User Provisioning fails using AD 11.1.1.5

Similar Messages

• User auth fails using 802.1x (EAP-TLS)

  I'm currently testing 802.1x machine and user authentication using EAP-TLS. Right now I'm testing them separately, and machine auth works great, but user auth doesn't.
  Here's what I'm using:
  Smart Cards ->
  Built-in Microsoft XP supplicant ->
  Catalyst 4006 Switch ->
  Cisco Secure ACS 3.3 ->
  Microsoft Active Directory
  After I log in using the smart card, an EAPOL message from the computer is sent to the switch, and the switch replies asking for the computer to identify itself, but the computer does nothing. The switch continues asking and finally gives up because of no response. The ACS server logs no traffic from the supplicant.
  Is this a supplicant issue? Using PEAP MSCHAPv2 with secured passwords works fine, but not with certificates.

  I found my answer. The problem was with the Microsoft supplicant. It wasn't prompting me to type in the PIN to unlock the smart card, so it couldn't read the certificate and thus the EAP process was timing out.
  In order for the Windows supplicant to prompt the user for the smart card PIN, the "Show icon in notification area when connected" checkbox in the Local Area Connection properties windows must be checked. They may want to think about renaming that box... :-)

• JavaTask to be called after AD User provisioning succeeds

  I'm trying to write a java class which can be called once the AD User account is successfully created. Does the JavaTask needs to be implemented by a certain OIM api interface? How would I get the user's id that got the AD User provisioned?

  Using the code, I was able to see a group added to AD from OIM. If I go to resources > AD User > AD User Group Membership details. This is the code I used to in my adapter which gets executed on response "AD User was created" in Create User task of AD User.
  public void addProcessChildData(long pKey, tcDataProvider provider) {
  Logger.getLogger(RandomAdapterClass.class.getName()).log(Level.SEVERE, "Entering addProcessChildData... Key: " + pKey);
  try {
  tcFormInstanceOperationsIntf f = (tcFormInstanceOperationsIntf) tcUtilityFactory.getUtility(provider, "Thor.API.Operations.tcFormInstanceOperationsIntf");
  tcResultSet childFormDef = f.getChildFormDefinition(f.getProcessFormDefinitionKey(pKey), f.getProcessFormVersion(pKey));
  long childKey = childFormDef.getLongValue("Structure Utility.Child Tables.Child Key");
  Map attrChildData = new HashMap();
  String groupDN = "4~CN=TestGroup,OU=roles,DC=test,DC=dev";
  attrChildData.put("UD_ADUSRC_GROUPNAME", groupDN);
  f.addProcessFormChildData(childKey, pKey, attrChildData);
  } catch (Exception e) {
  e.printStackTrace();
  }

