Weired issue in OIM11g

Hi,
I am having a weired issue in OIM 11g.
when I am provising a resource directly after checking "auto save checkbox" the task system validation is going to pending state but all fields are getting pre-populated as per the logs and they are NOT coming to the process form.
If I uncheck that option and try to provision this resource directly then it is provisioned successfully. While doing this way I just clicked on continue button and did not entered any thing manually. All required fields are getting pre-populated successfully as per the logs and they are coming to the process form.
How to solve this issue?

Hey,
I am also facing the issue in OIM 11g for couple of my resources.
I.e. when I am trying to provision a resource directly after checking "autosave" and auto-prepopulate checkboxes, the task system validation is going to pending state but all fields are getting pre-populated as per the logs and they are NOT coming to the process form.
If I uncheck autosave checkbox and try to provision this resource directly then it is provisioned successfully. All required fields are getting pre-populated successfully as per the logs and they are coming to the process form.
Can you please let me know how you resolved this issue?
All Experts - Any suggestions?

Similar Messages

DBUM Connector Issue in OIM11g

Hi all. I'm having a very strange issue. Let me explain my scenario. I have installed correctly the DBUM Connector 9.1.0 in OIM11g. When I start a direct provisioning for an user, it all works perfectly: the user gets correctly created automatically on Oracle DB by the connector. Now I'm trying to enable a Human User to edit the provisioning form before the connector starts for the provisioning in the following way:
- User X starts direct provisioning for Oracle DB resource object
- User Y is assigned the provisiong task "Edit Provisioning Form" (which precedes "Create User" - standard task created by DBUM connector installation)
- User Y edits the provisioning form (previously compiled from User X)
- Connector starts for the provisioning with the provisioning form modified by User Y
All actors involved in this process have all privileges on resources and forms for Oracle DB resource object.
Although this, when connector starts it reply with the "ERROR" response code. Analyzing the log, I've been able to see this exceptions:
oracle.iam.connectors.common.vo.ITResource
and all the related exceptions. By the way, User X chooses correctly the IT Resource for Oracle DB resource, and User Y does not modify X's choice.
Could anyone help me to find out the solution to this problem?
I've tried the same solution with SSH Connector, in OIM11g, and it works fine. I'm having this issue only with DBUM Connector for Oracle DB.
Thanks in advance for the help,
Giuseppe.

I kind of remember ..i had a similar issue , Can you try giving permission to the involved actors on DBUM IT Resource.
Thanks
Suren

