Trusted Recon OIM Password Setup

Similar Messages

• Multi-Valued Attributes in Non-trusted recon - OIM

  Hi,
  I need to build a custom reconciliation task whihch performs non-trusted recon with my target system.In my process form,I have a Parent form(userid,email etc) and a child form(profileid).The profileid in the child form is a multi-valued attribute.Can Somebody explains me how i could do this?.
  I have created the Recon Field in Resource Object and mapped the field in Process Form Mappings.In my code,I am trying to call the createReconEvent("RO",usermap,finishevent).I am not clear with how my usermap should look like,since it involves multi-valued attribute.
  Any help would be appreciated.
  Thanks.

  Hi,
  You need to do following :
  (1) Create Recon event with false
  long l1 = reconIntf.createReconciliationEvent(sObjectName, hashmap, false)
  (2) Create hashmap having key-value pair of your mulitiattribute and unique value
  mhashmap.put(attribute-name, value);
  mhashmap.put(attribute-name, value1);
  (3) Add hashmap to multiattribute
  reconIntf.addMultiAttributeData(l1, [attribute-name], mhashmap);
  (4) Close the reconciliation Event.
  reconIntf.finishReconciliationEvent(l1);
  - AG

• Active Directory Trusted Recon ends with NullPointerException

  Hi,
  I have installed  OIM 11.1.2.2.0 and AD connector version: ActiveDirectory 11.1.1.6.0. when i run "Active Directory Group Lookup Recon", I can see the groups created in "Lookup.ActiveDirectory.Groups". But when I tried to do "Active Directory User Trusted Recon" OIM given below error. I attached ITResource and Scheduler configurations.
  Any help is greatly appreciated.
  [2015-04-29T21:20:40.816+05:30] [oim_server1] [ERROR] [] [] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: eefe7b19b2a021e0:6c7958f0:14d05d5c757:-8000-000000000000009d,0] [APP: oim#11.1.2.0.0] [DSID: 0000Ko5qWtjFW7WFLz6UOA1LGFhL000004] Failed to communicate with any of configured Access Server, ensure that it is up and running.
  [2015-04-29T21:20:40.863+05:30] [oim_server1] [NOTIFICATION] [] [oracle.iam.features.scheduler.agentry.operations] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: eefe7b19b2a021e0:6c7958f0:14d05d5c757:-8000-000000000000009d,0] [APP: oim#11.1.2.0.0] [DSID: 0000Ko5qWtjFW7WFLz6UOA1LGFhL000004] [[
  java.lang.NullPointerException
    at java.io.ByteArrayInputStream.<init>(ByteArrayInputStream.java:89)
    at oracle.iam.scheduler.vo.JobHistory.getExceptionObject(JobHistory.java:123)
    at oracle.iam.features.scheduler.agentry.operations.LookupActor.prepare(LookupActor.java:1277)
    at oracle.iam.features.scheduler.agentry.operations.LookupActor.refresh(LookupActor.java:3069)
    at oracle.iam.features.scheduler.agentry.operations.LookupActor.receiveEvent(LookupActor.java:3056)
    at oracle.iam.consoles.faces.mvc.canonic.Model.handleIntent(Model.java:975)
    at oracle.iam.consoles.faces.mvc.canonic.Controller.doHandleIntent(Controller.java:533)
    at oracle.iam.consoles.faces.mvc.canonic.Controller.doSelectAction(Controller.java:204)
    at oracle.iam.consoles.faces.event.NavigationListener.processAction(NavigationListener.java:99)
    at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
    at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcast(UIXComponentBase.java:748)
    at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:179)
    at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:93)
    at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:371)
    at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:97)
    at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:104)
    at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:93)
    at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:371)
    at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:97)
    at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:98)
    at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:475)
    at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:756)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._invokeApplication(LifecycleImpl.java:957)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:427)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:207)
    at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:128)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
    at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177)
    at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.iam.platform.auth.web.OIMAuthContextFilter.doFilter(OIMAuthContextFilter.java:112)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:180)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
    at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:324)
    at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:460)
    at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
    at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
    at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.security.am.agent.wls.filters.OAMServletAuthenticationFilter.doFilter(OAMServletAuthenticationFilter.java:265)
    at oracle.security.am.agent.wls.filters.OAMValidationSystemFilter.doFilter(OAMValidationSystemFilter.java:133)
    at oracle.security.wls.oamagent.OAMAgentWrapperFilter.doFilter(OAMAgentWrapperFilter.java:120)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:163)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3730)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3696)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)

