,
    http://host:port/identity/oblix/apps/userservcenter/bin/userservcenter.cgi?program=workflowSelfRegistration&ObWorkflowName=...<your value here>...&ObDomainName=cn=users1,dc=acme,dc=com
    http://host:port/identity/oblix/apps/userservcenter/bin/userservcenter.cgi?program=workflowSelfRegistration&ObWorkflowName=...<your value here>...&ObDomainName=cn=users2,dc=acme,dc=com
    Now if you can manage users to click on appropriate links then you can achieve the goal.

  • Populate fields only for self registered users

    Hi All,
    Scenario : I have an approval task for self registered user. When the user enters the details it goes for approval. The userAccount gets created only when the approver enters values for mandatory attributes like organization.I also have few other mandatory attributes that needs to be filled out.
    The requirement is that these mandatory fields have to be populated automatically. I cannot use an entity adapter because if i do so the manadatory fields will be populated when users are being created by xelsysadm.Please help.
    Thanks.

    You can use Ajax or Java Script for populating other fields.

  • Self-Register User Template Error : MinLimitException: size minimum limit

    I am using OIM 11.1.1.5. When I click "Self-Register User" request template link, I get the following errors. Note that this link was working on other OIM environment where no custom UDFs are present.
    Thanks!
    Kabi
    The Error in IM pop up screen says "size < minimum limit ; ADF_FACES-60097: for more information, please see the server's error log or an entry beginning with ADF_FACES-60096:Server Exception during PPR,#1"
    The oim_server1-diagnostic.log says
    ADF_FACES-60098:Faces lifecycle receives unhandled exceptions in phase INVOKE_APPLICATION 5[[
    oracle.iam.platform.utils.MinLimitException: size < minimum limit
         at oracle.iam.platform.canonic.model.Values.setMinLimit(Values.java:187)
         at oracle.iam.requesttemplate.agentry.operations.OpenActor.renderAttributeRestrictionsTab(OpenActor.java:822)
         at oracle.iam.requesttemplate.agentry.operations.OpenActor.prepare(OpenActor.java:195)
    ---------------------------------------

    Did u import any object for self registration? if so import it again...i have seen this error before in my env.
    If the self registration fails, then it is a Oracle Bug and they are working on getting a patch for it...
    ~VSN

  • Problem while creating self-registered users

    Hi
    we are creating a self registered users. When the self registered users enters the data it has to go for the line manager approval.
    We have an entity adapter which is triggering after the manager approval. What the adapter will do is it triggers an end date for the user after the approval.
    But its showing "DOBJ.error Create user" error after the approval.So we are not able to create the user
    KK

    I am providing all the mandatory values like Organization and last name.
    But still its throwing DOBJ error.
    Any Clue...
    At this moment i am not able to provide the logs.
    Thanks,
    KK

  • Self-Register user workflow add user to Group

    Hi,
    I have a fairly basic Self-Register user workflow that I am playing with in OAM. I am wondering if I can somehow add a step(s) into my workflow that will add the user to be a member of a Group in OAM during registration?
    If so, can this be done without an "external action" or custom code?
    If anyone knows anything that can help I'd appreciate it.
    Thanks,
    Jackie

    Here is a solution but will work only if users click on the appropriate self registration links. Also may not be very feasible in cases where self registered user need to be added to a group from large number of groups.
    In the workflow step did you configure multiple targets?
    You can configure multiple targets under the workflow domain you have chosen.
    To self-register a user under a particular group you need to provide a self registration link to users with ObDomainName query string configured appropriately.
    Eg:
    Self registration Workflow domain is dc=acme, dc=com
    Say you want users to be added to groups
    cn=users1,dc=acme,dc=com and
    cn=users2,dc=acme,dc=com.
    For this create 2 Targets in 2nd step of your workflow for the two groups you want user should be added to. Now you have effectively two self registration urls,
    http://host:port/identity/oblix/apps/userservcenter/bin/userservcenter.cgi?program=workflowSelfRegistration&ObWorkflowName=...<your value here>...&ObDomainName=cn=users1,dc=acme,dc=com
    http://host:port/identity/oblix/apps/userservcenter/bin/userservcenter.cgi?program=workflowSelfRegistration&ObWorkflowName=...<your value here>...&ObDomainName=cn=users2,dc=acme,dc=com
    Now if you can manage users to click on appropriate links then you can achieve the goal.

