• Find us:
    +1-669-900-5138   |   +44-203-372-5553
  • Free Newsletter

    Get Latest Updates

  • Make Training Enquiry


    Company

  • Categories

  • Archive

  • Integrate OIM 11g with OID using connector for Provisioning / Reconcilliation – Installation

    Posted by "" in "identity_manager, oid, OIM" on 2011-02-16

    Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInEmail this to someone

    This post covers installation of Oracle Identity Manager (OIM) connector to provision or reconcile users to/from Oracle Internet Directory (OID). There is another way to integrate OIM 11g with OID 11g using Oracle Virtual Directory (OVD) which is LDAP Sync .

    This post is for OIM-OID integration using pre-built connector and assumes that

    • Oracle Internet Directory is already installed, for OID 11g installation click here.
    • Oracle Identity Manager is already installed, for OIM 11g installation click here

    .

    OIM Connector for OID Key Points

    • Current OIM connector version for OID is 9.0.4.14
    • You can use OIM-OID connector version 9.0.4.12 to integrate OIM 9.X/11g with OID 10g/11g
    • This post uses OID superuser “cn=orcladmin” to connect from OIM to OID (It is recommended to create user in OID, dedicated to be used by OIM-OID connector)

    .

    OIM-OID connector installation/configuration

    1. Download OIM-OID connector from  here

    2. Download LDAP-1_2_4.zip from here (Click on “Download JNDI 1.2.1” and then click on  ldap-1_2_4.zip)  extract LDAP-1_2_4.zip and copy ldap.jar, ldapbp.jar (this is under lib directory) and copy it to $ORACLE_HOME/server/ThirdParty (on OIM Server)

    3. Install OIM-OID connector
    3.1 Copy OIM/OID connector software (OID_904120.zip) to $ORACLE_HOME/ server/ ConnectorDefaultDirectory (on OIM Server)

    3.2
    Unzip OID_904120.zip

    3.3
    Login to OIM Administrator URL (http://server:14000/oim – xelsysadm / xelsysadm_password)

    3.4
    Click on Advanced tab (This is OIM Advanced Administration Console)
    .

    .
    3.5 Click on Install Connector under System Management
    .

    .
    3.6 From Connector List drop down select “Oracle Internet Directory 9.0.4.12” and click Load and then click on Continue
    .

    .
    3.8 On successful connector installation, message indicating successful installation is displayed. In my case installation failed at compilation

    DOBJ.EVT_INTERNAL_ERROR Adapter Compilation Failure Bulk Exception
    .

    .
    .
    Check logs in $MW_HOME/ user_projects/ domain/ base_domain/ servers/ oim_server1/ logs

    ____________
    <Dec 19, 2010 6:54:17 PM GMT> <Error> <XELLERATE.ACCOUNTMANAGEMENT> <BEA-000000> <Class/Method: tcAdapterOperationsBean/compileAdapter encounter some problems: maoRejections:The event handler /tmp/oracle/oim/adapters/adpOIDCREATEUSER.java (Too many open files) on data object $classname$ encountered an

    internal error. : /tmp/oracle/oim/adapters/adpOIDCREATEUSER.java (Too many open files)>
    <Dec 19, 2010 6:54:17 PM GMT> <Error> <XELLERATE.ADAPTERS> <BEA-000000> <Class/Method: tcAdpUtils/genXellerateAdapter encounter some problems:

    /tmp/oracle/oim/adapters/adpOIDADDUSERTOROLE.java (Too many open files)
    java.io.FileNotFoundException: /tmp/oracle/oim/adapters/adpOIDADDUSERTOROLE.java (Too many open files)
    at java.io.FileOutputStream.open(Native Method)
    at java.io.FileOutputStream.<init>(FileOutputStream.java:179)
    at java.io.FileOutputStream.<init>(FileOutputStream.java:131)
    ___________

    Fix : Increase number of open file by updating /etc/security/limits.conf

    3.9 Run Oracle Identity Manager PurgeCache utility to load the server cache with content from the connector resource bundle in order to view the list of prerequisites

    set WL_HOME
    ORACLE_HOME/server/bin/purgeCache.sh All

    When prompted for
    [Enter the admin username:]  entter xelsysadm
    [Enter the admin username:]  entter xelsysadm
    [Enter the service URL:]  t3://server:14000

    Note: Ensure that WebLogic Full Client jar file is created under $WL_HOME/server/lib/wlfullclient.jar , check here

    3.10 Configure IT resource

    3.10.1Login to OIM Administrator URL (http://server:14000/oim – xelsysadm/xelsysadm_password) and click on Advanced tab on top right menu bar

    3.10.2 Click on “Manage IT Resource” under Configuration
    .

    .

