Create the role attribute to a recipient user after user approval - IOM 11.1.2
Hi allI ve created a composite custom for creation of the user. Once a user of the applicant (for example user-R, other than the xelsysadm) creates a user (say User1), he would go to approaval to the Manager of the applicant (say user-RM). Once the applicant manager approves the request, the user is created in the IOM.
Now, once the user is created, I need to assign a role personalized the User1 by using APIs. For some reason, we will not use the role membership rule.
My Situation
----------------
-J' created a handler for post (for MODE = CRΘER) which generate custom "user login" and also assign a role personal to the user. Role was being entrusted "Beneficial user" if created by "xelsysadm", for, there was no approval triggered.
But when I create one recipient user with other than 'xelsysadm', the workflow is triggered and role assignment is a failure in the event handler.
Please suggest me a way to assign the role (using API) on the 'recipient user', once the application is approved by the assignee.
See the Article: 1532267.1
-Marie
Tags: Fusion Middleware
Similar Questions
-
grant the role of service to service user service tenant: failed when you try to deploy VIO
Hello
I have problems when you try to deploy VIO with integration of ads. I am able to successfully deploy Violence without AD as an authentication source. However, when I try to deploy VIO with AD as the source of authentication right about 85%, I get an error in the /var/log/jarvis/ansible.log:
> > 2016-04-14 17:29:11, 597 p = 354 u = jarvis | TASK: [config-controller | create endpoint of keystone] *.
> > 2016-04-14 17:29:12, p = 354 737 u = jarvis | changed: [172.22.33.31]
> > 2016-04-14 17:29:12, 738 p = 354 u = jarvis | TASK: [config-controller | create tenant services] *.
> > 2016-04-14 17:29:13, 714 p = 354 u = jarvis | changed: [172.22.33.31]
> > 2016-04-14 17:29:13, 715 p = 354 u = jarvis | TASK: [config-controller: grant the role of service to service user tenant service] *.
> > 2016-04-14 17:29:15, 152 p = 354 u = jarvis | has failed: [172.22.33.31] = > {'impossible': true}
> > 2016-04-14 17:29:15, 153 p = 354 u = jarvis | MSG: exception: name
> > 2016-04-14 17:29:15, 154 p = 354 u = jarvis | FATAL: all hosts have already failed - abandonment
I tried Googling this error and was brought to this thread: problem of Installation of VIO - status: Bootstrap failed controller node but he is actually getting an LDAP error that I'm not.
This thread suggest you check the log of the key, but there is not keystone on my VIO Device directory:
> > root@localhost:~# ls/var/log/keystone
> > ls: cannot access/var/log/keystone: no such file or directory
So I'm puzzled.
This ended up being a bad configuration of the options of the AD.
-
Create the role in each ESXi host
I need to create a 'Test' role with only 'Browse datastore' on each ESXi host in the vCenter server.
OK, I see, you need a role on each server ESX (i). It is possible both with the cmdlet New-ferrule.
Get-VMHost | %{
$esx = Connect-VIServer-Server $_-user root - password $pswd
New-ferrule-name Test-"Datastore.Browse" of privilege-Server $esx
Disconnect-VIServer-Server $esx - confirm: $false
}
The script will connect to each ESX (i) server, create the role on the (i) ESX Server (with the server parameter) and disconnect.
You will need to have the root password in the $pswd variable.
-
Cannot create the measure INITIAL segment in tablespace USERS
Hello
I get the error message when you create tablespace
Cannot create the measure INITIAL segment in tablespace USERS
Help
Thank you896398 wrote:
Please help with orderhttp://lmgtfy.com/?q=ALTER+TABLESPACE
Aman...
-
Create the Project File Name Prefix makes space after prefix
I am creating a project template. I noticed that when I put in the file name prefix it prefixes all my screws with this value MORE space. I like the prefix but do not want the space. Does anyone know how to make sure that when it renames all the screws it does not insert space after the preifix?
See attachment.
Thanks for any direction on it.
Add the following in your LabVIEW INI file token:
NewProjectNoAddedSpaceOnPrefix = TRUE
This will prevent the dialog box create a project to add the namespace for the prefix.
-
Grant read only to a user only with the role
Legends of dear,
Req: create user selection/read-only join specific 3-5 tables in a specific schema and no selection/read only access to the sys/system schema.
After surfing and tried to grant the "read-only" access for a user as follows.
create user readonly identified by readonly123;
create read_only_role role identified by read_only_access;
Grant connect, read-only resources.