Login issue in OIM11g due to oim credsmap error

We have OIM 11gR2PS1 installed on unix box. We have AD connector 11.1.1.5.0 installed on it .Also,peoplesoft recon connector PSFT_ER-11.1.1.5.0 is installed
In our scenario,we have webservice code in which using recon event we are creating users in OIM environment
This is hosted on same OIM server unix box.Inside webservice code we have refred oimclient.jar file to work with OIM APIs and Recon Service class.
When i tested webservice for first time it was unable to load OIM API classes as it was unable to find oimclient.jar in classpath.
So to resolve this issue i kept oimclient.jar in location- "WL_HOME/server/lib/" and also added following entry in setDomainEnv.sh to load oimclient.jar explicitly in classpath
CLASSPATH="WL_HOME/server/lib/oimclient.jar:${CLASSPATH}"
export CLASSPATH
and made entry in system-jazn-data.xml present in DOMAIN_HOME//config/fmwconfig/ as :
<grant>
            <grantee>
                <codesource>
                    <url>file:${domain.home}/servers/oim_server1/stage/*</url>
                </codesource>
            </grantee>
            <permissions>
   <permission>
               <class>oracle.security.jps.service.credstore.CredentialAccessPermission</class>
                     <name>context=SYSTEM,mapName=oim,keyName=*</name>
                     <actions>read,write</actions>
    </permission>
            </permissions>
        </grant>
After this change, webservice was working as expected and OIM related things were working fine.
But,when we tried to run schedule task "Active Directory Group Lookup Recon" for AD, we are getting error message as :
java.lang.LinkageError: loader constraint violation: loader (instance of com/thortech/xl/dataobj/tcADPClassLoader) previously initiated loading for a different type with name "com/thortech/xl/dataaccess/tcDataProvider"
So,to resolve this AD schedule task issue,we rolled back changes made for webservice in setDomainEnv.sh and system-jazn-data.xml file
and removed explicit classpath entry line of oimclient.jar from setDomainEnv.sh
But after restrating all admin and managed servers,we are currently facing issue in logging into OIM idenity/syadmin or design console with xelsyadm credentials
we have never made any changes of password for xelsyadm account or not made any change in any authenticatorproviders in weblogic console
we tried everything form reverting all changes to original setup without webservice or peoplesoft listener implementation
removed all explicit classpath entries or grant entry for oim credsmap from system-jazn-data.xml.
But still same issue persists
Any helpful suggestion is appreciated on this ASAP.
issue logs are:
TaskFlow Registration: TaskFlowDeployerThread.registerTaskFlowWithTask - Error while setting task display, this can happen with app loading issue, trying to load for 2
<Nov 11, 2013 11:24:20 PM EST> <Warning> <oracle.soa.services.workflow.worklist> <BEA-000000> <<.> Error while setting task display, this can happen with app loading issue, trying to load for 2>
<Nov 11, 2013 11:24:24 PM EST> <Error> <XELLERATE.ACCOUNTMANAGEMENT> <BEA-000000> <Class/Method: tcDefaultDBEncryptionImpl/initKeyStore encounter some problems: access denied ("oracle.security.jps.service.credstore.CredentialAccessPermission" "context=SYSTEM,mapName=oim,keyName=.xldatabasekey" "read")
java.security.AccessControlException: access denied ("oracle.security.jps.service.credstore.CredentialAccessPermission" "context=SYSTEM,mapName=oim,keyName=.xldatabasekey" "read")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)
at java.security.AccessController.checkPermission(AccessController.java:559)
at oracle.security.jps.util.JpsAuth$AuthorizationMechanism$3.checkPermission(JpsAuth.java:458)
at oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:518)
at oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:544)
at oracle.security.jps.internal.credstore.util.CsfUtil.checkPermission(CsfUtil.java:643)
at oracle.security.jps.internal.credstore.ldap.LdapCredentialStore.containsCredential(LdapCredentialStore.java:214)
at oracle.iam.platform.utils.config.OIMPrivilegedExceptionAction.run(CSFCredentialProvider.java:236)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.iam.platform.utils.config.CSFCredentialProvider.getPassword(CSFCredentialProvider.java:79)
at oracle.iam.platform.utils.config.standalone.StandAloneCryptoConfig.getPassword(StandAloneCryptoConfig.java:76)
at com.thortech.xl.crypto.tcDefaultDBEncryptionImpl.initKeyStore(tcDefaultDBEncryptionImpl.java:67)
at com.thortech.xl.crypto.tcDefaultDBEncryptionImpl.getCipher(tcDefaultDBEncryptionImpl.java:96)
at com.thortech.xl.crypto.tcDefaultDBEncryptionImpl.encrypt(tcDefaultDBEncryptionImpl.java:193)
at com.thortech.xl.crypto.tcCryptoUtil.encrypt(tcCryptoUtil.java:118)
at com.thortech.xl.crypto.tcCryptoUtil.encrypt(tcCryptoUtil.java:275)
at oracle.iam.platform.auth.impl.Authenticator.encrypt(Authenticator.java:188)
at oracle.iam.platform.auth.impl.Authenticator.authenticateWithPassword(Authenticator.java:161)
at oracle.iam.platform.auth.impl.Authenticator.authenticate(Authenticator.java:134)
at oracle.iam.platform.auth.providers.wls.OIMAuthLoginModule.login(OIMAuthLoginModule.java:46)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at java.security.AccessController.doPrivileged(Native Method)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.GeneratedMethodAccessor951.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
at javax.security.auth.login.LoginContext.login(LoginContext.java:594)
at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:113)
at sun.reflect.GeneratedMethodAccessor961.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at com.sun.proxy.$Proxy16.login(Unknown Source)
at weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.login(WLSJAASLoginServiceImpl.java:89)
at com.bea.common.security.internal.service.JAASAuthenticationServiceImpl.authenticate(JAASAuthenticationServiceImpl.java:82)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at com.sun.proxy.$Proxy34.authenticate(Unknown Source)
at weblogic.security.service.WLSJAASAuthenticationServiceWrapper.authenticate(WLSJAASAuthenticationServiceWrapper.java:40)
at weblogic.security.service.PrincipalAuthenticator.authenticate(PrincipalAuthenticator.java:338)
at weblogic.servlet.security.internal.SecurityModule.checkAuthenticate(SecurityModule.java:252)
at weblogic.servlet.security.ServletAuthentication.login(ServletAuthentication.java:466)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at oracle.idm.common.login.SignInBean.handleWeblogicAuthn(SignInBean.java:131)
at oracle.idm.common.login.SignInBean.doLogin(SignInBean.java:97)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.sun.el.parser.AstValue.invoke(AstValue.java:187)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:297)
at org.apache.myfaces.trinidadinternal.taglib.util.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:53)
at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcastToMethodBinding(UIXComponentBase.java:1256)
at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:183)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
>
<Nov 11, 2013 11:24:24 PM EST> <Error> <OIM Authenticator> <BEA-000000> <Error encrypting password>
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at oracle.idm.common.login.SignInBean.handleWeblogicAuthn(SignInBean.java:131)
at oracle.idm.common.login.SignInBean.doLogin(SignInBean.java:97)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.sun.el.parser.AstValue.invoke(AstValue.java:187)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:297)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3730)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3696)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused by: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User xelsysadm javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User xelsysadm denied
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:261)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at java.security.AccessController.doPrivileged(Native Method)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.GeneratedMethodAccessor951.invoke(Unknown Source)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at com.sun.proxy.$Proxy34.authenticate(Unknown Source)
at weblogic.security.service.WLSJAASAuthenticationServiceWrapper.authenticate(WLSJAASAuthenticationServiceWrapper.java:40)
at weblogic.security.service.PrincipalAuthenticator.authenticate(PrincipalAuthenticator.java:338)
at weblogic.servlet.security.internal.SecurityModule.checkAuthenticate(SecurityModule.java:252)
at weblogic.servlet.security.ServletAuthentication.login(ServletAuthentication.java:466)
... 72 more

