Total de-provisioning of user from shared services

Similar Messages

• Exclude a user from Shared Services LCM export

  How do I exclude a specific user from the Shared Services LCM export?  In the migration definition file I am trying to specify something like the following:
  pattern="*" and pattern<>"lcm_admin"

  What exactly you want to try after/by exporting users from Shared services?
  Regards,
  Santy.

• Administration Users from Shared Services...

  Dear Experts,
  Am using OEPM 11.1.1.2
  I have one basic question on Shared Services Users...As we are using the default login of Essbase administration services after installation and configuration to
  login to the server and this is already changed to Shared Services Security during Configuration..
  My question is can we be able to create user related to EAS from Shared Services or still we need to use the same default 'admin'? If so,
  In any case if i want to provide one user with only "create/delete applications" for Essbase....i will go and do it in Shared Services.....
  but if i want to modify something in Essbase...i still need to use EAS for modifying the application/Database information
  How can i create multiple users in EAS?
  One More, i don't see any project for Essbase Administration Services like Essbase, APS created in Shared Services after the applications have moved to Shared Services Security Mode...Is this correct? Please clarify
  Moreover, in my case userid "admin" is used for all the Application groups in Shared Services...So if i change the password for this "ID", will it reflect to all the application groups who are privileged to...
  Thanks

  My question is can we be able to create user related to EAS from Shared Services or still we need to use the same default 'admin'? If so,
  In any case if i want to provide one user with only "create/delete applications" for Essbase....i will go and do it in Shared Services.....
  but if i want to modify something in Essbase...i still need to use EAS for modifying the application/Database information
  How can i create multiple users in EAS?
  One More, i don't see any project for Essbase Administration Services like Essbase, APS created in Shared Services after the applications have moved to Shared Services Security Mode...Is this correct? Please clarify
  Moreover, in my case userid "admin" is used for all the Application groups in Shared Services...So if i change the password for this "ID", will it reflect to all the application groups who are privileged to...
  Firstly, Shared services is a centralized User management console for all hyperion applications. Once you externalize your security to shared services, You can create as many users as you want in shared services and assign him access to Essbase. How ever, You will have to go to EAS and do a "refresh security from shared services" for changes made to users in shared services to reflect in Essbase.
  For projects to appear under shared services project list, you will have to register each product with the shared services.
  If the same admin ID is used for all applications, Yes, the password change will reflect to all applications he has access to.
  -Nra

• Remove users from Shared Services/ EPM

  Gurus
  I have some users who have gone to different department and some who are no more with the companies. I was just wondering if there is a script I can run in the EPM Environment/ Shared Services to remove users and the provisioning in bulk.
  Thank you for your response.

  Hi John,
  I got it.
  What I did was that I exported the GROUPS under APPLICATION GROUP -> FOUNDATION > SHARED SERVICES -> NATIVE DIRECTORY -> GROUP. Created a CSV file and deleted the user and then imported back again.
  This is how it works right?
  ALSO, can I totally erase the user. The above process deleted user from group. But if I need to delete the user overall from everywhere in the EPM app, is there a way to do so?
  OR do I need to ask the server team to remove the user from MSAD.
  Thanks

• How to extract external directory users from a shared services group from shared services RDBMS repository

  Hi,
  I have a security group in shared services, which has external directory users. I want to extract the list of users from shared services RDBMS repository using a SQL query. Please let me know if this is possible and from which table(s) I can query such list.
  Thanks...

  You need to use CSS_Groups, CSS_GROUP_MEMBERS and CSS_USERS tables in your Foundation DB. Something like below will give you these details:
  select b.Name  ,a.Name  from HYPFOUND.CSS_GROUPS b ,
  HYPFOUND.CSS_USERS a ,
  HYPFOUND.CSS_GROUP_MEMBERS c
  WHERE c.MEMBER_IDENTITY = a.IDENTITY_ID and
  c.GROUP_IDENTITY = b.IDENTITY_ID
  GROUP BY (b.Name,a.name)

• Sync User with Shared Services

  I noticed that if I provision a user in shared services the user can not log into planning until I restart planning. Is there a way to do this without restarting planning? This also seems to happen with EPM.
  I know this happens with essbase but you can put a few commands in the essbase.cfg file and it can either sync on a time basis or when a user logs into the system.

  I am not sure what version you are using, but I will assume 9.3.1
  If so you shouldn't need to restart the planning server, once you have set them up in HSS the user should be able to log into planning, once the newly created user logs into planning the user is also created on the essbase (EAS) side as a planning user.
  If you set up a new user and then log into the planning app as an admin user, select a form and click assign access, then click add access, can you see the user in the list ?
  Cheers

• How to sync user for planning from Shared Services

  Hi ..
  Can anybody please let me know how to sync users for planning from shared services.
  Thank you.