• Migrating EPMA Planning application: Failed to sync with user provisioning

  Hi All,
  We are migrating applications from Production to Dev. We have one EPMA Planning and one Essbase application in both environments.
  We have migrated artifacts into File system in PROD(Shared services, EPMA, Planning, Essbase and Reporting). We have copied and pasted in import_export folder in DEV.
  Then we are trying to migrate artifacts into applications from File system in DEV. First we did EPMA artifacts successfully in migration status report then we have deployed application into planning without any errors.(msg showing as in sync deployment). After that we did shared services, it is failed
  migration status report error msg:
  +28:6571:Application <xxxxx> does not exist in target. 28:6571:Application <xxxx> does not exist in target. 28:6571:Application <xxxx> does not exist in target. 28:6571:Application <xxxxx> does not exist in target. 28:6571:Application <xxxx> does not exist in target. ...+
  When i am trying to open the planning application, i am getting error: Failed to sync with user provisioning, check planning log for details
  HyS9planningsyserr.log details:
  [INFO] RegistryLogger - REGISTRY LOG INITIALIZED
  [INFO] RegistryLogger - REGISTRY LOG INITIALIZED
  Creating rebind thread to RMI
  com.hyperion.planning.DuplicateUserException: Another user with the name hypadmin already exists.
  com.hyperion.planning.DuplicateUserException: Another user with the name hypadmin already exists.
  com.hyperion.planning.HspRuntimeException: Failed to sync with user provisioning. Check Planning log for details
       at com.hyperion.planning.HspJSImpl.synchronizeUserWithProvisioning(Unknown Source)
       at com.hyperion.planning.HspJSImpl.login(Unknown Source)
       at com.hyperion.planning.HspJSImpl.login(Unknown Source)
       at com.hyperion.planning.HyperionPlanningBean.Login(Unknown Source)
       at HspLogOn.Handle(Unknown Source)
       at HspLogOn.doGet(Unknown Source)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3241)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2010)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1916)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1366)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)
  java.lang.RuntimeException: Errors occured during syncrhonization: [com.hyperion.planning.DuplicateUserException: Another user with the name hypadmin already exists.]
       at com.hyperion.planning.HspJSImpl.synchronizeUserWithProvisioning(Unknown Source)
       at com.hyperion.planning.HspJSImpl.login(Unknown Source)
       at com.hyperion.planning.HspJSImpl.login(Unknown Source)
       at com.hyperion.planning.HyperionPlanningBean.Login(Unknown Source)
       at HspLogOn.Handle(Unknown Source)
       at HspLogOn.doGet(Unknown Source)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3241)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2010)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1916)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1366)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)
  java.lang.RuntimeException: Errors occured during syncrhonization: [com.hyperion.planning.DuplicateUserException: Another user with the name hypadmin already exists.]
       at com.hyperion.planning.HspJSImpl.synchronizeUserWithProvisioning(Unknown Source)
       at com.hyperion.planning.HspJSImpl.login(Unknown Source)
       at com.hyperion.planning.HspJSImpl.login(Unknown Source)
       at com.hyperion.planning.HyperionPlanningBean.Login(Unknown Source)
       at HspLogOn.Handle(Unknown Source)
       at HspLogOn.doGet(Unknown Source)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3241)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2010)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1916)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1366)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)
  com.hyperion.planning.DuplicateUserException: Another user with the name hypadmin already exists.
  com.hyperion.planning.HspRuntimeException: Failed to sync with user provisioning. Check Planning log for details
       at com.hyperion.planning.HspJSImpl.synchronizeUserWithProvisioning(Unknown Source)
       at com.hyperion.planning.HspJSImpl.login(Unknown Source)
       at com.hyperion.planning.HspJSImpl.login(Unknown Source)
       at com.hyperion.planning.HyperionPlanningBean.Login(Unknown Source)
       at HspLogOn.Handle(Unknown Source)
       at HspLogOn.doGet(Unknown Source)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3241)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2010)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1916)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1366)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)
  java.lang.RuntimeException: Errors occured during syncrhonization: [com.hyperion.planning.DuplicateUserException: Another user with the name hypadmin already exists.]
  Thanks,
  mady

  Hi,
  I got solution for this issue through Oracle Support.
  I have restored database and migrated artifacts using LCM. any one method is enough to do Planning application migration (from Oracle Support)
  Thanks,
  mady

• Hyperion Planning - Failed to sync with user provisioning. Check planning

  Hi All,
  I'm trying to configure Hyperion Planning to user an external user repository (OID) but when i try to login with an OID user i get the following error :
  "Failed to sync with user provisioning. Check planning log for details"
  I'm not hyperion expert so please excuse any school boy mistakes.
  Use Case : login to Hyperion Planning using an OID user
  Setup:
  1)     User created in OID
  2)     Use Provisioned in HSS with planning roles
  3)     User can login to HSS
  4)     Able to login with Native user with the exact same roles
  5)     Version 11.1.2
  6) Can only see native user in EAS..
  I've googled away and tried various things:
  1) Run provisionUsers script :
  Loaded Version of Essbase RTC: 0xb1200
  [Wed Jan 25 09:39:04 GMT-06:00 2012] Planning successfully notified HBR repository.
  Wed Jan 25 09:39:41 GMT-06:00 2012 :: [Wed Jan 25 09:39:41 GMT-06:00 2012] Plann
  ing: Synchronizing the following users with user provisioning: [XXX]
  Wed Jan 25 09:39:41 GMT-06:00 2012 :: Planning: Error occurred while synchronizing: Errors occured during syncrhonization: [com.hyperion.css.CSSIllegalArgumentE
  xception: EPMCSS-251046: Invalid principal.]
  2) Bouncing servers
  Any help would be great.
  Thanks,
  Oz

  Hi,
  Have you updated the datasources for each of the planning applications, you will need to update the password and probably recycle planning app server.
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Failed to sync with user provisioning. Check Planning log for details

  hey everyone,
  we just did a password update for our hyperion planning application owner account. and now when i try to login to hyperion planning, i get the following error message:
  Failed to sync with user provisioning. Check Planning log for details.
  I can still login to shared services and workspace with the same application owner account.
  i also tested and verified that I can login to Essbase via Excel using this application owner acct. after i changed the password, i have stop and restarted the weblogic web services after I updated the password.
  because i kept getting the error, i have reverted back the password to the original one... but i am still getting the same error message.
  btw, we are using a solaris server running WebLogic9, Hyperion System 9. any help or tips would be appreciated.. thx.