Hi All,
I have tried out option of adding authwl.conf in java argument as mentioned. But,still same issue persists. I think it will be same whether we refer authwl.conf file from OIM_ORACLE_HOME/server/config or OIM_ORACLE_HOME/designconsole/config/ location.
We havent made any changes in USR table for xelsysadm user
Even system-jazn-data.xml is intact.
Actually,when i removed following classpath entry from setDomainEnv.sh file
CLASSPATH="WL_HOME/server/lib/oimclient.jar:${CLASSPATH}"
export CLASSPATH
Its working fine and i am not facing any login issue in OIM console.Also the Active Directory connector scheduled task are running fine without giving earlier error whic is becaus of explicit classpath addition in setDomainEnv.sh.This error was
java.lang.LinkageError: loader constraint violation: loader (instance of com/thortech/xl/dataobj/tcADPClassLoader) previously initiated loading for a different type with name "com/thortech/xl/dataaccess/tcDataProvider" .
This error was arising since i have explicitly mentioned oimclient.jar again in classpath and as OIM server also will load it at OIM server startup time. So it was finding two instance of tcDataProvider and was not able to decide to refer to which one of them.
But, I have to refer oimclient.jar in my webservice code to work.If we dont add classpath entry explicitly for oimclient.jar then it will throw error..that it is unable to load OIMClient class.
Webservice is deployed in OIM serveer . Is there any other way by which i can refer oimclient class in webservice code without causing this classpath conflict issue. ?
Also.is it correctthat for first time when we load Classpath explicitly like i did in my scenario,then it will always try to refer same classpath for that jar always.
For ex: in my env i made changes in setDomainEnv.sh and modifed classpath enrty as :
CLASSPATH="${OIM_ORACLE_HOME}/server/client/oimclient.jar:${CLASSPATH}"
export CLASSPATH
but this time it will start throwin the exception as :
<Nov 11, 2013 11:24:24 PM EST> <Error> <XELLERATE.ACCOUNTMANAGEMENT> <BEA-000000> <Class/Method: tcDefaultDBEncryptionImpl/initKeyStore encounter some problems: access denied ("oracle.security.jps.service.credstore.CredentialAccessPermission" "context=SYSTEM,mapName=oim,keyName=.xldatabasekey" "read")
java.security.AccessControlException: access denied ("oracle.security.jps.service.credstore.CredentialAccessPermission" "context=SYSTEM,mapName=oim,keyName=.xldatabasekey" "read")
Do i need to reinstall OIM setup to resolve this issue or is there any other way to refer oimclient.jar in my webservice code deployed in OIM env ?
Please suggest.
Thanks,
RPB

