Approvals for recon trust in OIM 11 g 2

Similar Questions

• The implementation of generator of random when password the user is created using recon trust in OIM 11 g R2 PS3

  Hello

  Event handlers in the process pre don t work with recon trust in OIM 11 g R2 PS3. In our scenario, we want to create the user using recon trust and need the password to be generated randomly for the user created through trust recon.

  What is the workaround that can be implemented.

  Help, please.

  Thank you

  Sahana

  Post event handler process on the user object to create a new action. Set the order after the current ootb event handler that generates the default.

  -Kevin

• Post-processing of handler for recon trust - 11 G Release2

  Hi all
  
  I am disable a user in post process eventhandler bulkExecution method. When the event handler is triggered only the user is already created IOM? Change the user already created? Or all the changes made to any user for the orchestration process are engaged in the development... Can someone tell me how things happens on the side db?
  
  Thanks in advance
  BR
  Aliye

  Handler to process post is raised after the user created in the database. You can check by retrieving the attribute usr_key of the user profile that is generated in the database. So if you disable a user by using the post-process event handler, it means that the user is already created in the database. For what is orchestration framework is user is created during the period of the orchestration and all event handlers and access policies are evaluated after that.

  Kind regards
  GP

• Recon trust with AD

  We do the recon commercial OIM.but trust, users are not created in IOM 11.1.1.5.
  Users are created in the ad with the information as below
  First name
  SN,
  password
  employee type = full time
  display name
  sAMAccountName
  
  The task recon trust with the below
  Lot size: 100
  Type of user of IOM = end user
  The Recon object name = User AD done trust
  Search the Base = OR = abc, dc = IOM, dc = com
  Sort by = samAccountname
  etc.
  
  In recon looking ahead events, we can see the information of the user name, lastname etc but when looking for users in IOM, unable to see the users.
  
  The error we receive if the advanced search:
  Not related to any user
  
  Thank you
  Harry

  incomming emp type must exist in Lookup.Users.Role--> key code.

  Check search above and add the new entry if necessary

  It is very important to make habbit to mark the thread as "useful" or correct if yoy get the solution

• Recon trust cannot insert the RA_XELLERATEUSER2 due to RA_XELLERATEUSER2

  Hi all
  
  I saw a previous assignment for this error, but I still don't understand why I get this error. OIM 11 G and doiing a recon trust to the user Xellerate resource.
  
  I OrgName mapped on behalf of the Organization and set it to "Xellerate users" in the reconstruction plan. do not know what is happening.
  
  
  Thanks in advance.
  Fred

  You can use a more processReconciliationEvent after the call to the createReconciliationEvent API.

  Let me know the results.

• Recon trust

  Whenever I run AD recon trusted user, all users who are in AD and not in IOM is created in IOM, which is as expected. But for all these users, resource profile shows that users have access to AD.
  
  That should come out connector AD or miss me something?

  This is the expected behavior, recon trust against AD so the data of the user are used to trigger the creation of a user of the IOM. If you want to bind the new user of the IOM to their AD resource, you need to run a unapproved recon as well and it will find the AD user and the corresponding IOM user and link the two. For each user, you will see while they attached AD resource.

• Allow a user disabled by a recon trust

  We run a recon trust every day with our HR system. When an employee terminates, they supply cancelled and put in a disabled state. However, we have situations sometimes the employee is rehired. The recon trust aligns correctly the user re-engaged in the file of human resources with the existing record to the IOM, but it fails with the following error in the reconciliation Manager:
  
  Keyword Error: DOBJ. GRP. USR_STATUS_ERROR
  Description: The target user is disabled or deleted.
  
  Is it possible to allow the user somehow for the recon event can complement and the employee can be activated?

  If the status is at the origin of the questions, I suggest the following:

  1. create a UDF of this status.
  2 Add the field looking for the USR form triggers.
  3 create an adapter that verifies the current (old value) and the new (incoming Recon) value. Based on these values, you will need to use the disableUser or enableUser API.
  4 create an adapter of the entity that verifies the value of users for this field when inserting back so that if the user should be turned off during the initial load, it will disable the user when finished.
  5 Add the adapter in step 3 to the process definition of provisionign of Xellerate user with the name of the task specified in the list of choices.