    3.10.3 In the IT Resource Type field on the Manage IT Resource page, select OID Server and then click Search. Click the edit icon for the IT resource. 


    .
    3.10.4 Specify values for the parameters of the IT resource.

    Admin ID: DN value of the user who has administrator rights on the Oracle Internet Directory server  (cn=orcladmin,cn=users,dc=mydomain,dc=com)
    Admin Password : Password of user mentioned in Admin ID
    Root DN: OID Domain (also called Realm)
    Port : OID Port (default port for OID 11g is 3060 and for OID 10G 389 )
    Server: OID Server
    .

    .
    4. Perform first time reconciliation
    First-time or full reconciliation involves reconciling all existing user records from the target system (OID) into Oracle Identity Manager (OIM)

    4.1Perform lookup field synchronization (Run following tasks – Organization Lookup Reconciliation, Role Lookup Reconciliation, Group Lookup Reconciliation)

    4.1.1From OIM Administration console, click on “Advanced” under “System Management” click on “Search Scduled Jobs” and search for “OID Organization Lookup Reconciliation”, Click on “Run Now

    Repeat this for “OID Role Lookup Reconciliation” & “OID Group Lookup Reconciliation”

    4.2 Perform user reconciliation

    4.2.1From OIM Administration console, click on “Advanced” under “System Management” click on “Search Scheduled Jobs” and search for “OID User Target Recon Task“, click on “Run Now”

    If you get error like
    ______
    Exception java.lang.NoClassDefFoundError: com/sun/jndi/ldap
    Message /ctl/PagedResultsControl
    _______

    Enure that you have ldapbp.jar & ldap.jaris in $ORACLE_HOME/server/ThirdParty

    5. Test Provisioning Operation using link here

    .

    References

    Related Posts for Identity Manager


    1. Oracle Identity Manager (User Provisioning – Thor)
    2. Installing Oracle Identity Manager (Thor Xellerate)
    3. Oracle Identity Manager 9.1 released
    4. Oracle Identity Manager (Thor Xellerate) Architecture
    5. Resource, Reconciliation, Provisioning and Connector in Oracle Identity Manager #OIM
    6. Oracle Identity Manager (OIM) Connector for Oracle Internet Directory (OID) : Architecture and Overview
    7. Step by Step Installation of OIM Design Console 9.1.0
    8. Error while running PurgeCache in OIM 11g : LoginException unable to find LoginModule class : WebLogic Full Clinet
    9. Integrate OIM 11g with OID using connector for Provisioning / Reconcilliation – Installation
    10. PurgeCache in OIM 11g : CategoryName
    11. OIM LDAP Sync : Overview and Key Points
    12. OIM 11g : How to export/import/delete Files from MDS
    13. Where are OAM details stored in OIM (account unlock, password reset)
    14. libOVD adapters in OIM LDAP Integration : LDAPsync – view and modify Adapter settings (bindDN and bindPassword)
    15. Error Starting OIM Design Console (xlclient.sh) on Linux java.lang. NoClassDefFoundError
    16. OIM 11g Challenge Questions (PCQ) for forgot password
    17. Oracle EBS Integration with OIM (Identity Manager) : Things you should know
    18. Users not synced from OID to OIM : Debug Scheduled Job
    19. OIM Connector for Microsoft : AD, Exchange, Windows, Password Management
    20. Connector Server for OIM connectors : .NET or JAVA
    21. OIM 11g Challenge Questions – Everything you must know
    22. OIM 11g How to add Challenge Questions
    23. OIM : Assign AD resource : An error occurred because the Adapters are not compiled : How to compile adapters in OIM
    24. OIM User Creation : An Error occurred while performing create user operation. Unable to get LDAP connection
    25. OIM – AD integration : Active Directory Group Lookup Recon failed with error Remote Framework Key is invalid
    26. Microsoft Active Directory (AD) to Oracle Identity Manager (OIM) Password Synchronization: Things you must know : Part I
    27. Provision resource “Microsoft Exchange” to user in OIM : Status remains in Provisioning : Part I
    28. Target Resource (or Managed Resource) vs Trusted Source (or Authoritative Source) Mode : OIM integration with applications (AD, OID, OVD, EBS, SAP, HR, LDAP)
    29. 500 Internal server accessing OIM application : com.bea. security.MicroSM. getInstance oracle.iam. platform. authz.impl
    30. Your account is locked. You can unlock your account by going to Forgot Password
    31. OIM 11g : How to find User and Manager details : USR table
    32. OIM 11g : User Detail/Attribute (Description) not visible in OIM User screen : EBS / OID / OIM integration
    33. OIM 11g: The add proxy operation for user XXXXX failed with following error oracle. bpel. services. workflow. client. workflowservieclientException javax.xml.ws.WebServiceException could not determine wsdl ports
    34. Oracle Identity Manager BP07 for 11gR1 PS1 11.1.1.5.7 (16097399) is now available – (Part of Identity Management SUite BP03 16209876)
    35. OIM 11g : SQL to List User’s Manager
    36. OIM integrated with OAM (SSO) showing OIM login screen : User Soft Locked
    37. OIM 11g: Beware if you are applying WebLogic patch !
    38. Help Me : Microsoft Active Directory Password Sync version and latest patch for Oracle Identity Manager 9.1.1.5
    39. Upgrade OIM connector for Microsoft Exchange to 11.1.1.6 Part I
    40. OIM Administrators : Is your OIM database Growing ? Do you purge enough ?
    41. EBS Integration with OIM : Employee Reconciliation : NumberFormatException: “BUSINESS_GROUP_ID”
    42. OIM EBS User Management : eBusiness UM Lookup Definition Reconciliation failed with Invalid Schedule Task Parameter