User Recon and Event Handler Issue in OIM11g

Hello Experts,
I am developing a Trusted Source Recon (User) for a proprietary application. I have devloped two java classes and put them into a jar file and placed the same jar in both ScheduleTask and EventHandlers directory of OIM.
1.UserRecon class -- for User Recon
2. EventHandler class -- update user's password after reconciling the user using API.
In the User Recon class , I have defined a static HashMap variable to store the user and user's password as a class variable. The flow will be like this,
1. Query trsuted source
2. Reconcile user (except password because password can not be)
3. Update the map with userid (key) and password.
4. After reconciling , In the event handler use the same map to read user's password and set the password in OIM using API. (setXelleratePassword).
5.After successful password set remove the entry from Map.
The idea is to avoid making additional call to trusted source to retrieve the user's password.
This worked in OIM9102. But when I tested the same in 11g it did not work.... Though the User Recon class updates the record into the HashMap , In the eventhandler , the HashMap is always coming as "empty".
I did the below changes for 11g,
1. Modified the EventHandler class to suite for 11g.
2. Deployed the event handler as a plugin
3. Placed the same jar file in Schedule task directory of OIM 11g
I am unable find out where it is going wrong?? and tired of troubleshooting. Can you assist me ?
Thanks and Regards
INIYA

INIYA wrote:
Hello Experts,
I am developing a Trusted Source Recon (User) for a proprietary application. I have devloped two java classes and put them into a jar file and placed the same jar in both ScheduleTask and EventHandlers directory of OIM.
1.UserRecon class -- for User Recon
2. EventHandler class -- update user's password after reconciling the user using API.
In the User Recon class , I have defined a static HashMap variable to store the user and user's password as a class variable. The flow will be like this,
1. Query trsuted source
2. Reconcile user (except password because password can not be)
3. Update the map with userid (key) and password.
4. After reconciling , In the event handler use the same map to read user's password and set the password in OIM using API. (setXelleratePassword).
5.After successful password set remove the entry from Map.
The idea is to avoid making additional call to trusted source to retrieve the user's password.
This worked in OIM9102. But when I tested the same in 11g it did not work.... Though the User Recon class updates the record into the HashMap , In the eventhandler , the HashMap is always coming as "empty".
I did the below changes for 11g,
1. Modified the EventHandler class to suite for 11g.
2. Deployed the event handler as a plugin
3. Placed the same jar file in Schedule task directory of OIM 11gHope there are two jars, if this is the case place the secondary jar in lib folder, than make it as plugin.
>
I am unable find out where it is going wrong?? and tired of troubleshooting. Can you assist me ?
put the printstacktrace, so that problem can be identify
sample code
HashMap hash= null;
try{
hash = get map from other class
//class be load at this point, if class is not loaded than you will get exception.
}catch(Throwable t){
// hope you will get some error or exception here
t.printstacktrace();
>
Thanks and Regards
INIYAPaste you sample code, if it couldn't help.

Weired issue odd IP's can ping the VIP and even can't on the Nexus 9K switch.

Hello experts!
we have two nexus 9k core, attached to the HP Blade v7000 chasis and VPC configured. All Vlans are HSRP are configured. VPC is configured successfully. But the weird this is that source IP address 10.1.2.3 can ping the dest VIP (on the loadblanacer) but 10.1.2.4 can't ie all odd IP's can ping the vip and even IP's can't ping and this is happening in all other Vlans. No firewall no security applience ... windows firewalls are turned off, no ACL's on the swtiches. If I shut down the interface on nexus 1 then all IP's can ping the VIP, as soon as I unshut the interface then .4 stops pinging, and if I shutdown the interface on nexus 2 then all IP's can ping. 10 gig links are connected to Flex fabric card and vpc port channel is up. Any thoughts or help ?
Nexus 1 Nexus 2

Hello experts!
we have two nexus 9k core, attached to the HP Blade v7000 chasis and VPC configured. All Vlans are HSRP are configured. VPC is configured successfully. But the weird this is that source IP address 10.1.2.3 can ping the dest VIP (on the loadblanacer) but 10.1.2.4 can't ie all odd IP's can ping the vip and even IP's can't ping and this is happening in all other Vlans. No firewall no security applience ... windows firewalls are turned off, no ACL's on the swtiches. If I shut down the interface on nexus 1 then all IP's can ping the VIP, as soon as I unshut the interface then .4 stops pinging, and if I shutdown the interface on nexus 2 then all IP's can ping. 10 gig links are connected to Flex fabric card and vpc port channel is up. Any thoughts or help ?
Nexus 1 Nexus 2

Weired issue odd IP's can ping the VIP and even can't!