  Now whenever this field changes, you can enable and disable the user with an adapter, and since it is a reliable source, the value will trigger change whenever it is updated.

  -Kevin

• PeopleSoft UM connector vs PeopleSoft ER connector for recon approved and commissioning

  We have a requirement of the customer where we integrate PeopleSoft with IOM as a reliable source as well as the provision of a couple of attributes to PeopleSoft. We examined the two choices of different connector that offers Oracle - PeopleSoft User Manager Connector and PeopleSoft employee reconciliation. Documentation, it looks like Oracle recommends the ER connector for the purpose of reconciliation trust. However, the UNIFIED messaging connector is used for provisioning the target and reconciliation.

  However, we need a connector for the two reconciliation trust as well as the provision of a couple of attributes to PeopleSoft. Or the other of these connectors is obtained two features? What connector do you recommend for our use case?

  Kind regards

  Sreejith
  

  It depends on.  If you need the HR component of the information and the data of the PERSON, you will need to use the connector Peopleosft ER of reconciliation trust.  If you do not need the data of the person and that all your users are stored in the application (which I highly doubt), then you will want to install the connector Peoplesoft UM.

  The situation that you're probably looking to set up is reconciliation using recon ER of Peoplesoft to retrieve users and their data from the PERSON.  Then you would provide the user in your Instance target of Peopleosft with UM Peoplesoft connector.  When you put them in your target, if I remember, when you provide us with the type of user as an employee, he will be asked to provide their user name which will connect target their instance to their instance of human resources in the back-end.

  -Kevin

• Recon trust and Disapled account

  
  Hi gurus,

  I have a strange symptoms resembles bug.

  Before going for SR, I would like to share with you and ask your knowledge and your experiences.

  Here are...

  1. create AAA used in the HR system.

  2. create a recon IOM thru Trusted user. = > AAA user is created in the IOM.

  3 assign a role to this user. = > user AAA have role BBB

  4.A political CCC is already ready to available for user with the BBB DDD target role.

  5. run Evaluate user policy = > user AAA have account for DDD. (and right assoiated with it)

  6 remove the role of user AAA = BBB > AAA user have more role BBB. But even when user AAA account to DDD.

  7. perform Evaluate user policy. = > of AAA DDD disabled user account. (defined in the strategy of CCC)

  so far so good.

  8. change AAA used in the HR system.

  9. run Trusted Recon. = > IOM AAA user is modified aso.

  * But here the account disabled for DDD is changed to on.

  Can anyone help with this?

  Why does this happen?

  Why the disabled account is enabled with Trusted Recon?

  Thanks in advance.

  dongsu.

  Yes, the name of the property is to enable disabled instances of resource when a user is enabled

  
  

  ~ J

• Create new organization for recon

  Hello world!
  
  We are about to run a recon task. Specifically the Peoplesoft HRMS trusted reconciliation.
  We will perform a full reconciliation.
  
  Problem (or not?) is, we want that every employee is associated with their good organization.
  
  For example, we have inside the IOM the following organizational structure:
  
  '' My main organization. ''
  «Sub Org A»
  "Sub Org B.
  "Xellerate users.
  
  Inside of Peoplesoft, the name of the organization is in a field named 'COMPANY. '
  What we want is that when the recon task is performed, if the data in the field of the COMPANY 'Sub Org A' this user is assigned to this branch of the hand
  company, and when the COMPANY's data do not exist, should be created automatically...
  
  Up to now we have change the following:
  
  In Lookup.PSFT.Message.PersonBasicSync.Configuration, we changed the following:
  
  Of
  CodeKey decode
  Organization Xellerate users
  
  TO
  CodeKey decode
  My main organization
  
  We're guessing that because of that, all users would be in this organization and nothing more.
  