  I believe suddenly after running use cases related with target recon, you are trying to run trusted recon.
  Make sure you update the following value in IT Resource whenever u run it for trusted recon:
  Configuration Lookup
  This parameter holds the name of the lookup definition that stores configuration information used during reconciliation and provisioning.
  If you have configured your target system as a target resource, then enterLookup.Configuration.ActiveDirectory.
  If you have configured your target system as a trusted source, then enterLookup.Configuration.ActiveDirectory.Trusted.
  Default value: Lookup.Configuration.ActiveDirectory
  http://docs.oracle.com/cd/E22999_01/doc.111/e20347/deploy.htm#BABGFCFE
  ~J

• OIM 11 - Trusted Recon creates random number of users in "disabled" state

  We are on OIM 11.1.1.5 with LDAP sync enabled to OID 11.
  When creating users from trusted recon, we get a random number of users always created as "disabled". The recon event details shows orchestration:*create* and orchastration:*Enabled*. However Enable orchestration events show compensated or failed. And the user gets created in OIM as "disabled".
  We have turned on the loggings for Trusted recon. But do not see any error for these specific number of users.
  Has anyone seen this kind of behavior?
  Thanks in advance for your answer!
  MBiswal

  I've seen this before if the user is created with a blank password. Run a select * from usr where usr_login='BARBERDW'; and validate that usr_password is not blank. It should be filled in with an encrypted value. If not, you need to look at your process handlers for setting this value.

• Getting error in trusted recon from DB in oim 11g

  Hi,
  I am getting below error while running the trusted recon from DB in OIM 11g:
  [2013-12-25T23:27:33.033-08:00] [oim_server1] [ERROR] [] [oracle.iam.reconciliation.impl] [tid: OIMQuartzScheduler_Worker-7] [userId: oiminternal] [ecid: 0000KCGU85V2ZNK5qVCCyY1Ih5WC000002,1:21446] [APP: oim#11.1.2.0.0] Generic Information: {0}[[
  oracle.iam.reconciliation.exception.ReconciliationException: Exception occurred while inserting data into table RA_HRRECONTEMPROSS_GTC due to java.sql.SQLException: ORA-12899: value too large for column "IDAMPOC_OIM"."RA_HRRECONTEMPROSS_GTC"."RA_SERVICE_DT" (actual: 10, maximum: 7)
          at oracle.iam.reconciliation.impl.ReconOperationsServiceImpl$1.process(ReconOperationsServiceImpl.java:429)
          at oracle.iam.reconciliation.impl.ReconOperationsServiceImpl$1.process(ReconOperationsServiceImpl.java:407)
          at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:13)
          at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:6)
          at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:128)
          at oracle.iam.platform.tx.OIMTransactionManager.execute(OIMTransactionManager.java:22)
  Caused by: oracle.iam.platform.entitymgr.ProviderException: java.sql.SQLException: ORA-12899: value too large for column "IDAMPOC_OIM"."RA_HRRECONTEMPROSS_GTC"."RA_SERVICE_DT" (actual: 10, maximum: 7)
          at oracle.iam.platform.entitymgr.impl.EntityManagerImpl.createEntity(EntityManagerImpl.java:305)
          at oracle.iam.platform.entitymgr.impl.EntityManagerImpl.createEntity(EntityManagerImpl.java:241)
  Service date is a varchar field(VARCHAR 2 BYTE) in our trusted table. Its mapped to service date field in OIM 11g which is of type date.
  Please let me know if I need to change the field type in our trusted table.
  Note: The same configuration is working fine in OIM 9.x.
  Regards,
  Kalpana.