Hello experts!
we have two nexus 9k core, attached to the HP Blade v7000 chasis and VPC configured. All Vlans are HSRP are configured. VPC is configured successfully. But the weird this is that source IP address 10.1.2.3 can ping the dest VIP (on the loadblanacer) but 10.1.2.4 can't ie all odd IP's can ping the vip and even IP's can't ping and this is happening in all other Vlans. No firewall no security applience ... windows firewalls are turned off, no ACL's on the swtiches. If I shut down the interface on nexus 1 then all IP's can ping the VIP, as soon as I unshut the interface then .4 stops pinging, and if I shutdown the interface on nexus 2 then all IP's can ping. 10 gig links are connected to Flex fabric card and vpc port channel is up. Any thoughts or help ?
                               Nexus 1                                                                                                                        Nexus 2

Nexus 1
show hsrp active brief
                     P indicates configured to preempt.
                     |
Interface   Grp Prio P State    Active addr      Standby addr     Group addr
Vlan99      1   120 P Active   local            10.104.0.3       10.104.0.1      (conf)
Vlan160     5   120 P Active   local            10.104.5.3       10.104.5.1      (conf)
Vlan200     6   120 P Active   local            10.104.6.3       10.104.6.1      (conf)
Vlan210     7   120 P Active   local            10.104.7.3       10.104.7.1      (conf)
Vlan310     9   120 P Active   local            10.104.9.3       10.104.9.1      (conf)
Vlan350     11 120 P Active   local            10.104.11.3      10.104.11.1     (conf)
Vlan450     13 120 P Active   local            10.104.13.3      10.104.13.1     (conf)
Vlan700     14 120 P Active   local            10.104.14.6      10.104.14.4     (conf)
Vlan750     15 120 P Active   local            10.104.15.3      10.104.15.1     (conf)
=======================
Nexus 2
show hsrp active brief
                     P indicates configured to preempt.
                     |
Interface   Grp Prio P State    Active addr      Standby addr     Group addr
Vlan100     3   120 P Active   local            10.104.2.2       10.104.2.1
(conf)
Vlan150     4   120 P Active   local            10.104.4.2       10.104.4.1
(conf)
Vlan199     2   120 P Active   local            10.104.1.2       10.104.1.1
(conf)
Vlan300     8   120 P Active   local            10.104.8.2       10.104.8.1
(conf)
Vlan320     10 120 P Active   local            10.104.10.2      10.104.10.1
(conf)
Vlan400     12 120 P Active   local            10.104.12.2      10.104.12.1
(conf)
Vlan760     16 120 P Active   local            10.104.16.2      10.104.16.1

Import issue on OIM11g

Hi,
I am trying to import the UDF xml on OIM 11g that was exported from OIM 9.1.
When tried to add file, the information is not seen on the next dialog which shows the file name etc.
Is this achievable or am i missing something here?
Please help. Thanks.

Danish297 wrote:
source_db_node
exp USERID=system OWNER=GATEWAY FILE=D:\export_cadsdb1\gateway_backup_vishu_10April2013.dmp LOG=D:\export_cadsdb1\gateway_backup_vishnu_10April2013.log
So, with "OWNER=GATEWAY" you are exporting only object that are owned by GATEWAY
However ...
>
target_db_node
imp USERID=system fromuser=SYSTEM touser=GATEWAY FILE=D:\gateway_backup_vishu_10April2013.dmp LOG=D:\danish\gateway_import_10April2013.log buffer=99999With "fromuser=SYSTEM touser=GATEWAY" you are stating to import the objects that were owned by SYSTEM, and import them into the GATEWAY schema. You are trying to import objects that are owned by SYSTEM, yet your export only exported object owned by GATEWAY. Your dump file has no objects owned by SYSTEM.
Edited by: EdStevens on Apr 10, 2013 7:38 AM