  Hi,
  Have you updated the datasources for each of the planning applications, you will need to update the password and probably recycle planning app server.
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Provision OIM user to ADAM using own ProcessDefinationForm,lookups etc

  Hi Friends,
  I am getting problem while provision OIM user to ADAM using the AD Connector 9.1.0.1. For provision I am using my own process definition form, adapter etc (see below).
  The details are
  •     Created a new IT resource i.e. “ADAM IT” of type AD Server.
  •     Created a new Resource i.e. “ADAM User”
  •     Created a Form i.e. “UD_ADAMUSER” similar to “UD_ADUSER”
  •     Created a new “AD. PARAMETERADAM” similar to “AD.PARAMETER”
  •     Created a lookup definition AtMap.MYADAM (similar to AtMap.ADAM) containing mapping between above form field and ADAM server attribute. This lookup is used in created IT resource as AtMap ADUser value.
  •     Created an adapter i.e. adpADAMCREATEUSER. This adapter has exactly same step as it is in adapter “adpADCSCREATEUSER”. I have used “AD.PARAMETERADAM” instead of “AD.PARAMETER”. Below are the three tasks I have created for this adapter It is similar to task “adpADCSCREATEUSER”.
  o     ADAM Get Lookup Values
  o     ADAM Get Attribute Map
  o     ADAM Create User
  •     Created a process definition of type provisioning i.e. “ADAM User” just like “AD User”
  o     In this process definition I have used created “ADAM User” as object
  o     “UD_ADAMUSER” as “Table Name” and
  o     Create a task called “Create User” and used the created adapter and mapped the adapter variables.
  When I perform the provisioning operation with the above settings, then provision is not succeeded and when I checked log I found below details….
  2009-01-29 17:38:48,640 INFO [STDOUT] Running ADAM Get Lookup Values
  2009-01-29 17:38:48,640 DEBUG [OIMCP.ADCS] tcUtilADTasks::getLookupValues() Enter
  2009-01-29 17:38:48,640 DEBUG [OIMCP.ADCS] tcUtilADTasks::getLookupHashMap() Enter
  2009-01-29 17:38:48,640 DEBUG [OIMCP.ADCS] tcUtilADTasks::getLookupHashMap() Exit
  2009-01-29 17:38:48,640 DEBUG [OIMCP.ADCS] tcUtilAttributeNameMap::getIntegrationAttributes() Enter
  2009-01-29 17:38:48,640 DEBUG [OIMCP.ADCS] tcUtilAttributeNameMap::getIntegrationAttributes() Exit
  2009-01-29 17:38:48,640 DEBUG [OIMCP.ADCS] tcUtilADTasks::getLookupValues() Exit
  2009-01-29 17:38:48,640 INFO [STDOUT] Running ADAM Get Attribute Map
  2009-01-29 17:38:48,640 DEBUG [OIMCP.ADCS] tcUtilADTasks::getProcessHasHMapVoid() Enter
  2009-01-29 17:38:48,640 DEBUG [OIMCP.ADCS] tcUtilADTasks::getProcessHasHMap() Enter
  2009-01-29 17:38:48,640 DEBUG [OIMCP.ADCS] tcUtilADTasks::getProcessHasHMap() Exit
  2009-01-29 17:38:48,640 DEBUG [OIMCP.ADCS] tcUtilAttributeNameMap::getUDFIntegrationAttributes() Enter
  2009-01-29 17:38:48,687 DEBUG [OIMCP.ADCS] tcUtilAttributeNameMap::getUDFIntegrationAttributes() Exit
  2009-01-29 17:38:48,687 DEBUG [OIMCP.ADCS] tcUtilADTasks::getProcessHasHMapVoid() Exit
  2009-01-29 17:38:48,687 INFO [STDOUT] Running ADAM Create User
  2009-01-29 17:38:48,687 DEBUG [OIMCP.ADCS] tcUtilADTasks::createADAMUser() Enter
  2009-01-29 17:38:48,687 DEBUG [OIMCP.ADCS] tcUtilADTasks::checkHierarchy() Enter
  2009-01-29 17:38:48,687 DEBUG [OIMCP.ADCS] tcUtilADTasks::checkHierarchy() Exit
  2009-01-29 17:38:48,687 DEBUG [OIMCP.ADCS] tcADUtilLDAPController::getPath() Enter
  2009-01-29 17:38:48,687 DEBUG [OIMCP.ADCS] tcADUtilLDAPController::getPath() Exit
  2009-01-29 17:38:48,687 DEBUG [OIMCP.ADCS] tcADUtilLDAPController::connectToAvailableAD() Enter
  2009-01-29 17:38:48,687 DEBUG [OIMCP.ADCS] tcADUtilLDAPController::hashTableEnvForDirContext() Enter
  2009-01-29 17:38:48,687 DEBUG [OIMCP.ADCS] tcADUtilLDAPController::removePlus() Enter
  2009-01-29 17:38:48,687 DEBUG [OIMCP.ADCS] tcADUtilLDAPController::removePlus() Exit
  2009-01-29 17:38:48,687 DEBUG [OIMCP.ADCS] tcADUtilLDAPController::hashTableEnvForDirContext() Exit
  2009-01-29 17:38:48,687 DEBUG [OIMCP.ADCS] tcADUtilLDAPController::hashTableEnvForLDAPContext() Enter
  2009-01-29 17:38:48,687 DEBUG [OIMCP.ADCS] tcADUtilLDAPController::hashTableEnvForLDAPContext() Exit
  2009-01-29 17:38:48,687 INFO [OIMCP.ADCS] SSL option is not selected in ITResource
  2009-01-29 17:38:48,750 DEBUG [OIMCP.ADCS] tcADUtilLDAPController::connectToAvailableAD() Exit
  2009-01-29 17:38:48,750 DEBUG [OIMCP.ADCS] tcADUtilLDAPController::getAttributesObject() Enter
  2009-01-29 17:38:48,750 DEBUG [OIMCP.ADCS] tcADUtilLDAPController::getAttributesObject() Exit
  2009-01-29 17:38:48,750 ERROR [OIMCP.ADCS] AD User Creation Failed:null
  2009-01-29 17:38:48,750 DEBUG [OIMCP.ADCS] tcADUtilLDAPController::disconnect() Enter
  2009-01-29 17:38:48,750 DEBUG [OIMCP.ADCS] tcADUtilLDAPController::disconnect() Exit
  2009-01-29 17:38:48,750 DEBUG [OIMCP.ADCS] tcUtilADTasks::createADAMUser() Exit
  Any thought on why the provisioning operation failed, am I missing something? One more thing where I can find the java doc for the AD Connector 9.1.0.1?
  Any help would be greatly appreciated!
  Regards,
  Hardew