    41 Responses to “Integrate OIM 11g with OID using connector for Provisioning / Reconcilliation – Installation”

    1. Raj says:

      Do properties(like search context in OID) need to be changed before running “OID Role Lookup Reconciliation” & “OID Group Lookup Reconciliation”?

    2. tcarlson says:

      We are receiving the following error:
      <java.io.FileNotFoundException: /opt/oracle/product/ fmw/user_projects/domains/IDMDomain/ servers/AdminServer/ data/ldap/ replicadata/ wls_ods1.status (Too many open files)

      Above you mention increasing the number of open file by updating /etc/security/limits.conf… to how many? Which requirement is increased? ulimit -n returns 1024…

    3. Atul Kumar says:

      @ tcarlson,
      It depends on operating system you are using .

      Set value to atleast 4096

      Check this

      http://download.oracle.com/docs/cd/E17904_01/integration.1111/e10226/appx_trouble.htm#BABCCJJE

    4. vamsi56 says:

      The page that selects the connector says that:

      No configuration files exist for this connector.

      Ensure that valid configuration XML files exist in the configuration directory.

    5. vamsi56 says:

      It was solved..I have restarted the oim server and it worked

    6. vamsi56 says:

      Now, when I try to provision the user the above OID resource, it throws me an exception as

      DOBJ.ORC_NO_ORDER
      An error occurred while retrieving process information null : null

      I did not get this error while I was installing the connector.

    7. Gupta says:

      Hi,

      I am trying to do OIM 11g trusted source reconciliation using GTC + DBAT.

      I finished all the steps. I got a message that “connector created successfully” in the design console and i successfully run that job but the user not created in OIM .

      I don’t know what is the problem please help me…

      Thanks & Regards,
      Gupta Katakam.

    8. Atul Kumar says:

      @ Gupta,

      As per trusted source reconciliation ->
      http://download.oracle.com/docs/cd/E17904_01/doc.1111/e14309/about.htm#OMDEV405

      – If the reconciliation engine detects new target system accounts, it creates corresponding Oracle Identity Manager users.

      Enable debugging in connector , use logging feature as described in

      http://download.oracle.com/docs/cd/E17904_01/doc.1111/e14308/log.htm#CEGEAGIB for logger Xellerate.GC.*

    9. Gupta says:

      Thanks for your reply,

      I can’t understand why I am getting the error that

      “Misfire Handler Error in QRTZ: Problem with creating a user in OIM by using GTC connector”

      please send me solution to fix this problem….

      Thanks & Regards,

      Gupta Katakam.