Data combining from two files and weired issue in FIM 2010

Experts,
Following is the scenrio:-
User File
empid:firstname:lastname:deptnumber
DeptFile
deptnumber:departmentname:companyname:
Finally
Object type 'person' in metaverse and fim service should have all attribute:
Object Type - Person
Attributes - empid,firstname,lastname,deptnumber,depatmentname,companyname
To implement this:-
I created Inbound rule for User File. Relation ship criteria as accountname=empid and selected 'create resource in FIM'
Again created Inbound rule for DeptFile. Relationship criteria as deptnumber=deptnumber and not selected 'create resource in FIM'.
Well the Inbound rule for User File is working fine but Inbound rule for DeptFile is not updating depatmentname and companyname in 'Person' object.
Also intemittently I see following error:-
The synchronization rules have changed.
In order to apply this change to all imported objects, you must run full synchronization or full import and full synchronization.
Do you want to continue with the selected run profile?
Any Ideas where I am going wrong?
Thanks,
Mann

If you don't want to write code in FIM, perhaps you could combine the files using powershell before importing it to FIM, that way you only need one MA.
#Import user csv file
$userlist = import-csv "C:\temp\users.txt" -Delimiter ":"
#Import department csv file
$departmentlist = import-csv "C:\temp\departments.txt" -Delimiter ":"
#Create a hashtable of departments
$departmenttable = @{}
foreach ($department in $departmentlist){
$departmenttable.add($department.deptnumber,$department.departmentname)
#Create hashtable of companies
$companytable = @{}
foreach ($company in $departmentlist){
$companytable.add($company.deptnumber,$company.companyname)
#Map userobjects to departmentnames and write to file
$tofile = New-Object System.IO.StreamWriter("C:\temp\result.txt")
$tofile.writeline("empid:firstname:lastname:deptnumber:departmentname:companyname")
foreach ($user in $userlist){
$tofile.writeline($user.empid + ":" + $user.firstname + ":" + $user.lastname + ":" + $user.deptnumber + ":" + $departmenttable.item($user.deptnumber) + ":" + $companytable.item($user.deptnumber))
$tofile.Close()
--- Jesper Lönnqvist, Identity Architect http://addition-it.se

ACS SE 4.1.1.23 patch 5 issue with users

HI There, I am facing very weired issue with ACS SE 4.1.1.23 patch 5. I am trying to add users in ACS it is added successfully but I can not see these users when I click list all users.
But I can see users are increasing in groups when I add users..but when I do list all users it say there are no users defined. and I tried to login with newly created users from devices ....I am able to login with those new users.....
also when I go to that particular group in which I added new users....and say list users in group...I get message from ACS saying that "can not read users from group" ....
what could be issue any one has any idea....customer complained that he was unable to login to devices...with the users created on ACS...when I saw there was no users in database....then I added 2-3 users by looking at old passed and failed authentication... but I dont know how users got deleted automatically...even I tried to see appliance audit logs...could not see any thing which indicates someone deleted users...
please help me to solve this issue..
Thanks

Issue resolved. The CRL that was being parsed from the cert was one level higher than the CRL that needed to be checked. The User CRL was ppointing to the Intermediate CA's CRL. I had to manually change the URL from this:
http://DOMAINvmsp.DOMAIN.xxxx-xx.edu/pkipub/DOMAIN%20Intermediate%20CA%201.crl
to this:
http://DOMAINvmsp.DOMAIN.xxxx-xx.edu/pkipub/DOMAIN%20User%20CA%201.crl
Mark

Syslog issue in LMS 4.2

Hi I am facing weired issue with devcies syslogs. I can see syslog from only few devices though we have 160 devices.
can any one help me to get it running.
Thanks

First thing to look at is if the devices are configured properly to send syslogs to ciscoworks.
If yes, check Syslog.log (win) or syslog_info (sol/lin) to see if the missing devices syslog appears in that file. If the syslog is present in file, check filters if the filters are configured properly to forward the syslog to syslog DB else they might be dropped.
Attached image explains the Ciscoworks Syslog Architechture properly.
-Thanks
Vinod