  You need to expand on your question.
  But the basic concept is you create or connect (for LDAP) users in Shared Services. You also create groups as required for these users. Then in shared services you provision those user to Planning applications (directly or indirectly through groups)
  Then in Planning you will see users or groups. And in planning you connect them to either members in dimensions or to objects like Forms, Task lists, Business Rules.
  There is therefore no such thing as synching Shared Services with Planning.
  Note: the 2 steps mentioned above can be done in batch through load utilities.
  Please expand you question if necessary

• How to get New Added User's log from shared services in 2012--Important

  Hi Experts
  All my user are MSAD users but i want to generate See log for all users in Hyperion who are all added in 2012.
  Please let me know ,we will get this information from Backend SQL and what are the tables related for this.
  Any one help me in this...highly appreciated.
  Thanks,
  RK

  Hi,
  You don't add MSAD users in shared services. The users is added to the directory that is configured as MSAD in shared services and you will
  see the user in shared services after that. I don't think so that Hyperion can provide any info regarding the users addition in shared services.
  Thanks,
  Sourabh

• Error from EAS - "refreshing security from Shared Services failed"

  Hi,
  I was using Native only security in HSS for Essbase 11.1.1.3 and EAS allowed me to Refresh security from Shared Services. (Essbase security was already externalized to HSS.)
  However, after I added "MS Active Directory", and provisioned a MSAD user to a native Planning group, EAS errors out with "refreshing security from Shared Services failed" .
  I checked Essbase security and that MSAD user is not added to Essbase.
  From Essbase Log I see:
  Essbase failed to get roles list for [ESB:Analytic Servers:servername:1] from Shared Services Server with Error [32:1062:Failed to connect to the user directory [ HSS'sMSADname].
  I then tried to remove MSAD from our H Shared Services and see if this problem goes away. However, MSAD still shows on the left panel menu in H Shared Services. How can I get rid of MSAD?
  Any suggestions?
  Edited by: user643332 on May 12, 2010 12:05 AM

  Hi,
  Are you sure you have removed it from shared services, you may have just disabled it.
  You must restart the shared services application server to apply any changes made.
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Grant the Essbase application permission to user in Shared Services

  Hi,
  We got a problem in granting the Essbase permission to user using Shared Services. We are using Hyperion 9.3.1.
  (1) We created an Essbase application + database through Essbase Administration Console, say TBC.Sales.
  (2) Provision the Essbase "Server Access" + Essbase Application "Read" roles to a user.
  (3) In Essbase Admin Console, we "Refresh Security from Shared Services".
  However, the user still cannot see the Essbase Database in SmartView. Does anyone know how to fix the problem?

  The problem is fixed with Essbase 9.3.1.3.0.5.

• Error with Active Directory Synchnorisation from Shared Services to Essbase

  Have recently installed HS9 v 9.3.1
  In Shared Services i have created both native and MSAD users. Everything works fine with the native users (Planning,EAS etc...)
  MSAD user directory has been configured & tested -ok on Workspace.
  The MSAD users have been provisioned and can access Workspace & Shared services without any issue.
  However, when accessing Planning, the following error is displayed in the Essbase server log:
  Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051001)
  Received client request: Create External User With Type (from user [hyperion])
  [Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Error(1051205)
  Single Sign On function call [css_getUser] failed
  [Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Warning(1051003)
  Error 1051205 processing request [Create External User With Type] - disconnecting
  [Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051001)
  Received client request: Set Application FrontEnd Type (from user [hyperion])
  [Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051001)
  Received client request: Get Security Mode (from user [hyperion])
  [Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051001)
  Received client request: Set Application Id For Planning (from user [hyperion])
  [Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051001)
  Received client request: Get Security Mode (from user [hyperion])
  [Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051001)
  Received client request: Get Security Mode (from user [hyperion])
  [Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051001)
  Received client request: Re-Sync User/Group with Single application (from user [hyperion])
  [Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051590)
  Synchronization started for user/group [MSADUser]
  [Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051591)
  Synchronization completed for user/group [MSADUser]
  [Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Error(1051013)
  User/group MSADUser does not exist
  [Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Warning(1051003)
  Error 1051013 processing request [Re-Sync User/Group with Single application] - disconnecting
  ---------- When accessing through XL Addin, the foll is displayed:
  [Tue Mar 18 16:49:09 2008]Local/ESSBASE0///Error(1051012)
  User MSADUser does not exist
  [Tue Mar 18 16:49:09 2008]Local/ESSBASE0///Warning(1051003)
  Error 1051012 processing request [Login] - disconnecting
  Thanks !!!