    10. Atul Kumar says:

      @ Gupta,
      See if your issue is related to

      1288334.1 MisfireHandler: Error handling misfires: Unexpected runtime exception: null

      Above note is from Oracle My Support (earlier metalink)

    11. vamsi56 says:

      Hi Atul,

      Could you please provide one section related to database application table – reconciliation and provisioning.
      —-> reconcile to OIM —-> OIM provisioning this data to another database

      Then, a developed application will verify the user credentials with .

      Thanks,
      Vamsi.

    12. vamsi56 says:

      Hi Atul,

      Could you please provide one section related to database application table – reconciliation and provisioning.
      hr_database data —-> reconcile to OIM —-> OIM provisioning this data to another database app_database

      Then, a developed application will verify the user credentials with app_database.

      Thanks,
      Vamsi.

    13. Jeremy says:

      Hello – has anyone succeeded in getting the OID User Trusted or Target Recon jobs to run using the “periodic” scheduler in OIM 11g? While these jobs run fine when I kick them off manually with “Run Now”, they don’t seem to get started properly by the periodic scheduler. I see one line logged in my log files (com.thortech.xl.integration.OID.schedule.tasks.tcTskOIDUserReconciliation LDAP RECONCILIATION CLASS Instance Created) but nothing after that.

    14. Naveen says:

      Hi Atul,
      I am able to create organisation unit, groups and users in OIM and it is getting to OID using the OID connector without an issue. But I am not able to add the user to a group during provisioning.When I am creating a user and provisioning it, I am not to search the role or groups.What needs to be done here?

    15. oamadminuser says:

      Hi again Atul,
      Do you have an article or any comments on installing and configuring the HR (R12) -> OID (11g) connector?

      According to the Administrator’s Guide to DIP 11.1.1, this needs both integration profile (e.g. prepackaged profile) and HR Agent.

      But after installing Weblogic 10.3.5 and OID 11.1.1.5 (with DIP and OID, but not OIF), I see nothing in the Enterprise Manager console for Synchronization or Provisioning profiles, though $MW_HOME/Oracle_IDM1/ldap/odi/confg/hragent.properties, oraclehragent.cfg.master and oraclehragent.map.master all exist.

      I will install the 2 EBiz connectors from OTN, but do I need any other Fusion Middleware s/w e.g. SOA, to get the HR connector going?

      Do I need to install other components of Fusion Middleware e.g. SOA to get the HR connector going?

      Your comments much appreciated. Thanks,

    16. Atul Kumar says:

      @ oamadminuser,

      Q: I will install the 2 EBiz connectors from OTN, but do I need any other Fusion Middleware s/w e.g. SOA, to get the HR connector going?

      A: which EBiz conector are you talking ?
      Is this EBS user management and EBS employee reconciliation ?, is yes then you would need OIM/SOA 11g

    17. Jyothi says:

      Hi Atul, I in my idenitity management envt, I have installed OVD also along with OID. So, does it mean that I do not need to install OIM connector for OID ? Can you please confirm this one. Otherwise, I will have to install and configure connector now.

      Also, when I created 2 users in OIM console, I see them in OID. Does it mean the reconciliation has already taken place ?

      thank you for your time and greatly apprecite.

      Jyothi

      • Atul Kumar says:

        @ Jyoti,
        During OIM configuration did you select LDAPSynch ? If yes, then that almost similar to configuring OID connector.

        If you can see users from OIM to OID, it looks like LDAPSynch is configured and working fine for you.

    18. Jyothi says:

      Thank you Atul. I can see the users crated in OIM are visible in OID and also I can login into OIM using these users. Earlier I had issues with new users but the issue is resolved.

      thanks
      Jyothi

    19. Alex says:

      Hey Atul,

      I’m getting a very similar error message during OID install, wondering if you have ever seen this:

      DOBJ.EVT_INTERNAL_ERROR
      The event handler null on data object $classname$ encountered an internal error. : null

      java.lang.NullPointerException

      I looked in design console and all the adapters are there but cannot be compiled, throwing the same error.

      Any ideas?

    20. mskosan says:

      Hi Atul,

      Thanks for your post. I have a question, when I run the “OID User Trusted Recon”, my OIM log file reports the error: ReconciliationException: Matching rule where clause is null. Do you have any ideas on how to resolve this error?

    21. Odesa says:

      Hi, Mahendra
      Thanks for your post.
      Do you have any ideas on how you to integrate or configure the OIM using connector Microsoft Active Directory User Management?