Export to excel sizing issue

Hi there,
we are facing a weired issue when using export to excel from the query output, we have notice that while we save the excel it is getting saved as a HUGE file irrespective of the data volume.
For ex:our report has 1100 records, but when we export to excel it got saved as a 7MB file..
However when we save the file as CSV, it work okay.. wondering why are we facing an issue while export to excel ?? Is there any way that we can set the Excel format options in query output??
I've tried searching in forums, couldn't find the solutions, Please could any one throw some light on this??
Regards,
J

Hello,
The reason for the increase in size is discussed in SAP Note 1178857.
"The export to Excel function is supported as of Excel 2003. It generates an XHTML file in the Multi Mime format. This means that
Mimes (for example, icons and screens) are stored in the file. Therefore, as opposed to the BW 3.X function, you do not need to
logon to Excel again to download, for example, icons for hierarchy nodes. If you want to save the report after the export, Excel proposes the file format MHT or MHTML. This corresponds with the Multi Mime format of the generated file."
So, I think you already know this....
Possible solutions are:
1) Use open hub instead.
2) Design BI Workbooks individually for your queries and distribute them to Portal using a precalculated server. This will
help in reducing the file size and distribute the precalculated results in simpler way. You can refer to following documentation in this regard.
http://help.sap.com/saphelp_nw70/helpdata/en/05/0e044017355c0ce10000000a1550b0/frameset.htm
Regards,
Michael

WRT54G (v7) reboots when notebook connects

Hey folks!
I really have a weired issue here...
My WRT54G (Version 7) was running just perfect for a couple of years already... I've bough a new Netbook recently and when this netbook connects to the router it takes about 10 seconds and the WRT54G reboots itself again and again.
You know, I really see a lot of PC problems, but this one just odd
Just like I said it was running perfect for years.
I have two notebooks here:
- My old one (ASUS X-52SA, running Win7 Ultimate)
- and the new netbook: A Lenovo S10-3t, running Win7 Home premium.
When I'm working with the ASUS, everthing's fine. I've sent a "ping 192.268.1.1 -t" from it to the router and the WRT is responding well.
As soon as I connect the Lenovo to the WRT (not matter if I'm doing this via WiFi or LAN-cable!!!) the ping will show about 3 timeouts on the ASUS. The ping is OK then for another 7 seconds before it goes dead again. This goes on and on...
On the Router itself I can see that it's really rebooting then.
- When the ping times out, the router really is rebooting (all LEDs are off, shorty after it all of 'em will flash for a short time).
- And it's rebooting and rebooting and rebooting...
I really haven't seen this before in my whole career...
I though I would just update the Firmware and everything's will be fine - until I found out that the v7 cannot be upgraded somehow...
Does anyone of you guys have an idea what the reboot could cause?
(I'm sorry for my grammar - English is not my native language )
Best regards,
Michel

Check if you have static ip assigned on Lenovo computer.
If yes, then set it on “Obtain an IP automatically” to do so follow this link .
If it is already on “Obtain an IP automatically” then try to upgrade/re-flash the firmware of the router.
To do that first download the firmware from here and then follow the below mentioned steps
Open an Internet Explorer browser page on a computer hard wired to the router...
In the address bar type - 192.168.1.1...Leave the Username blank & in Password use admin in lower case...
Click on the 'Administration' tab- Then click on the 'Firmware Upgrade' sub tab- Here click on 'Browse' and browse the .bin firmware file and click on "Upgrade"...
Wait for few seconds until it shows that "Upgrade is successful" After the firmware upgrade, click on "Reboot" and you will be returned back to the same page OR it will say "Page cannot be displayed".
Now login to the setup page of the router and check the firmware version of the router it should be updated.

Fingerprint Reader Not Detected during startup on Windows 7

Dear Community Users/Tech Guru,
I am hoping somebody could shed light into a weired issue I am facing with this *stupid* Microsoft OS. I purchased a T400 last year and brought a x64 bit Windows 7 three months ago and have it setup for clean installation. I followed the procedure published in lenovo.
I had the security setup of my notebook to use pre-desktop authentication and single sign-on. I had everything setup and running.
However, after a few weeks I began to noticed that upon power up and giving a fingerprint swipe on the bios authentication, it would halt on the windows startup page (where we would normally login). It turns out that the fingerprint device is not detected! Something is not workin properly during the startup of bill gates Microsoft Windows 7! I would try a reboot on the system and it will load properly afterwards.
But I find it stupid that Windows doesn't detect my fingerprint device on startup! This happens when it's a cold boot using a battery (at least 70% of the time it turns out that way). I disabled the single sign-on but retained the desktop authentication (means I have to swipe twice). But this f*ck OS is still not detecting it during cold start.
Anyone... please advice?
Solved!
Go to Solution.