Grant select on applications. FND_PRODUCT_GROUPS read-only;
Grant select on applications. FND_USER read-only;
grant read_only_role read-only;
The above statements
1. created user, role
2. granted to connect/create user session and I am able to run the following query
logged in as readonly
Select * from APPS. FND_PRODUCT_GROUPS;
Where I am able to select even sys or system tables.
But I'm not able to make the same read only access provided to a role and assign the role to the user subsequently,.
create user readonly identified by readonly123;
create the role of read_only_role identified by read_only_access;
Grant connect to read_only_role;
Grant select on applications. FND_PRODUCT_GROUPS to read_only_role;
Grant select on applications. FND_USER to read_only_role;
grant read_only_role read-only;
Let me know your suggestions,
Ref:roles and privileges of user management
https://forums.Oracle.com/thread/2223362
Thank you
Knockaert
Hi, Karthik,
If a role has a password (as in this case), then the user must activate this role during its current session in order to to use, like this:
ROLE of the read_only_role IDENTIFIED BY read_only_access VALUE.
If the role does not have a password, then it is enabled by default as soon as the user opens a session.
Remember, the roles do not count inside procedures AUTHID DEFINE stored (which is the default type). If you need to use the table inside an AUTHID DEFINER stored procedure, then the privileges must be granted directly to the user and not just a role.
I hope that answers your question.
If this isn't the case, after a complete test script that people can run to recreate the problem and test their ideas. You started great: CREATE instructions you posted were perfect, but you need to add the CONNECTIONS and SELECT statements (and the SETTINGS, if necessary) to show how the error occurs.
-
Hi all
I have a custom workflow that works very well and a requirement came to send the notification to a list of users after a certain activity is done. To achieve this,
(1) I created notification and the attributes that are required,message.
(2) I am creating a special role and assigning users before you initialize the workflow process, and this role is assigned to a type of role attribute that has been defined as the interpreter of the notification.
When the workflow starts, the activity of notification is not sent to the role while its status is showing as 'Done' and result of the activity is showing that the 'Force' when the workflow process is completed.
Note: Creating ad hoc-role and assign to users happen correctly, other notifications are bring sent to the respective recipients. Only the newly introduced notification does not work properly.
Could you help me with this?
Hi all
I have fixed this problem.
When I made the changes first, I kept the attribute type of the special role as text instead of role and I transferred it in the database using WFLOAD and I was faced with the issue of the notice, then I realized and changed the type of the role attribute and loaded in DB using WFLOAD command This time, only the changes are not stored in the DB and I faced the question again. So I thought that associates other issue and therefore posted in this forum (apologies for that).
Yet once, I saved directly turns him into DB instead of load using WFLOAD, now it works fine.
Kind regards
K. Kumar
-
How the privilege of reading the role for package
Dear guy,
I need to grant read only for the procedure and package to user, but not executed. So, I create a role READ_PKG name then the privilege of debugging for the ROLE. Then grant the role to the user who needs to display. But this isn't success. Always user can't see the debug to the ROLE granted package.
If I grant debugging directly to the user, user can view the package.
CREATE THE ROLE READ_PKG NOT IDENTIFIED;
GRANT debugging WE FCUB. ACPKS TO READ_PKG;
grant READ_PKG to chuongnh;
THEN, how the privilege of debugging a role?
So thank you
Chuong
Hello
Are you sure that the role is 'default' to the user?
SQL > alter user chuongnh the role by default all;
Kind regards
-
Hi all
I create a user of group "labuser" and assign it 'Virtual Machine Power User (example).
Creating a User1 as a member of labuser. When I try to create a virtual machine, it is rejected as 'Need to assign Allocate resource virtual computer', so I did.
After that user1 can create VM without issue, but it goes too well. I noticed that user1, I can act like I'm administrator. I can change roles. Even though I shouldn't have permission (this is uncheck the box). I suspect if this is a bug. Pls let me know if you need more information.
No, I tried this time with the same result - my user cannot add/edit/remove roles or add/delete permissions to objects. I added the role of "Virtual Machine Power User" (sample) to an ESX4 host that resides in a cluster, in a data center running on an instance of vCenter 4.
I don't think that this will fire connecting to vcenter with two different names.
If you use vcenter on windows xp and you are also the vc on the same client machine? You can also list local groups that userX belong to?
Cameron J. Smith
System administrator, Purdue University
-
Create the content table gives error since the site Explorer
Hi all
I'm new to the web sites of the centre.
Trying to create the table from the Explorer of sites.
Tied at the top of the screen for creating the table.
Get above error after clicking OK.
No idea what I can do wrong. I logged in Site Explorer using admin user 'fwadmin '.
Another way, I can create table content?
Thanks in advance...