  Now, i went into IDM schema & altered date fields to VARCHAR2(30 CHAR) for all the date type attributes. Now, when I ran schedule job is worked fine and didnt got any errros. But now the trusted recon is not creating users. I dont know why users are not getting created. Can you please let me know which all things should be checked to make a recon a trusted recon so that it creates users.
  Thanks,
  Kalpana.

• [OIM 9.1.0.2] Trusted Recon Workaround

  Hi all,
  IHAC that uses a GTC (Flat file) for trusted recon.
  The generated file for reconciliation brings entries of actives and inactives users (So, the expected result is User Creation, User Update and User Disabling).
  AFAIK, the User Definition Fields has some fields defined per defualt as mandatory. For some entries, the effect expected was the user to be disabled (in the case of inactive user), but like sometimes, the generated file has some entries with those mandatory fields in blank or invalid value, so those entries are not reconciliated and the user is not disabled. This is causing a security issue, since access and permission of the users are not revoked.
  Customer request: During trusted recon, the OIM should ignore the mandatory field just for inactive users (there is a field that define this status).
  My question:
  1) Can I achieve this requirement in OIM? Would this a trouble even by customization? Let me know your thought.
  2) Is it possible to turn those fields as 'not-required' in a native manner?
  I would appreciate any help on this.
  Regards,

  Use Transformation to achieve this...
  Following link will be helpful regarding Transformation
  Pre-Computations in OIM 11gR2
  In case of mandatory attributes in the custom Transformation:-
  (1) Use Status flag to determine InActive users
  (2) Obtain by using OIM API current values of those Mandatory fields...
  (3) Return the same value... This means ignoring the mandatory values...

• Getting Error - Cause: Status of the batch is not 'Completed' in OIM 11g R2 during Trusted Recon

  Hi All
  I am new to OIM 11g R2. I am trying to create custom connector for trusted recon. The case is to migrate the users from 10g to 11g R2. The recon event is created but it is in Event Recieved status and when I re-evaluate the event, its giving error - Cause: Status of the batch is not 'Completed'.
  I saw in some posts to change the recon batch size parameter to 0 and restart the server. I have done that but still I am facing the same issue.
  There is no child data in the attribute mapping and user login is set as key.
  Any inputs are welcome on how to get rid of this error.
  Regards
  Vinay

  J_IDM@ I am not passing any OID IT Resource as parametere. Yes I have checked but no entries were thr.
  Prakash bAJIYA@ i was running Job fro Web console & didnt find any such object. it may be diff from design console.
  810444@ Thanks.
  Dear All,
  In Web Console Job Scheduler, I had one Recon "LDAP FULL Recon" which has a property
  "OIM Employee Type" which was before "Full-TYpe" i changed it to * & it worked.Now I am able to generate events.
  It seems like value of Employee Type has an Issue in OID, please correct me ?
  Thanks a lot for you guys contribution.

• Approvals during trusted recon in OIM 11gr2

  Folks,
  I have a requirement to send create user approvals to a user during trusted reconciliation from a file . Is it feasible to achieve .?
  i.e we dont want to directly create users in OIM on trusted recon rather send them for approval and after successfull approval the user should be created in OIM.
  Regards

  I would also suggest using one of the APIs to perform a search user based on your user id value and if it returns a user, then just use the recon api.  This way you only have to use the Create User api on new users.  The issue you might encounter with this though is if the user is in a pending approval state, then if you get more events for them, they still not be found and you will end up with 2 requests.  So before you perform the create, you might have to search the existing requests, or store the user id in a lookup, but store it somewhere so you dont create multiples.  Depending on how long your approval is going to take, you could create a recon event for the user if they are still pending approval so once they are created, the retry of the recon events will process it again and update the user.  You just need to account for all these things.
  -Kevin