I attempted to reset the policy settings of CSS but then the pop up screen just got stuck:
- I did a reboot and reset the fingerprint data and password (after exporting the
settings),
- uninstalled the fingerprint reader and CSS
- uninstalled the CSS. I had encountered some issues while uninstalling it
Windows is reporting that the installation log file could not be found. I manually
downloaded the driver from the site and used the installer to remove it from my PC
- Reinstalled both CSS and Fingerprint driver
- Import all my security settings (password and fingerprint)
- Tested CSS and used fingerprint as default login method in battery mode
- Enabled Single SignIn method in CSS and BIOS
So far so good, the reinstallation fixed the issue. I did recall that there was a windows update before this mayhem on the fingerprint reader started.

Import Profile Rules of 7.5.1 to 10g 10.1.3.5 not working (10.1.3.3 works)

Hi,
I am facing a weired issue and have no clue whats going on really need some help.
I have 2 10gR3 servers installed I am trying to migrate the Configuration
Migration data from Stellent 7.5.1 on both. There is a configuration data for
Content Profile Rules when I migrate on one of the 10gR3 it shows me there are
41 items and it imports them fine. When I do the same thing on the other server
it shows me zero items. I am using the same bundle on both but one server
picks-up the content profiles and he other does not so I basically went ahead
and created the rules manually. But now I am not sure when I migrate the folders
and content will it cause any issues.
The only difference in 2 servers is one is 10.1.3.3 and all works fine on this
and the other is 10.1.3.5 and thats where I have issues. I did look a the logs
but didnot find anything.
Also when I try to import the any other bundle again and select force ovewrite
all works fine on 10.1.3.3 but on 10.1.3.5 it works only first time and anytime
after if I try to import and select overwrite it just keeps complaining about
fhda files not found etc.
Then I thought I may have messedup somewhere so for testing purpose I installed
10gR3 on my laptop and upgraded to 10.1.3.5 and the same behavior as longas it
is 10.1.3.3 itworks but not on 10.1.3.5.
Anyone else noticed this behavior will appreciate for any help.
Thanks

There is no 10.2.5.0 version - I assume you mean 10.2.0.5.
Pl see these threads on how to post a tuning request (pl post explain plans from both databases)
When your query takes too long ...
HOW TO: Post a SQL statement tuning request - template posting
Pl also compare the init.ora parameters between the old and new database and post any differences here. Have statistics been gathered on the new database ?
Pl see these MOS Docs
TROUBLESHOOTING: Server Upgrade Results in Slow Query Performance [ID 160089.1]
Query Performance Degradation - Upgrade Related - Recommended Actions [ID 745216.1]
Tips for avoiding upgrade related query problems [ID 167086.1]
HTH
Srini

SUN One web server 6.1,strong authentication and smart card

Hi guys,
I am experiencing a weired issue with smart cards.
scenario:
SOWS 6.1 SP6, smart card Gem Plus and Internet explorer 6 and 7 as client and strong authentication.
Once I put my smart card and insert the PIN code to get into the html page, when I tried to just move the mouse in a frame, I got lots of PIN request. I have notest the there are lots of SSLv3 sessions opened. When I put the PIN code after a while and again when I move the mouse quickly I got the same request
I tried with Firefox and the it works fine.
Anyone experienced a sort of same issue? any clue? Could it be that Firefox store the PIN code somewhere and IE doesn't?
Cheers

Hi,
Yes, Firefox and other mozilla products by default only require the pin for tokens the first time they are needed. In Seamonkey, the preference is in edit/preference/privacy & security/master passwords/master password timeout/web browser will ask for your master password . There is an equivalent in Firefox, but since i don't use it, I don't know the exact location of that pref.
The fact that you are being prompted multiple times in IE means that there are multiple SSL handshakes happening. This may be because the server is forcing a new SSL handshake on each HTTP request. . There may be a way for the web server to be configured not to do that by setting client auth globally on the listen socket instead of setting it on a specific URL space.

Weired issue in OIM11g

Similar Messages

Maybe you are looking for