      Thanks you,

    22. Atul Kumar says:

      @ Odesa,
      To configure/deploy OIM connector for microsoft active directory user management check this guide
      http://docs.oracle.com/cd/E22999_01/doc.111/e20347/deploy.htm

      Regards
      Atul Kumar

    23. Gupta says:

      Hi Atul,

      Thank you for your previous replies about DBAT Connector.

      Now I am trying to perform OID User Trusted Recon. My OIM version is 11.1.1.5 and I am using OID 904140.

      The problem is When I run the OID User Trusted Recon newly created records in OID as well as modified records in OID are only get recoiled. Existed user records in OID not get reconciled to OIM. I changed Last Trusted Recon TimeStamp in Manage IT Resource to 0 and tried but still the issue is not solved.

      Could you please tell me which parameters I need to change.

      Thanks,
      Gupta

    24. sunnyajmera says:

      Hi Atul,

      Do you have any example of using OID connector 11.1.1.5 with OIM11g?

    25. Atul Kumar says:

      @ sunnyajmera,
      Are you not using LDAPSync to integrate OIM11g with OID ? Why do you want to install and configure connector ?

      Atul

    26. sunil sharma says:

      Hi Atul,
      In the step given above when i click on continue the oim_server1 server get closed with the error in the diagnostic log is

      Caused by: java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique
      constraint (DEV_OIM.OIMHOME_JARS_UNIQUE) violated

      at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:457)
      at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:405)
      at oracle.jdbc.driver.T4C8Oall.processError(T4C8Oall.java:889)
      at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:476)
      at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:204)
      at oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:540)
      at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.
      java:217)
      at oracle.jdbc.driver.T4CPreparedStatement.executeForRows(T4CPreparedSta
      tement.java:1079)
      at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStateme
      nt.java:1466)
      at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePrep
      aredStatement.java:3752)
      at oracle.jdbc.driver.OraclePreparedStatement.executeUpdate(OraclePrepar
      edStatement.java:3887)
      at oracle.jdbc.driver.OraclePreparedStatementWrapper.executeUpdate(Oracl
      ePreparedStatementWrapper.java:1508)
      at weblogic.jdbc.wrapper.PreparedStatement.executeUpdate(PreparedStateme
      nt.java:172)
      at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.exec
      uteDirectNoSelect(DatabaseAccessor.java:831)
      … 103 more

      #
      # A fatal error has been detected by the Java Runtime Environment:
      #
      # java.lang.OutOfMemoryError: requested 278408 bytes for Chunk::new. Out of swap
      space?
      #
      # Internal Error (allocation.cpp:272), pid=8824, tid=9188
      # Error: Chunk::new
      #
      # JRE version: 6.0_24-b07
      # Java VM: Java HotSpot(TM) Server VM (19.1-b02 mixed mode windows-x86 )
      # An error report file with more information is saved as:
      # D:\Oracle\Middleware\user_projects\domains\base_domain\hs_err_pid8824.log
      #
      # If you would like to submit a bug report, please visit:
      # http://java.sun.com/webapps/bugreport/crash.jsp
      #

      D:\Oracle\Middleware\user_projects\domains\base_domain\bin>

    27. sunil sharma says:

      Hi,
      These are some other log details

      [ACTIVE].ExecuteThread: ‘1’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: xelsysadm] [ecid: d75f319c62a949fd:-397c155:13c7f5c03b9:-8000-00000000000000eb,0] [APP: oim#11.1.1.3.0] Can’t insert page ‘/tiles/common/tjspHeader.jsp’ : Software caused connection abort: socket write error[[
      java.net.SocketException: Software caused connection abort: socket write error
      at java.net.SocketOutputStream.socketWrite0(Native Method)
      at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)
      at java.net.SocketOutputStream.write(SocketOutputStream.java:136)
      at weblogic.servlet.internal.ChunkOutput.writeChunkTransfer(ChunkOutput.java:568)
      at weblogic.servlet.internal.ChunkOutput.writeChunks(ChunkOutput.java:539)
      at weblogic.servlet.internal.ChunkOutput.flush(ChunkOutput.java:427)
      at weblogic.servlet.internal.CharsetChunkOutput.flush(CharsetChunkOutput.java:298)
      at weblogic.servlet.internal.ChunkOutputWrapper.flush(ChunkOutputWrapper.java:188)
      at weblogic.servlet.jsp.JspWriterImpl.flush(JspWriterImpl.java:99)
      at org.apache.struts.tiles.taglib.InsertTag$InsertHandler.doEndTag(InsertTag.java:893)
      at org.apache.struts.tiles.taglib.InsertTag.doEndTag(InsertTag.java:465)
      at jsp_servlet._layouts.__tjspclassiclayout._jsp__tag1(__tjspclassiclayout.java:302)
      at jsp_servlet._layouts.__tjspclassiclayout._jspService(__tjspclassiclayout.java:236)
      at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
      at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
      at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
      at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
      at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:184)
      at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:526)
      at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:447)
      at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:163)
      at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:184)
      at sun.reflect.GeneratedMethodAccessor808.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at org.apache.struts.tiles.TilesUtilImpl.doInclude(TilesUtilImpl.java:129)
      at org.apache.struts.tiles.TilesUtil.doInclude(TilesUtil.java:152)
      at org.apache.struts.tiles.taglib.InsertTag.doInclude(InsertTag.java:764)
      at org.apache.struts.tiles.taglib.InsertTag$InsertHandler.doEndTag(InsertTag.java:896)
      at org.apache.struts.tiles.taglib.InsertTag.doEndTag(InsertTag.java:465)
      at jsp_servlet._pages.__ciwinstallpages._jsp__tag1(__ciwinstallpages.java:151)
      at jsp_servlet._pages.__ciwinstallpages._jspService(__ciwinstallpages.java:82)
      at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
      at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
      at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
      at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
      at weblogic.servlet.internal.ServletStubImpl.onAddToMapException(ServletStubImpl.java:416)
      at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:327)
      at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
      at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
      at com.thortech.xl.webclient.security.CSRFFilter.doFilter(CSRFFilter.java:76)
      at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
      at oracle.iam.platform.auth.web.PwdMgmtNavigationFilter.doFilter(PwdMgmtNavigationFilter.java:121)
      at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
      at oracle.iam.platform.auth.web.OIMAuthContextFilter.doFilter(OIMAuthContextFilter.java:107)
      at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
      at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
      at java.security.AccessController.doPrivileged(Native Method)
      at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
      at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
      at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
      at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
      at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
      at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
      at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
      at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
      at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
      at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
      at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3730)
      at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3696)
      at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
      at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
      at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)
      at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
      at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
      at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
      at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)

      please let me know how to solve these issue.Thanks in advance.It is connected with above message.

    28. Atul Kumar says:

      @ Sunil Sharma,
      Your issue is

      ____

      Caused by: java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (DEV_OIM.OIMHOME_JARS_UNIQUE) violate

      # java.lang.OutOfMemoryError: requested 278408 bytes for Chunk::new. Out of swap space?
      ____

      Bounce OIM and then try again, raise an SR for ORA-00001: unique constraint (DEV_OIM.OIMHOME_JARS_UNIQUE) violate

    29. sunil sharma says:

      Hi Atul,
      Thanks for your reply.We dont have oracle support,so it is not possible for us to raise sr. Please suggest any other solution.If possible please give solution to my question on modification of user also.There i have provide the necessary log details,please check that also.

    30. Keith says:

      Hi Atul,
      I would like to setup a different user for the connector other than orcladmin. Can you tell me what rights need to be assigned out of OID for this?

    31. Diana says:

      Got a ??? Related to OIM 11gr2 request catalog. I got an application that needs the user db connector and the entitlement for AD groups. (2request) Since those are separate request an it confuses people how can I create a rule that triggers a request than when a user is provision to an account it adds entitlement to AD right away.

    32. Priya says:

      Hope you are doing well.

      while running the OID Connector Group Lookup Reconciliation task
      I am getting this error
      org.identityconnectors.framework.common.exceptions.ConfigurationException: Bundle oimjar://local:0ldapbp.jar is missing required attribute ‘ConnectorBundle-FrameworkVersion’.

      I ‘ve done the Pre & Post installation task of the connector software (OID-11.1.1.6.0.zip) without any Issue.

      Here is the IT resource Details and Parameters that i configured.

      Parameter Value
      Configuration Lookup Lookup.OID.Configuration
      Connector Server Name
      baseContexts “dc=oracle,dc=com”
      credentials ********
      failover
      host oracle.com
      port 3060
      principal cn=orcladmin
      ssl false

      also Extracted ldap.jar and ldapbp.jar
      from the lib directory of ldap-1_2_4.zip. and copied these two jar files to
      the $OIM_ORACLE_HOME/server/ThirdParty directory AND run the PurgeCache.sh all without any issue.