• Issue with OIM AD Trusted Recon

  Hi All,
  I am using OIM 11g BP05 and Active Directory Connector 11.1.1.5.0 version.
  While running the Active Directory User Trusted Recon, I am getting below exception in logs:
  <Dec 17, 2012 12:36:08 PM PST> <Error> <ORACLE.IAM.CONNECTORS.ICFCOMMON.RECON.SEARCHRECONTASK> <BEA-000000> <oracle.iam.connectors.icfcommon.recon.SearchReconTask : handle : Recon event skipped>
  <Dec 17, 2012 12:36:09 PM PST> <Error> <oracle.iam.reconciliation.impl> <IAM-5010000> <Generic Information: {0}
  oracle.iam.reconciliation.exception.InvalidDataFormatException: Required column name RECON_RECON_OBJECTGUID and value does not exist
       at oracle.iam.reconciliation.impl.ReconOperationsServiceImpl.checkRequiredColValue(ReconOperationsServiceImpl.java:1918)
       at oracle.iam.reconciliation.impl.ReconOperationsServiceImpl.convertReconFieldsToOIMFields(ReconOperationsServiceImpl.java:1506)
       at oracle.iam.reconciliation.impl.ReconOperationsServiceImpl.ignoreEvent(ReconOperationsServiceImpl.java:371)
       at oracle.iam.reconciliation.impl.ReconOperationsServiceImpl.ignoreEvent(ReconOperationsServiceImpl.java:356)
       at Thor.API.Operations.tcReconciliationOperationsIntfEJB.ignoreEventx(Unknown Source)
       at sun.reflect.GeneratedMethodAccessor1393.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
       at java.lang.reflect.Method.invoke(Method.java:611)
       at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
  I have already added the field RECON_OBJECTGUID in the RO and mapped it in Process Definition and also created the reconcilliation profile. I don't know why it's looking for RECON_RECON_OBJECTGUID. I tried creating this column too in RO and did all the mapping and after that, its give the same error but column name is now RECON_RECON_RECON_OBJECTGUID.
  Any pointers on this issue?
  Regards,
  Sunny
  Edited by: delhi on Dec 17, 2012 3:02 PM

  My Mistake, I was making RECON_OBJECTGUID as requiered field.

• OIM 11gR1 - Trusted Recon UserID Generation

  Hi,
  We are using 11gR1 OIM and trusted reconciling users from feed files using GTC. We are supposed to generate UserID and email for the users. From googling I understood I would not able to write a PreProcess Event Handler. How can I achieve this?

  you should have a post process handler as pre-process not supported for Trusted recon in 11g.
  http://fusionsecurity.blogspot.in/2011/09/oim-11g-event-handler-example.html

• OIM 11G UserManager Service or Trusted Recon

  Hi All,
  with everything changing in the world with 11g is the new UserManager server the better way to create new users or is the trusted recon the more correct way to go?
  Thanx
  Fred

  With 11G User Manager Service is just a new representation of the API for user management. So even with 10G you had an option of using tcUserOperationsIntf instead of tcReconciliationOperationsIntf. Anyway it depends on the following:
  - Do you need to keep a track of all the users created in OIM via Reconciliation Events for reference in future
  - Do you need this Reconciliation Events Data for actual verification that the user was created from your Trusted Source
  - Let's say if you use User Manager service for methods like create(User user) then you cannot differentiate later that the user was manually created or using a scheduler reading from a falt file feed. The only check point then would be to verify this user in the Trusted Source/Flat File
  - Using API directly for managing users is definitely faster then using Reconciliation API's but most of the folks use Trusted Recon
  - You also have the liberty to verify that which attributes were provided from Recon and if there are any missing attributes for any user from Reconciliation Event Manager which would not be handy in case of using User Manager API directly, so you have to keep an eye on the logs for that
  Thanks
  SRS