  The AD connector is built to provision one object and doesn't really do complex OU structures very well so if you need to create multiple objects your best bet is probably a custom connector using JNDI.
  Good luck
  /M

• Failed to sync with user provisioning 9.3.3

  Hello,
  I have a new twist on a common error. We have two Planning applications. We copied one from prod to dev, but during the duration of this, I had to change my password. Now I can sign onto one planning application, but not the one we refreshed, due to the "Failed to sync with user provisioning" error. I can sign onto EAS Console and Shared Services.
  Can you please tell me what I have to do to resync this Planning application, and instructions on how to do this? I have access to the admin account and database tables if required. This is version 9.3.3.
  Thank you,

  Hello John,
  I am logging in with my user id, which is an administrator, but not the "admin" account. I am unfamiliar with the term application owner, but I expect it is the "admin" account. We use single server sign on, so my network username and password are the Hyperion/Essbase username and password.
  I think the problem is, between the time we copied the application from production and copied it to development, I changed my password.
  I looked in the hsp_users table, and it does not have usernames. Is there a way to associate the user_id with a username to find out which one is mine?
  I would copy the SID value from the working to the non-working one. I understand that part.
  Thank you,

• VB ActiveX User Control fails to install on Windows 8 using IE10 with Code Download Error: (hr = 80070005) Access is denied.