  • Allow creation of Self Registered Users

    Under Portal Settings in the Admin section is a checkbox to "Allow creation of Self Registered Users". And a note that says "Changes in these settings will take effect immediately."
    I'd like to utilize this feature and have therefore checked the box, and made sure my custom login adaptive layout includes this tag: <pt:ptui.createaccount />
    After giving the setting a good hour to work its magic, the view source shows that the tag creates just this: <span id="pt-login-create-account"></span>
    I was assuming that there'd be some more code than that - at least a link!
    Any idea what might be the issue? It seems like such a straight forward type of setting.
    Thanks

    The issue has been narrowed down slightly by including the problematic extranet login page as a portlet within our intranet - which then succeeds in displaying the page.
    One item of note was that we have the admin area installed on both of our load balanced intranet servers - and each had to be set to allow creation of users via the admin interface before it could be seen by all. This is slightly disconcerting as we assumed they relied on the same data repository (db).
    Fortunately, this might be a clue as to why it isn't working still on our extranet server.
    The catch there is that we can't access the admin interface via our extranet - so I'm now in the process of trying to track down exactly where this value is saved to from the project settings page.
    Any suggestions?
    Thanks!
    Solution--
    I set our extranet to be able to display the admin section, restarted the server, logged in, checked that the admin setting was correct, reset the config file, restarted the portal and then the link magically appeared.
    Lesson learned - don't trust the documentation when it says that a restart isn't required...

  • Custom Event Notification (email) for Approval Tasks in OIM 11g

    Hi,
    how to create event notification for approval tasks in OIM 11g. I mean how to send email notification to user who sholuld accept or reject approval task?
    best
    mp
    Edited by: J23 on 2011-05-30 04:08

    Here is the documentation http://download.oracle.com/docs/cd/E21764_01/integration.1111/e10224/bp_notif.htm#SOASE548
    Search for SOA BPEL Email Notifications for more information:
    http://soa-bpel-esb.blogspot.com/2010/01/email-notification-in-bpel.html
    http://download.oracle.com/docs/cd/B31017_01/core.1013/b28764/bpel013.htm
    There are many more search links that can help you out.
    -Kevin

  • Multi Level Approval Workflow in OIM 11g R2

    Hi everyone,
    I want to develope a two level approval workflow in OIM 11g R2.
    When I intent to provisioning a resource or an entitlement, this workflow will be executed.
    This workflow is two level (serial approval)
    First approver is manager of user, second approver is a custom group.
    Is there any sample workflow like this?
    How can I develope this?
    Thanks.
    Best Regards.

    Hi, you can find the same in oracle assets link.
    Download the guide for 11GR2.
    http://www.oracle.com/technetwork/middleware/id-mgmt/overview/workflow-development-1868162.7z
    Thank you,
    Shashi

  • How to get details of Pending Approval request in OIM 11g R2?

    Hi,
    We need to find out following details from Pending Approval Request in OIM 11g R2 -
    Request ID,Assignees,Requested Resource Name, Title of Request, Beneficiary, Status of Request.
    Out of above attributes we could find out Assignees, Title of Request, Status of Request, Beneficiary, etc. But we are not getting Request ID and Requested Resource Name.
    We have used API - 'IworkflowServiceClient'
    If we use API - 'RequestService' then we are not getting Assignees and Resource name from Pending approval request.
    Can any one suggeste how can we get these details? Do we need to use other API or other alternative to get all of attributes from Pending Approval Request.
    Thanks.