Kind regards
Ganesh
Hello
As Stephan said, you must create the table with the ID. Also, I wanted to just mention that I did face some questions, creation or update of some tables because of fwadmin ACL.
There is another default user who has these specific ACLs to work on the database:
-name: ContentServer
-password: password
I hope this can help,
Concerning
-
ATTRPARENT dimension of the text attribute to several levels of construction with a rules file
Hello
My first post here.
I'm trying to create the dimension generation rule to create a dimension of the multilevel text attribute and then combine with the basic dimension.
So far, it is difficult.
With regard to my experience:
-J' have a relatively basic understanding of the rules of charge both with regard to the data loads and define the updates - I find this quite confusing area and the documentation does not help that much
-J' only started using dimensions attribute, so for me it's a new concept, but we are already quite useful in certain applications
-J' I try to automate the process of construction of dimension attribute, and then associating attributes with the basic dimension
I use the following documentation as a guide:
Building size attribute and associate attributes
http://docs.Oracle.com/CD/E12825_01/EPM.111/esb_dbag/frameset.htm?dotdimb.htm
and / or
Work with the attribute multi-level Dimensions
http://docs.Oracle.com/CD/E26232_01/doc.11122/esb_dbag/frameset.htm?ch21s06s05.html
(essentially the same source in both cases)
The ultimate goal is to replicate one of our existing recently created attribute dimensions of a cube to another.
I built a few versions of the required flat file and the corresponding rules file, but none worked.
I tend to get the following validation error message:
This field is defined as an ATTRPARENT. The following column must be a field of association attribute type.
As I got stuck so I gave to the current actual attributes and moved on to experimenting with the sample / base cube.
I built a flat file that is supposed to create a new dimension of text attribute named ABC with two attributes level structure:
ABC
A
AA
AB
B
BA
BB
and associate it with the dimension of the product in the following way
200-10 AA
200-20 AB
200-30 BA
200-40 BB
The flat file looks like this:
"AA" "A" "200-10" "A" "AA" "200"
"AB" "A" "200-20" "A" "AB" "200"
"AB" "B" "200-30" "B" "AB" "200"
"BB" "B" "200-40" "B" "BB" "200"
and the rule file has 6 matching columns with titles as follows:
Level0, LEVEL1 ABC, ABC Level0, product ATTRPARENT0, ABC ABC0, LEVEL1 product, product
all agree with what the documentation says.
The first 2 columns are intended to define and create the dimension of the attribute, while the 4 next make association...
I couldn't the above rules file to validate.
The same validation error message appeared as previously:
This field is defined as an ATTRPARENT. The following column must be a field of association attribute type.
However when I tried to actually update the outline of the mistakes of dimbuild.err file has been created which gives some additional clues:
\\ATTRPARENT column 4 must precede a numeric or datetime column attribute association
Now... Finally the interesting part...
Back to the documentation...
I don't mind if the size of the attribute is generated and then those associated with step or in two separate steps.
I try to do both tasks in one step only because that's what the documentation seems to suggest attributes at several levels.
First of all I read:
Note:
If you work with a multilevel dimension attribute or with a dimension of the attribute of the digital type, Boolean, or date, the rules file requires an additional field. See working with Dimensions of the multilevel attribute.
Yes, I work with a dimension of the multilevel attribute so the above statement applies (I guess) and so I'm going to see what works with several levels attribute Dimensions has to say.
Then, I read:
When an attribute is part of a digital multi-level, Boolean, or dimension attribute date, the source data must include columns for all generations or the size of the attribute levels.
Fair enough... so I do what they say... my attribute dimension is at several levels, so I can assume that the statement above applies...
So, I build my rule in accordance with the guidelines above.
And then, as we have already mentioned, I get the error message about ATTRPARENT and when I read, it turns out that ATTRBPAREN cannot be used for numeric or date attribute dimensions !
I'm totally confused at this point.
What about the attribute text multi-level dimensions ?
They are several levels but they are NOT numeric or date those!
The documentation does not seem to tell what to do in this case...
Anyone build something like that?
What is the thing that I'm missing?
What about
I'm glad that you got to work. I tested and that is to create the dimension attribute and associate it with the rule of the load.