  I have a VB VS2008 (.Net 2.0) ‘pure’ .NET based user control which used to be hosted in Internet Explorer.
  Because that approach is no longer possible in VS2013 (.Net 4.5) I have converted it to an VB ActiveX user control.
  This process involves digitally signing the user control DLL.
  Creating a setup project resulting in a setup.exe and MyUserControl.msi.
  Digitally signing both those components and then producing a cab file (which again is digitally signed).
  IE10 should then be able to install this using an object tag as follows
  <object id="editor" height="100%" width="100%"
   classid="clsid:EA47DB16-9272-4CB3-A800-C369A479396A" codebase="cab\MyUserControl.cab#Version=6,0,11,1" VIEWASTEXT>
  If I use the setup.exe and MyUserControl.msi directly on the client windows 8 machine before starting IE10 then the control is already installed (shows up in Programs and Features) and it works.
  If I don't do this and let IE install the control then it doesn't work.
  What I see is the IE prompt
  This website wants to install the following add-on: 'MyUserControl.cab'
  Clicking on install produces the User Account Control MsgBox
  Do you want to allow the following program to make changes to this computer
  Clicking yes doesn't install the control as expected
  The inf file that I'm using is currently
  [version]
  signature="$CHICAGO$"
  AdvancedINF=2.0
  [Add.Code]
  setup.exe=setup.exe
  MyUserControlSetup.inf=MyUserControlSetup.inf
  MyUserControlSetup.msi=MyUserControlSetup.msi
  [setup.exe]
  file=thiscab
  [MyUserControlSetup.inf]
  file=thiscab
  [MyUserControlSetup.msi]
  file=thiscab
  [Setup Hooks]
  RunSetup=RunSetup
  [Deployment]
  InstallScope=user
  [RunSetup]
  run="%EXTRACT_DIR%\setup.exe"
  I have defined the registry setting ForceCodeDownloadLog
  Examining the temporary internet files location after trying to install using IE10 I can see the following
  *** Code Download Log entry (15 Jan 2015 @ 11:49:18) ***
  Code Download Error: (hr = 80070005) Access is denied.
  ERR: Run Setup Hook: Failed Error Code:(hr) = 80070005, processing: %EXTRACT_DIR%\setup.exe
  LOG: Reporting Code Download Completion: (hr:80070005 (FAILED), CLASSID: ea47db16...,

  The problem here was the cab file.
  Using ProcessMonitor I found that the following entry was generated at the time of failure
  16:48:00.9222751            2920      IEInstal.exe         CreateFile              
  C:\Users\Jim\AppData\Local\Temp\IDC2.tmp\setup.exe             NAME NOT FOUND               Desired Access: Read Attributes, Read
  Control, Synchronize, Dis, Options: Synchronous IO Non-Alert, Non-Directory File, Disallow Exclusive, Attributes: n/a, ShareMode: None, AllocationSize: n/a
  Analysis of the contents of the cab file using PeaZip indicated that it didn't contain setup.exe which confused me for a while as the makecab /f MyUserControlSetup.ddf produced no errors.
  The MyUserControlSetup.ddf contained
  .Set DiskDirectoryTemplate=cab
  .Set CabinetNameTemplate=DocEditor.cab
  MyUserControlSetup.inf
  MyUserControlSetup.msi
  setup.exe
  Using makecab /f MyUserControlSetup.ddf /v3 I saw that the output was being written to 3 'disk' files but only one was present in explorer after it finished.
  So I guessed that the output was for floppy disks and changed MyUserControlSetup.ddf to contain
  .Set MaxDiskSize=CDROM
  .Set DiskDirectoryTemplate=cab
  .Set CabinetNameTemplate=DocEditor.cab
  MyUserControlSetup.inf
  MyUserControlSetup.msi
  setup.exe
  PeaZip now indicated that the cab file contained the 3 files I expected and using that cab in the codebase attribute installed my ActiveX control

• Planning 931 -   Failed to sync with user provisioning

  I am getting " Failed to sync with user provisioning. Check Planning log for details" error message while trying to login
  This issue is not for all users. I can login as admin and refresh my security via planning web

  Hi Amit,
  i had similar issue when i migrated planning application from test to Dev.
  here is the solution which I followed and resolved the issue:
  1.Login as admin account
  2.click on Administration tab.
  3. select Dimensions from menu.
  4. select any of the member.
  5. Click on Assign Access.
  6. Which takes you new window.
  7. Click on "migrate identities", once it is successful.
  8. logoff and try to login with any other user.
  hope this helps.
  www.dornakal.blogspot.com
  Edited by: Dornakal on May 6, 2009 10:52 AM

• Failed to sync with user provisioning

  Hi,
  None of the users other than admin are able to login to planning application in SIT. I have the admin access in SIT, but still not able to log into any planning application. The error i get is "Failed to sync with user provisioning. Check Planning log for details".
  What could be the reasons? Which log do i check?
  version - 11.1.1.3
  Regards,
  Ragav.