  
  We also change:
  Lookup.PSFT.HRMS.PersonBasicSync.AttributeMapping
  
  CodeKey decode
  Name ~ NAME ~ NAME_TYPE = PRI ~ EFFDT
  Type of the EMP PER_ORG ~ PERSON
  EMPLID Userid ~ INDIVIDUAL ~ nothing ~ nothing ~ PRIMARY
  Name, LAST_NAME first name ~ NAME ~ NAME_TYPE = PRI ~ EFFDT
  Organization of the COMPANY name
  
  The last field was added, but us are not really sure what was going to happen.
  
  Is someone can you please tell us if we want to do is possible how we are trying to do or there at - it another way.
  
  Best regards!

  This can be achieved with custom connector. If you create your own connector, then it can be easily reached.

  Check the org.

  If not exists, create new ORG using the API of the IOM and then perform the reconciliation.

• alternative to bulk recon trust

  Hi all
  
  We are working on a project of oim & oam, which will be used by a large number (6 digits) of users currently present, in which oam will serve the oid of its repository. our main problem is how to keep all the users of our system, in other words, create in IOM, which will then create in oid. a normal trust reconciliation will take a very long time, so we are looking for another way to do it, any ideas?
  
  I'd be happy if someone could help.

  Use utility of loading of bulk for IOM. Should not be a question for the Forum.

  http://download.Oracle.com/docs/CD/E14899_01/doc.9102/e14763/bulkload.htm

  Thank you

  Sunny

• Recon Trusted reconciliation event and target advertising stuck in the State of data received

  Hello

  Approved AD recon target job running successfully, but events are stuck in the data received State-is not related to any user.

  It happens for a particular job only.

  Because most users are not the IOM. How to remedy this situation.

  Any help would be appreicated.

  Thank you

  Your error says that your storage space is full and is not able to extend the table space. u can try pls check-in
  IAMEXT_OIM. Table IDX_RECON_HISTORY or delete some data after backup?

• Recon trust AD didn't write not shooting data in USR table and console UI.

  Hello

  When we AD Trusted reconciliation, IOM pulls all the information and write it in the UD_ADUSER table, but does not fill in USR table and the IOM UI console.

  I checked the Lookup.ActiveDirectory.UM.ReconAttrMap.Trusted and the Lookup.ActiveDirectory.UM.ReconAttrMap, these searches have all mappings.

  Should I check?

  any help would be appreicated.

  Thank you

  I refreshed the reconciliation profile by clicking on the button create a profile reconciliation in reconciliation of the Console Design tab.

  After that I may jobs recon... it perfectly pulled all the attributes.

  Thank you

• I was able to do DBUM can recon trust without user login mapping

  Hi all
  
  
  Is it possible to do dbum approved reocon without mapping field User Login? , Because it's going to create automatically using the handler to process mail.
  
  I am able to recon when I map userlogin otherwise not. But my need is userlogin shud create automatically. How can I achieve this
  
  
  Any suggestions?
  
  
  Kind regards
  
  user7609

  This approach will work very well with first recon time (new user) and you do not need to do anything extra.
  But, the problem occurs in the case of update (next time the same user recon). As the userlogin is mapped with the source to the target and you changed using the process post event handler. Thus, the same record, it will consider also editable and it will again try to update the connection of the current user. Yes, you can call your handler on update as well. While it will update again to the previous. It will be worst approach. beacause, it will treat the same record always.

  Again, I suggest. Better go for the transformation. which will serve your purpose. In this case you need not map the connection of the user to the source of confidence. transformation class will generate the user login during the prior insertion.

• Request for creating a user - OIM 11 g

  Hello
  
  I have use cases below, I have to do in OIM 11 g.
  (a) a user to IOM, creates demand. The request is to create the user account IOM for new rental.
  The connection manager is selected in the application form. Department of the new rental is also selected in the application form.
  (b) the Director approves the request.
  (c) employee of the new user account is created in the IOM in the Organization of the Department.
  (d) Manager is notified.
  
  Can someone help me how to do this in 11g.
  I was thinking of using models of application and approval of the default handler.
  Any help is appreciated.
  
  Thank you
  Pele

  It comes with OIM 11 g STANDARD.

  Select model "Create User" of demand and it will ask you all the required details for creatinguser. Fill out this form and submitt the demand.

  The workflow approval you need to set you want.