      Could you tell what am missing here.

    33. rajus says:

      Hi Atul:

      If we have OAM 10 g installation where we used the Identity Server capabilities in Identity Server portion of OAM. Now ehen we want to move all of this to OAM 11g, should we use OIM with a connector to OID to do same provisioning and manage those users through OIM?

      The reason I am asking is now in 11g OAM/OIM are separate and I believe OAM 11g doesn’t have any user/group/org management features in OAM 11g.

      So to keep the business process same as before (using workflows in OAM 10g) to create users, we should use OIM 11g+connector+SOA workflow to achieve similar result?

      Thanks in advance.

      Cheers,
      rajus

    34. maninder says:

      Following are the details.

      1: OIM version: OIM 11.1.1.5.0
      2: OID Connector version: 9.0.4.12
      3:LDAP version(OID version): 11.1.1.5.0
      4: followed the steps below using the Doc link http://docs.oracle.com/cd/E22999_01/doc.111/e28603/deploy.htm#BGBHFEHF

      4.1: downloaded and Installed the OID connector on default directory of the OIM home. On to the Admin console loaded the OID connector and Installed it.
      4.2: IT resource Configuration.
      4.3: Run the scheduled task
      Perform lookup field synchronization (Run following tasks – Organization Lookup Reconciliation, Role Lookup Reconciliation, Group Lookup Reconciliation) and OID User Target Recon Task“, click on “Run Now”

      Just to inform that the users are provisioned from OIM to OID.
      Not sure y recon is not happening.

    35. Atul Kumar says:

      @maninder,
      Is there issue with Recon ?

      Do you see recon event generated in OIM console ?

    36. maninder says:

      yeah recon is not working ,
      there is no recon event generated in OIM consol

    37. Atul Kumar says:

      @ What do you see in logs when scheduled Job is run

    38. maninder says:

      there is no error in log .

      except the following line every time I run the job

      [userId: oiminternal] [ecid: 44565d18e5e0a0a9:13eb4a56:14443bb7d98:-8000-0000000000000002,0] [APP: oim#11.1.1.3.0] Generic Information: db query:select RECON_EVENTS.RE_KEY, RECON_BATCHES.RB_PROFILE_NAME, RECON_EVENTS.RE_MODIFY from RECON_EVENTS, RECON_BATCHES where RECON_EVENTS.RB_KEY = RECON_BATCHES.RB_KEY and RECON_EVENTS.RE_CURR_RETRY_CNT > 0 and RECON_EVENTS.RE_CHANGE_TYPE != ‘DELETE’ and (RECON_EVENTS.RE_STATUS IN (‘Creation Failed’, ‘Update Failed’) or (RECON_EVENTS.RE_ENTITY_TYPE = ‘Account’ and RECON_EVENTS.RE_STATUS IN (‘No User Match Found’, ‘No Org Match Found’)) or (RECON_EVENTS.RE_ENTITY_TYPE = ‘User’ and RECON_EVENTS.RE_STATUS IN ‘Data Validation Failed’) or (RECON_EVENTS.RE_ENTITY_TYPE = ‘Role’ and RECON_EVENTS.RE_STATUS = ‘Data Validation Failed’ and RECON_EVENTS.RE_NOTE like ‘Invalid Role Category%’) or (RECON_EVENTS.RE_ENTITY_TYPE = ‘RoleRole’ and RECON_EVENTS.RE_STATUS IN (‘No Role Parent Found’, ‘No Role Match Found’)) or (recon_events.RE_ENTITY_TYPE = ‘RoleUser’ and recon_events.RE_STATUS IN (‘No Role Member Found’, ‘No Role Match Found’))) order by re_key

    Leave a Reply



  • K21 Technologies is among the most experienced Oracle Gold Partner for Identity Access Management service providers. We work with application development companies and in-house technology division to help achieve significant returns on their IT security investment. Our clientele includes some of the globally renowned corporate, which speaks of our expertise in our field.

    We have the most talented and experienced team that can swiftly deploy security solutions even in complex IT ecosystem. Our clients highly appreciate our timely implementation, interactive training, on-demand support and community resources.
  • CONTACTS

    K21 Technologies
    8 Magnolia Place, Harrow,
    London, HA2 6DS

    UK: +44(0)7476444481
    USA: +1-888-414-1821

  • 2014, K21 Technologies. All rights reserved DMCA.com
  • TOP