  Have you tried running the updateusers utility :- http://download.oracle.com/docs/cd/E12825_01/epm.111/hp_admin/ch03s12.html
  this should try and sync HSS with the planning tables, it will also output any failures.
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Flat file connector : provisioning failed

  Hi All,
  I'm developing a custom flat file connector, so that when a resource is provisioned to a user the connector will dump the user data to a file. I have created the connector and plugged in it OIM. When I'm provisioning the user, The provisioning fails throwing the following exception. Any help on this is appreciated. Thanks in advance for help.
  ####<Sep 27, 2012 5:40:54 AM PDT> <Error> <HTTP> <michelson> <oim_server1> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1348749654015> <BEA-101017> <[ServletContext@1183994828[app:oim module:xlWebApp path:/xlWebApp spec-version:2.5 version:11.1.1.3.0]] Root cause of ServletException.
  javax.servlet.jsp.JspException: Can't insert page '/tiles/common/tjspHeader.jsp' : Software caused connection abort: socket write error
       at org.apache.struts.tiles.taglib.InsertTag$InsertHandler.doEndTag(InsertTag.java:902)
       at org.apache.struts.tiles.taglib.InsertTag.doEndTag(InsertTag.java:465)
       at jsp_servlet._layouts.__tjspclassiclayout._jsp__tag1(__tjspclassiclayout.java:302)
       at jsp_servlet._layouts.__tjspclassiclayout._jspService(__tjspclassiclayout.java:236)
       at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183)
       at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:523)
       at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444)
       at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:163)
       at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:184)
       at sun.reflect.GeneratedMethodAccessor1107.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at org.apache.struts.tiles.TilesUtilImpl.doInclude(TilesUtilImpl.java:129)
       at org.apache.struts.tiles.TilesUtil.doInclude(TilesUtil.java:152)
       at org.apache.struts.tiles.taglib.InsertTag.doInclude(InsertTag.java:764)
       at org.apache.struts.tiles.taglib.InsertTag$InsertHandler.doEndTag(InsertTag.java:896)
       at org.apache.struts.tiles.taglib.InsertTag.doEndTag(InsertTag.java:465)
       at jsp_servlet._pages.__taskdetailspage._jsp__tag0(__taskdetailspage.java:111)
       at jsp_servlet._pages.__taskdetailspage._jspService(__taskdetailspage.java:76)
       at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
       at weblogic.servlet.internal.ServletStubImpl.onAddToMapException(ServletStubImpl.java:416)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:326)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183)
       at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:523)
       at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:253)
       at org.apache.struts.chain.commands.servlet.PerformForward.handleAsForward(PerformForward.java:113)
       at org.apache.struts.chain.commands.servlet.PerformForward.perform(PerformForward.java:96)
       at org.apache.struts.chain.commands.AbstractPerformForward.execute(AbstractPerformForward.java:54)
       at org.apache.struts.chain.commands.ActionCommandBase.execute(ActionCommandBase.java:51)
       at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
       at org.apache.commons.chain.generic.LookupCommand.execute(LookupCommand.java:305)
       at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
       at org.apache.struts.chain.ComposableRequestProcessor.process(ComposableRequestProcessor.java:283)
       at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
       at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:462)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
       at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at com.thortech.xl.webclient.security.CSRFFilter.doFilter(CSRFFilter.java:76)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.iam.platform.auth.web.PwdMgmtNavigationFilter.doFilter(PwdMgmtNavigationFilter.java:121)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.iam.platform.auth.web.OIMAuthContextFilter.doFilter(OIMAuthContextFilter.java:107)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
       at java.security.AccessController.doPrivileged(Native Method)
       at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
       at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
       at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
       at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
       at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  >
  ####<Sep 27, 2012 5:40:54 AM PDT> <Notice> <Diagnostics> <michelson> <oim_server1> <[STANDBY] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1348749654015> <BEA-320068> <Watch 'UncheckedException' with severity 'Notice' on server 'oim_server1' has triggered at Sep 27, 2012 5:40:54 AM PDT. Notification details:
  WatchRuleType: Log
  WatchRule: (SEVERITY = 'Error') AND ((MSGID = 'WL-101020') OR (MSGID = 'WL-101017') OR (MSGID = 'WL-000802') OR (MSGID = 'BEA-101020') OR (MSGID = 'BEA-101017') OR (MSGID = 'BEA-000802'))
  WatchData: DATE = Sep 27, 2012 5:40:54 AM PDT SERVER = oim_server1 MESSAGE = [ServletContext@1183994828[app:oim module:xlWebApp path:/xlWebApp spec-version:2.5 version:11.1.1.3.0]] Root cause of ServletException.
  javax.servlet.jsp.JspException: Can't insert page '/tiles/common/tjspHeader.jsp' : Software caused connection abort: socket write error
       at org.apache.struts.tiles.taglib.InsertTag$InsertHandler.doEndTag(InsertTag.java:902)
  These are teh error details which i got from resource history tab(user->resources->resource history) :
  Error Details
  Sep 27, 2012: Adapter Execution Error: could not get value for , Table = UD_FLAT_FIL.Setting task status... "ADAPTER_ERROR" does not correspond to a known Response Code. Using "UNKNOWN".
  Thanks and Regards,
  Prasad