• OIM Event Handler Triggers on Manual Entry but not for Trusted Recons

  Hi,
  I'm having some trouble getting my plugin to trigger upon a reconciliation. I've developed a plugin to modify some Xellerate User attributes on the OIM Profile.
  - I've created a custom package with some java classes that retrieve attributes being passed in, manipulates the data, and returns the data through an EventResult
  - I have system.out commands in my BulkEventResult function to see when this function is triggered
  - My Plugin.xml calls this java class, which has a plugin point of oracle.iam.platform.kernel.spi.EventHandler
  - I've uploaded the plugin (development) by putting the plugin.zip in the /server/plugin folder
  - I've created an event handler that calls the plugin class upon an operation = "MODIFY". It also contains entity-type="User", stage="postprocess", order="FIRST", sync="TRUE"
  - I've imported this using the weblogic import utility, setting OIMMetadata, and loaded the file to /custom/iam-data/EventHandler.xml
  Upon testing, I am able to see my system.out debug statements in the logs, and can see the data actually changing when I am logged into OIM making changes directly on the system.
  I am unable to see any of this come through when I run a trusted OID reconciliation against the same user, manipulating the same fields.
  From what I've read, all I needed to do was put the code in the BulkEventResult function. However, none of my debug statements are being triggered, causing me to believe that this event handler is not even being triggered upon a trusted recon.
  Does anyone have any ideas why this is, or if I have a configuration somewhere that is incorrect?
  Any help is very welcome!

  Everyone,
  Thanks for your help.
  I found out the root of my issue: it was that my OPERATION was set to "MODIFY" in my EventHandler XML. It should have been "ANY". After I did this, it started to work.
  As for registering plug-ins, you can actually drop the plugin zip file on the Oracle_IDM1/server/plugin directory for testing purposes, then re-import the EventHandler.XML you created.
  I also found a few strange behaviors-
  - If the order was too large (for example, 1000), it wouldn't trigger until the second time I updated it. I lowered the number to 50 and it kicked off every time.
  - There is no purge cache needed when I re-imported the xml file after uploading the .jar again