  Hardcode IP addresses instead of the server names in the essbase.cfg file and the Shared Services CSS.XML file for the Shared Services server references.
  Restart SS/Essbase, provision an MSAD user, then do a Refresh from Shared Services in AAS.
  Verify your MSAD userID then shows up as an Essbase user in AAS(Display User list for the Essbase server)
  As long as the MSAD users show up in the user list, they should be working.

• Problem with Business Rules access from Shared Services

  Hello,
  When trying to access Business Rules from Shared Services (expand Business Rules and click on the application) I get the "Refer to the Security Guide to configure security permissions for this application" message, but the user is fully provisioned for Business Rules. It happens even logged on as admin. Access from Administration Services works fine. The version Hyperion system 9 (9.3.0.1). What is wrong? Help, please.
  Thanks,
  Timur

  You can't access Business Rules from Shared Services. This is no different from any other application - Planning, Essbase, etc. You can provision users to the application roles, but you can't actually do anything with the application, other than security, in Shared Services. You use Admin Services to maintain Business Rules.

• Essbase EAS - Refresh Security from Shared Services

  Hi All,
  Just went live with Essbase. We are using MSAD Groups in Shared Services for our users. I noticed that if we add a new user to a provisioned group, they don't automatically get access to Essbase. I believe I have to select 'Refresh Security From Shared Services' in EAS. I am nervous about doing this with users in the system as I don't want to accidentally boot them out. Is there any risk? Reports stopped? Users forced to logout? Smartview implications?
  I feel like I did it before and disrupted some users during development but I am not sure.
  Much Appreciated,
  Mike

  Thx. I just did it and it didn't seem to disrupt anything. I tested with a user with a smartview open, a report running and a WA dashboard on screen. It did mention that after refreshing the essbase server would be disconnected and i would have to reconnect but it didn't actually boot me out or disrupt any process.
  I guess it's okay to do on a live production system. ?
  Thx,
  Mike

• Refreshig security from shared services

  let us assume that we are creating 5 users in shared services and provisioning them with different privileges. when refreshing these users security from shared services to essbase , i need to refresh the security of only one particular user role, how can i do that?

  if using 9.3.1 later version u can use Shared servicves patch whcih will automatically update the security
  or esle right clik on EAS security > refresh security from shared services > all users or currecnt users
  which will update ur security
  Refresh each user or group individually using MAXL command:
  alter user username sync security with all application;
  alter group groupname sync security with all application;