  These are the errors from the oimserver_diagnostic log file
  [2012-09-27T06:27:34.906-07:00] [oim_server1] [WARNING] [] [org.apache.struts.chain.commands.AbstractExceptionHandler] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 0000Jc7uIcwFs1WFLz7U8A1GP47E00005E,0] [APP: oim#11.1.1.3.0] Unhandled exception[[
  javax.servlet.ServletException: javax.servlet.jsp.JspException: Can't insert page '/tiles/common/tjspHeader.jsp' : Software caused connection abort: socket write error
       at weblogic.servlet.jsp.PageContextImpl.handlePageException(PageContextImpl.java:417)
       at jsp_servlet._layouts.__tjspclassiclayout._jspService(__tjspclassiclayout.java:274)
       at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183)
       at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:523)
       at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444)
       at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:163)
       at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:184)
       at sun.reflect.GeneratedMethodAccessor1107.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at org.apache.struts.tiles.TilesUtilImpl.doInclude(TilesUtilImpl.java:129)
       at org.apache.struts.tiles.TilesUtil.doInclude(TilesUtil.java:152)
       at org.apache.struts.tiles.taglib.InsertTag.doInclude(InsertTag.java:764)
       at org.apache.struts.tiles.taglib.InsertTag$InsertHandler.doEndTag(InsertTag.java:896)
       at org.apache.struts.tiles.taglib.InsertTag.doEndTag(InsertTag.java:465)
       at jsp_servlet._pages.__taskdetailspage._jsp__tag0(__taskdetailspage.java:111)
       at jsp_servlet._pages.__taskdetailspage._jspService(__taskdetailspage.java:76)
       at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183)
       at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:523)
       at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:253)
       at org.apache.struts.chain.commands.servlet.PerformForward.handleAsForward(PerformForward.java:113)
       at org.apache.struts.chain.commands.servlet.PerformForward.perform(PerformForward.java:96)
       at org.apache.struts.chain.commands.AbstractPerformForward.execute(AbstractPerformForward.java:54)
       at org.apache.struts.chain.commands.ActionCommandBase.execute(ActionCommandBase.java:51)
       at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
       at org.apache.commons.chain.generic.LookupCommand.execute(LookupCommand.java:305)
       at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
       at org.apache.struts.chain.ComposableRequestProcessor.process(ComposableRequestProcessor.java:283)
       at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
       at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:462)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
       at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at com.thortech.xl.webclient.security.CSRFFilter.doFilter(CSRFFilter.java:76)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.iam.platform.auth.web.PwdMgmtNavigationFilter.doFilter(PwdMgmtNavigationFilter.java:121)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.iam.platform.auth.web.OIMAuthContextFilter.doFilter(OIMAuthContextFilter.java:107)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
       at java.security.AccessController.doPrivileged(Native Method)
       at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
       at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
       at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
       at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
       at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  Caused by: javax.servlet.jsp.JspException: Can't insert page '/tiles/common/tjspHeader.jsp' : Software caused connection abort: socket write error
       at org.apache.struts.tiles.taglib.InsertTag$InsertHandler.doEndTag(InsertTag.java:902)
       at org.apache.struts.tiles.taglib.InsertTag.doEndTag(InsertTag.java:465)
       at jsp_servlet._layouts.__tjspclassiclayout._jsp__tag1(__tjspclassiclayout.java:302)
       at jsp_servlet._layouts.__tjspclassiclayout._jspService(__tjspclassiclayout.java:236)
       ... 70 more
  [2012-09-27T06:27:34.906-07:00] [oim_server1] [WARNING] [] [XELLERATE.SERVER] [tid: [ACTIVE].ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 0000Jc7uIcwFs1WFLz7U8A1GP47E00005F,0] [APP: oim#11.1.1.3.0] readme.txt is not a valid connector resource file.
  [2012-09-27T06:27:34.906-07:00] [oim_server1] [WARNING] [] [XELLERATE.SERVER] [tid: [ACTIVE].ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 0000Jc7uIcwFs1WFLz7U8A1GP47E00005F,0] [APP: oim#11.1.1.3.0] readme.txt is not a valid connector resource file.
  [2012-09-27T06:27:34.906-07:00] [oim_server1] [WARNING] [] [org.apache.struts.chain.commands.ExceptionCatcher] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid: 0000Jc7uIcwFs1WFLz7U8A1GP47E00005E,0] [APP: oim#11.1.1.3.0] Exception from exceptionCommand 'servlet-exception'[[
  javax.servlet.ServletException: javax.servlet.jsp.JspException: Can't insert page '/tiles/common/tjspHeader.jsp' : Software caused connection abort: socket write error
       at weblogic.servlet.jsp.PageContextImpl.handlePageException(PageContextImpl.java:417)
       at jsp_servlet._layouts.__tjspclassiclayout._jspService(__tjspclassiclayout.java:274)
       at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183)
       at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:523)
       at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444)