• STUCK THREADS DURING OIM DURING TRUSTED RECON USING FLAT FILE

  Hello All,
  I need some help with resolving this issue where stuck threads/hogging threads are spawn after I run the Trusted Recon which reads a flat file and creates/updates users in OIM.
  We have OIM 11.1.1.3 BP6
  Weblogic 10.3.3.0
  After the recon starts running for few hours I see ->.phd,.trc files created within the weblogic server path and server goes out of memory. eventually server goes down.
  My issue is similar to: https://forums.oracle.com/forums/message.jspa?messageID=10187076#10187076
  I have followed almost all of the performance tuning settings.
  Pls. let me know if you have any ideas.
  I have pasted below the heap dump.
  Thanks.
  ~VSN
  3XMTHREADINFO "[STUCK] ExecuteThread: '56' for queue: 'weblogic.kernel.Default (self-tuning)'" J9VMThread:0x000000013B49FC00, j9thread_t:0x00000001369D1760, java/lang/Thread:0x0700000062E79CB0, state:CW, prio=1
  3XMTHREADINFO1 (native thread ID:0x3F000B1, native priority:0x1, native policy:UNKNOWN)
  3XMTHREADINFO3 Java callstack:
  4XESTACKTRACE at java/lang/Object.wait(Native Method)
  4XESTACKTRACE at java/lang/Object.wait(Object.java:167(Compiled Code))
  4XESTACKTRACE at java/io/ObjectStreamClass$EntryFuture.get(ObjectStreamClass.java:428(Compiled Code))
  4XESTACKTRACE at java/io/ObjectStreamClass.lookup(ObjectStreamClass.java:314(Compiled Code))
  4XESTACKTRACE at java/io/ObjectOutputStream.writeObject0(ObjectOutputStream.java:1115(Compiled Code))
  4XESTACKTRACE at java/io/ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1518(Compiled Code))
  4XESTACKTRACE at java/io/ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1483(Compiled Code))
  4XESTACKTRACE at java/io/ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1401(Compiled Code))
  4XESTACKTRACE at java/io/ObjectOutputStream.writeObject0(ObjectOutputStream.java:1159(Compiled Code))
  4XESTACKTRACE at java/io/ObjectOutputStream.writeObject(ObjectOutputStream.java:332(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/mappings/converters/SerializedObjectConverter.convertObjectValueToDataValue(SerializedObjectConverter.java:85(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/mappings/foundation/AbstractDirectMapping.getFieldValue(AbstractDirectMapping.java:808(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/mappings/foundation/AbstractDirectMapping.buildCloneValue(AbstractDirectMapping.java:264(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/mappings/foundation/AbstractDirectMapping.buildCloneValue(AbstractDirectMapping.java:239(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/mappings/foundation/AbstractDirectMapping.buildClone(AbstractDirectMapping.java(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/internal/descriptors/ObjectBuilder.populateAttributesForClone(ObjectBuilder.java:2698(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/internal/sessions/UnitOfWorkImpl.populateAndRegisterObject(UnitOfWorkImpl.java:3682(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/internal/sessions/UnitOfWorkImpl.cloneAndRegisterObject(UnitOfWorkImpl.java:996(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/internal/sessions/UnitOfWorkImpl.cloneAndRegisterObject(UnitOfWorkImpl.java:905(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/internal/sessions/UnitOfWorkIdentityMapAccessor.getAndCloneCacheKeyFromParent(UnitOfWorkIdentityMapAccessor.java:123(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/internal/sessions/UnitOfWorkIdentityMapAccessor.getFromIdentityMap(UnitOfWorkIdentityMapAccessor.java:110(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/internal/sessions/IdentityMapAccessor.getFromIdentityMap(IdentityMapAccessor.java(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/internal/sessions/UnitOfWorkImpl.checkExistence(UnitOfWorkImpl.java:774(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/internal/sessions/UnitOfWorkImpl.internalRegisterObject(UnitOfWorkImpl.java:2935(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/internal/sessions/UnitOfWorkImpl.registerObject(UnitOfWorkImpl.java:4363(Compiled Code))
  4XESTACKTRACE at org/eclipse/persistence/internal/sessions/UnitOfWorkImpl.registerObject(UnitOfWorkImpl.java:4321(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/dao/OrchestrationDao.setProcessSeq(OrchestrationDao.java:682(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.runActionEvents(OrchProcessData.java:1050(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.runEvents(OrchProcessData.java:644(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.executeEvents(OrchProcessData.java:227(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:668(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeChildProcess(OrchestrationEngineImpl.java:738(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:689(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.notifyParentProcess(OrchestrationEngineImpl.java:828(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.runEvents(OrchProcessData.java:771(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.executeEvents(OrchProcessData.java:227(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:668(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeChildProcess(OrchestrationEngineImpl.java:738(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:689(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.notifyParentProcess(OrchestrationEngineImpl.java:828(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.runEvents(OrchProcessData.java:771(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.executeEvents(OrchProcessData.java:227(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:668(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeChildProcess(OrchestrationEngineImpl.java:738(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:689(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.notifyParentProcess(OrchestrationEngineImpl.java:828(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.runEvents(OrchProcessData.java:771(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.executeEvents(OrchProcessData.java:227(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:668(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeChildProcess(OrchestrationEngineImpl.java:738(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:689(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.notifyParentProcess(OrchestrationEngineImpl.java:828(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.runEvents(OrchProcessData.java:771(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.executeEvents(OrchProcessData.java:227(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:668(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeChildProcess(OrchestrationEngineImpl.java:738(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:689(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.notifyParentProcess(OrchestrationEngineImpl.java:828(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.runEvents(OrchProcessData.java:771(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.executeEvents(OrchProcessData.java:227(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:668(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeChildProcess(OrchestrationEngineImpl.java:738(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:689(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.notifyParentProcess(OrchestrationEngineImpl.java:828(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.runEvents(OrchProcessData.java:771(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.executeEvents(OrchProcessData.java:227(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:668(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeChildProcess(OrchestrationEngineImpl.java:738(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:689(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchestrationEngineImpl.notifyParentProcess(OrchestrationEngineImpl.java:828(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.runEvents(OrchProcessData.java:771(Compiled Code))
  4XESTACKTRACE at oracle/iam/platform/kernel/impl/OrchProcessData.executeEvents(OrchProcessData.java:227(Compiled Code))

  Increase the memory your database is using. Using the Enterprise Manager of your database, watch the usage during the recon. If it is still maxing out on memory and using paging memory, then increase the memory some more. You can also increase the memory allocated to your application servers. Increase the number of available threads to your weblogic instance.
  -Kevin

• OIM 11g: Can't Map (De)Provisioning Dates in Custom Trusted Recon

  I'm developing a custom trusted recon to reconcile users from a legacy IdM system.
  The issue I'm running into is that if I map a recon attribute to (De)provisioned/(De)provisioning date in the Reconciliation Mapping, when I try to "Create Reconciliation Profile" it fails saying: "Xellerate User: Invalid Attributes [Deprovisioning Date, Provisioning Date, Deprovisioned Date, Provisioned Date]".
  I'm not sure why it's rejecting these, but is there a workaround? Updating the reconciliation profile XML manually perhaps?