• Provisioning of User from OIM 11g to GooggleApps

  hi all
  I m trying to Provision of user from OIM 11g to google apps with Googgle App 11.1.1.5 (icf) connector.
  But while provisioning User I am getting the exception like
  javax.xml.parsers.FactoryConfigurationError: WebLogicSAXParser cannot be created.SAX feature 'http://xml.org/sax/features/external-general-entities' not supported.
  at weblogic.xml.jaxp.RegistrySAXParser.<init>(RegistrySAXParser.java:73)
  at weblogic.xml.jaxp.RegistrySAXParser.<init>(RegistrySAXParser.java:46)
  at weblogic.xml.jaxp.RegistrySAXParserFactory.newSAXParser(RegistrySAXParserFactory.java:91)
  at com.google.gdata.util.common.xml.parsing.SecureGenericXMLFactory$SecureSAXParserFactory.newSAXParser(SecureGenericXMLFactory.java:147)
  at com.google.gdata.util.XmlParser.getSAXParserFactory(XmlParser.java:92)
  at com.google.gdata.util.XmlParser.parse(XmlParser.java:679)
  at com.google.gdata.util.XmlParser.parse(XmlParser.java:576)
  at com.google.gdata.data.BaseEntry.parseAtom(BaseEntry.java:1015)
  at com.google.gdata.wireformats.input.AtomDataParser.parse(AtomDataParser.java:59)
  at com.google.gdata.wireformats.input.AtomDataParser.parse(AtomDataParser.java:39)
  at com.google.gdata.wireformats.input.CharacterParser.parse(CharacterParser.java:100)
  at com.google.gdata.wireformats.input.XmlInputParser.parse(XmlInputParser.java:52)
  at com.google.gdata.wireformats.input.AtomDualParser.parse(AtomDualParser.java:66)
  at com.google.gdata.wireformats.input.AtomDualParser.parse(AtomDualParser.java:34)
  at com.google.gdata.client.Service.parseResponseData(Service.java:2165)
  at com.google.gdata.client.Service.parseResponseData(Service.java:2098)
  at com.google.gdata.client.Service.getEntry(Service.java:1353)
  at com.google.gdata.client.GoogleService.getEntry(GoogleService.java:567)
  at com.google.gdata.client.Service.getEntry(Service.java:1278)
  at com.google.gdata.client.appsforyourdomain.AppsForYourDomainService.getEntry(AppsForYourDomainService.java:118)
  at org.identityconnectors.googleapps.GoogleAppsClient.getUserEntry(GoogleAppsClient.java:148)
  at org.identityconnectors.googleapps.GoogleAppsClient.testConnection(GoogleAppsClient.java:171)
  at org.identityconnectors.googleapps.GoogleAppsConnector.test(GoogleAppsConnector.java:407)
  at org.identityconnectors.googleapps.GoogleAppsConnector.checkAlive(GoogleAppsConnector.java:415)
  at org.identityconnectors.framework.impl.api.local.ConnectorPoolManager$ConnectorPoolHandler.testObject(ConnectorPoolManager.java:105)
  at org.identityconnectors.framework.impl.api.local.ConnectorPoolManager$ConnectorPoolHandler.testObject(ConnectorPoolManager.java:74)
  at org.identityconnectors.framework.impl.api.local.ObjectPool.borrowObject(ObjectPool.java:229)
  at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:83)
  at $Proxy357.schema(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:107)
  at $Proxy357.schema(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at org.identityconnectors.framework.impl.api.DelegatingTimeoutProxy.invoke(DelegatingTimeoutProxy.java:107)
  at $Proxy357.schema(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at org.identityconnectors.framework.impl.api.LoggingProxy.invoke(LoggingProxy.java:76)
  at $Proxy357.schema(Unknown Source)
  at org.identityconnectors.framework.impl.api.AbstractConnectorFacade.schema(AbstractConnectorFacade.java:112)
  at oracle.iam.connectors.icfcommon.prov.ICProvisioningManager.getConnectorSchema(ICProvisioningManager.java:337)
  at oracle.iam.connectors.icfcommon.prov.ICProvisioningManager.createObject(ICProvisioningManager.java:116)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpGOOGLEAPPSCREATEOBJECT.CREATEOBJECT(adpGOOGLEAPPSCREATEOBJECT.java:109)
  at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpGOOGLEAPPSCREATEOBJECT.implementation(adpGOOGLEAPPSCREATEOBJECT.java:54)
  at com.thortech.xl.client.events.tcBaseEvent.run(tcBaseEvent.java:196)
  at com.thortech.xl.dataobj.tcDataObj.runEvent(tcDataObj.java:2492)
  at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(tcScheduleItem.java:2917)
  at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(tcScheduleItem.java:547)
  at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:602)
  at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:474)
  at com.thortech.xl.ejb.beansimpl.tcProvisioningOperationsBean.retryTasks(tcProvisioningOperationsBean.java:4042)
  at Thor.API.Operations.tcProvisioningOperationsIntfEJB.retryTasksx(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
  at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
  at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
  at $Proxy359.retryTasksx(Unknown Source)
  at Thor.API.Operations.tcProvisioningOperationsIntfEJB_4xftoh_tcProvisioningOperationsIntfRemoteImpl.__WL_invoke(Unknown Source)
  at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
  at Thor.API.Operations.tcProvisioningOperationsIntfEJB_4xftoh_tcProvisioningOperationsIntfRemoteImpl.retryTasksx(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
  at $Proxy174.retryTasksx(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
  at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:198)
  at $Proxy345.retryTasksx(Unknown Source)
  at Thor.API.Operations.tcProvisioningOperationsIntfDelegate.retryTasks(Unknown Source)
  at com.thortech.xl.webclient.actions.ResourceProfileProvisioningTasksAction.retryTasks(ResourceProfileProvisioningTasksAction.java:702)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:269)
  at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(tcLookupDispatchAction.java:133)
  at com.thortech.xl.webclient.actions.tcActionBase.execute(tcActionBase.java:894)
  at com.thortech.xl.webclient.actions.tcAction.execute(tcAction.java:213)
  at org.apache.struts.chain.commands.servlet.ExecuteAction.execute(ExecuteAction.java:58)
  at org.apache.struts.chain.commands.AbstractExecuteAction.execute(AbstractExecuteAction.java:67)
  at org.apache.struts.chain.commands.ActionCommandBase.execute(ActionCommandBase.java:51)
  at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
  at org.apache.commons.chain.generic.LookupCommand.execute(LookupCommand.java:305)
  at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
  at org.apache.struts.chain.ComposableRequestProcessor.process(ComposableRequestProcessor.java:283)
  at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
  at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:462)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
  at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
  at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecur)ityHelper.java:125)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStub
  I am not sure why this exception is happening while provisioning the user
  I already Uploaded the 4jars recommended by Four jars into the Classpath
  any help regarding this issue is highly appreciated

  this might help you
  Re: OIM and Google Apps
  --nayan