• Posixaccount and posixgroup user provisioning in sun LDAP through sunIDM 7

  Hi folk
  I am trying to do userprovisioning in LDAP for posixaccount and posixgroup.
  From authorative datasource I am getting role,rolestatus,uidNumber,cn etc.
  Based on role user will be placed in posixgoup.
  Role to group mapping is
  one-to-many
  Anybady can tell me how can i do it.
  User provisioning is automatically so i have make some changes in workflow and writea rule for role to group mapping and i need to call that rule in workflow.
  But how i will make changes in workflow and what chnages are required for posixaccount and posixgroup prov.
  please help if anybody has done or give me some idea how can i do it.
  Thanks

  Hello All,
  Thank you for your time and valuable replies.
  I got rid of the "Missing" error and now I am one step away from the solution.
  Now I am at a stage where: (for a user with initial password on LDAP)
  1. In AD if "User needs to change password on next logon" flag is NOT set - user can successfully logon to portal. (without being prompted for password change)
  2. In AD if "User needs to change password on next logon" flag is set - then user cannot logon to portal - I get User authentication failed error.
  I have went through a lot of discussions around this topic on SDN and different SAP Notes. I have tried to maintain UME Security policy as close as possible to LDAP (I cannot make it exactly same due to some differences in LDAP and UME).
  However, when and administrator can change passwords from UME successfully without any problem - it means that:
  - Security policy is being met
  - Service user used to communicate to LDAP has all the required access
  The only missing piece of the puzzle is how to enable the users to be able to change their passwords (with initial or expired passwords).
  According to Note 865399 - the default value for The property ume.ldap.access.set_pwd is TRUE.
  Also the property ume.ldap.access.pwd.via.usercontext can only be TRUE when ume.ldap.access.set_pwd is set to FALSE.
  So, I have tried setting the following without any success:
  <ume.ldap.access.pwd.via.usercontext>true</ume.ldap.access.pwd.via.usercontext>
  <ume.ldap.access.set_pwd>false</ume.ldap.access.set_pwd>
  Thanks,
  Shanti

• Role Provisioning failed for System(s) : Connector Name . Error Message : malformedRequest

  Hi Everyone we are facing following issue in GRC-SAC-SAE 5.3_16.3. So far our CUP was connected to Enterprize portal (7.01) and auto provisioning for group to users worked. However now it is not working with below error.
  Role Provisioning failed for System(s) : <Connector Name>. Error Message :
  malformedRequest
  Failed request now
  Successful request used to provision
  Regards,
  Arpan Paik

  Arpan,
  We used to get those "malformed request" errors. We dealt with them by requesting the portal to be re-booted during the weekend maintenance window, making the portal security changes manually, cancelling the CUP request and notifying the requester. It's not a great solution, I know, but it was all we could come up with at the time. Then they upgraded the portal to NW 7.31, which is incompatible with GRC 5.3, and we have to do everything manually, so our situation went from bad to worse. Good luck!
  Cheers,
  Gretchen

• RTC Provisioning fails in OID

  I installed the RTC component of collab suite using the single-box install. I am able to successfully create users and log into RTC.
  Within the provisioning console I created a user "jsmith", then I deleted the user, then I created "[email protected]", then deleted it, then re-created "jsmith".
  The first time I created the user id's the RTC provisioning works, but now that I've re-created "jsmith" the provisioning fails.
  I looked with the OID tree for this user and found the following error messages:
  orcluserapplnprovstatus;rtc_rtcdb.company.com_rtc PROVISIONING_FAILURE
  orcluserapplnprovstatusdesc;rtc_rtcdb.company.com_rtc 1154454621548_provisioning in RTC repository failedI've tried deleting and recreating the user several times without success. I've shut everything down, rebooted the system, started everything up and still no success.
  My suspicion is that there's some ghost data in OID that is causing a conflict due to the original created entry but I don't know for sure.
  I am able to create and provision other users successfully, just not this user id.
  Any ideas how to "clean up" this user account and successfully provision RTC?
  Thanks,
  Jon.

  Issue resolved. This note is for 9.0.4.2 but works for 10.1.2 as well.
  Metalink Doc ID:      Note:312270.1
  Subject: Users Cannot Start Web Conference 'Internal Error:OID connection misconfigured or other error detected.'