  Have you added oimclient.jar in the CLASSPATH of Eclipse ?
  http://download.oracle.com/docs/cd/E14571_01/apirefs.1111/e17334/toc.htm

• OIM11g Error GTC trusted recon using Database Application Tables 9.1.0.5.0

  Hi!
  I'm using OIM 11g (11.1.1.3.0) with Database Application Tables 9.1.0.5.0.
  I've setup GTC trusted recon connector as follows:
  1st Step: Filled required Run time parameters
  2nd Step: Mapped 11 fields
  - User ID
  - First Name
  - Last Name
  - Email
  - Organization
  - Role
  - Design Console Access
  - Status
  - Employee Number
  When I run the task I get an error in the log.
  [2011-11-09T11:34:41.334-02:00] [oim_server1] [ERROR] [IAM-5010000] [oracle.iam.reconciliation.impl] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: 0000JE8YQ9L1nZvLSYs1yc1EiM5O0000OA,0] [APP: oim#11.1.1.3.0] Generic Error/Information: {0}[[
  oracle.iam.platform.utils.SuperRuntimeException: -9: Attribute field (EMPLOYEE_NUMBER) does not exist in table USR.
  at oracle.iam.reconciliation.dao.ReconActionDao.executeBulkUserMatchCRUD(ReconActionDao.java:697)
  at oracle.iam.reconciliation.impl.UserHandler.executeBulkCUD(UserHandler.java:568)
  at oracle.iam.reconciliation.impl.BaseEntityTypeHandler.process(BaseEntityTypeHandler.java:34)
  at oracle.iam.reconciliation.impl.ActionEngine.processBatch(ActionEngine.java:129)
  at oracle.iam.reconciliation.impl.ActionEngine.execute(ActionEngine.java:90)
  at oracle.iam.reconciliation.impl.ActionTask.execute(ActionTask.java:73)
  at oracle.iam.platform.async.impl.TaskExecutor.executeUnmanagedTask(TaskExecutor.java:100)
  at oracle.iam.platform.async.impl.TaskExecutor.execute(TaskExecutor.java:70)
  at oracle.iam.platform.async.messaging.MessageReceiver.onMessage(MessageReceiver.java:68)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
  at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
  at $Proxy355.onMessage(Unknown Source)
  at weblogic.ejb.container.internal.MDListener.execute(MDListener.java:466)
  at weblogic.ejb.container.internal.MDListener.transactionalOnMessage(MDListener.java:371)
  at weblogic.ejb.container.internal.MDListener.onMessage(MDListener.java:328)
  at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:4659)
  at weblogic.jms.client.JMSSession.execute(JMSSession.java:4345)
  at weblogic.jms.client.JMSSession.executeMessage(JMSSession.java:3822)
  at weblogic.jms.client.JMSSession.access$000(JMSSession.java:115)
  at weblogic.jms.client.JMSSession$UseForRunnable.run(JMSSession.java:5170)
  at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  The error is "(EMPLOYEE_NUMBER) does not exist in table USR". This field is a default OIM field. If I remove it from the mapping, the recon works OK.
  I have the same error if I mapping a UDF field that the label has a white space (eg.: Cost Center).
  This happens with other default OIM field:
  - Hire Date
  - Display Name
  Any idea?
  Are there any workaround for this?
  Thanks,
  Ariel

  Hi!
  I found the bug in metalink "Bug 10041190 GTC Recon Failed With new OIM UDF Attribute Map If Attribute Name Has Space"
  The workaround is: Don't use UDF's with a space in the attribute name.
  This issue is fixed in 11.1.1.3.2
  Thanks,
  Ariel