    Thanks Kevin for your suggestion.
    In OIM 11g R2 I tried task.getIdentificationKey() to get Request ID and task.getSystemMessageAttributes().getTextAttribute6() to get requested resource name but I am getting null values out of it. Is there something I am missing?
    Which common thing I can use to retrieve data from both OIM and SOAINFRA? As I am not getting Request ID from 'IworkflowServiceClient' API so I could not use it to earch request in OIM using 'RequestService'. Even if I have to use query what will be common thing I can use to fetch data from both tablespaces?
    Thanks.

  • Error in creating approval policy in OIM 11g

    hi...
    i am trying to create approval policy in OIM 11g. But after giving the details for first step, it gives the following error-
    "Approval policy validation failed with oracle.iam.request.exception. ApprovalPolicyServiceException:An error occured while searching request model <policy name>"
    Please let me know the coz of this error and the way to resolve it.

    If you are using JDeveloper , can you able to get class after giving "." .If yes no than it is the problem with the jar file you are using .Check whether you can able to import oracle.iam.authzpolicydefn.api.Feature.
    Thanks ,
    Animesh anand

  • Can approver modify user's request form in OIM 11g?

    Dear All,
    In OIM 10g, the approver of a request can modify user's request form, we just need to configure the permission in OIM. But, can we do it in OIM 11g?
    If can, how can i configure it?
    really need your help guys,, :D
    Thank you,
    --herry                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               

    Hi user12841694,
    Thanks for the suggestion. But, the data (field) that can be modified by the approver is very limited. We cannot attach multi-valued attribute there (like Child Form).
    Regards,
    ---herry

  • Where do the self registered users go

    Hi ,
    I am new to oracle web center. i have created a sample app no db connections just pure oracle web portal application.
    This app has a defalut weblogic/weblogic1 admin user.
    Apart from this i ahave also added a self registration page from the readily available security taskflow.
    Now i am able to add users at runtime through this self registration page.
    But since i am not using any DB am wondering where are these newly registered users and their passwords are being persisted.
    can any one shed some light on this cos i cant even see the new users in Jazn xml
    --Sanket                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           

    ok these registered users are being created in the integrated weblogic ;
    but why arent we able to browse thorugh thtem trough jazn xml.
    --sanket                                                                                                                                                                                                                                                                                                   

  • Approval process in OIM 11g

    Hi All,
    I am newbie to OIM. I have a requirement with 2 levels of approvals in OIM 11g.
    *1st level:* In the first level the Approver will be selected by the user(self service) from the drop down present in the custom UI.
    *2nd level:* For the 2nd level Approval the 1st level appover should have the ability to select the next approver from a drop down list. The 2nd level approvers belong to a particular group.
    All the approvers should be stored in a lookup table in OIM. When a user raises a request the custom application should get the values from the lookup table and populate the drop down for 1st level approvers. 2nd level approvers sholud be populated in the drop down during the 1st level approval process.
    can any one suggest me the steps to achieve this.
    Thanks

    Task assignment in SOA are done via human task assignment i.e. the .task component in BPEL. Now this task assignment can use various features to compute whom to assign the task to.
    1. Static: This is when you specify the group name or the user name directly into the task.
    2. Dynamic : This is when you assign the approver to be a variable and in your SOA workflow before task assignment you assign value to this variable.
    3. External Routing: This is when you assign a java code inside the .task to do all the assignment and escalations. When using this you can have complex implementations done.
    What I meant by looping is that you will need to call this .task two times, first time of the first approver and second time (if the first approves it) for the second approver. Thus when you are inside the loop you need to get the appropriate value from the payload (payload is sent from OIM to SOA when you submit/approve the request) and set it into the appropriate variable so that .task reads that variable and assigns the task to that person.
    I would recommend going through the BPEL developers guide for better understanding. Start with a simple process and see how it behaves when it runs and then pile on top of it.
    -Bikash

Maybe you are looking for