You could ignore the construction size manually. Remove the attribute dimension. The rule1 go for the Dimension settings under the definition of Dimension tab. Then right-click on the product and change the properties. On the attribute tab, add 'Test' or whatever you want to call the attribute, and assign the text type. He adds the attribute and associate it with the basic dimension when it create the hierarchy. Note that the rules could actually be reversed where you create members of level 0 and then more later to create the hierarchy. Of course you must pass the size of the attribute association to the other rule
-
Cannot add the role or select specific roles
Aloha,
I'm running ESX 3.5 Foundation with update 2. I don't have a Virtual Center. I'm creating a VCB Proxy. When I try to select the role of backup vcb everyone speaks there is no option for me. (I connect my ESX Server via VI client). So I guess I need to create the role, but on the administration tab / role option is greyed out (I am logged in as root). Any ideas? What Miss me?
Thanks in advance for any insight and feedback.
This role is only predefined in Virtual Center, it is not available in ESX - roles by default ESX and ESXi have had no access, read only and administrator
If you find this or any other answer useful please consider awarding points marking the answer correct or useful
-
How to create the Webservice data control with a secure Web service?
I am creating a data control with a Web service that requires authentication (SSO)
There are two ports for my server OC4J 7777 (requires authentication) and 7779 (authentication is not required).
(The service Web application is deployed in OC4J)
I am able to create a data control with port 7779 not, but I'm not able to create with the port 7777. In my app, I'll go "user email" the SSO. I require it a data control with authentication. How to pass the user name and password when creating the data control? I'm not able to go "Point endpoint authentication" stage also. I get the error message "the WSDL document is not found" when I type the URL in the first step.
I created the data control with port 7779 and after I modified the 'DataControls.dcx' file with port 7777. (IE "wsdl ="http://ipaddress:7777/../..?WSDL"), but I do not get the appropriate data.
I work with JDeveloper 11.1.1.0.0g
Please help me,
Thanks in advance
VinodThere was a few bugs in this area, who are already fixed in our current code line, then they should do it in the next version.
-
Assign the role automatically to newly created users
Hello everyone
We have a requirement in OIM 11 g R1 where whenever a new user is created (it can be manually or through reconciliation), a specific role shall be automatically allocated to him.
Can someone provide me with documentation (or) some examples on how to do it? After some research, I realized that the best method is to create a preprocessor Manager that will affect the role. Any suggestions or some blogs will be greatly useful.
Thanking you
Sam
You can create a role in the IOM based on the attribute of the user. Let's say that you want to assign the user a role based on its location. Then you must create multiple roles, such as: US, CA, IN... Then, for each role, you assign a rule for membership
Country == "
". IOM automatically check the attribute of the user's country and affect a relevant role. -
Create the user by using the API OIM11g R2 with custom attributes
Friends,
I am trying to create a user using API in OIM 11 g 2 with a custom attribute.
< String, Object > HashMap createUserMap = new HashMap < String, Object > ();
createUserMap.put (UserManagerConstants.AttributeName.FIRSTNAME.getId (), "Test);
createUserMap.put (UserManagerConstants.AttributeName.LASTNAME.getId (), "tester);
createUserMap.put (UserManagerConstants.AttributeName.USER_LOGIN.getId (), "tester1");
createUserMap.put (UserManagerConstants.AttributeName.USERTYPE.getId (), "End user");
createUserMap.put (UserManagerConstants.AttributeName.EMPTYPE.getId (), "EMP");
createUserMap.put (UserManagerConstants.AttributeName.PASSWORD.getId (), "Welcome1);
createUserMap.put (UserManagerConstants.AttributeName.EMAIL.getId (), "[email protected]");
createUserMap.put ("act_key", new Long("1"));
createUserMap.put ("USR_UDF_DEPTNO", "10");
Try
{
UserManager userService = oimClient.getService (UserManager.class);
User user = new User (userLogin, createUserMap);
Result = userService.create (user) UserManagerResult;
System.out.println ("State of creation: '" + result.getStatus ());
}
catch (System.Exception e)
{
e.printStackTrace ();
}
But it fails with the error below.
Create a user application cannot set or change the USR_UDF_DEPTNO attribute, since it is not defined in the corresponding dataset. : create user: USR_UDF_DEPTNO. *
But this attribute exists in the IOM and I was able to create the user using the user interface with this custom attribute.
Please let me know what I am doing wrong.You must pass a long time don't value not int. It should be that way.
Long deptno = 1234;
createUserMap.put ("deptno", deptno);
Maybe you are looking for
-
Re: Satellite A500-14F (PSAM3E) Windows 7 drivers
Hi allI have a Satellite A500-14F (PSAM3E) and I would like to install Windows 7, but I saw on the site of drivers in the European Union for Portege. By any chance does anyone know where when Win7 drivers for all other portable eligible will be publi
-
I got a call today two microsoft workers online / call center agents calling from London, although they all Indian accents. They made me see the viewer certmgr.msc and events and showed some errors. Then they said to install teamviewer. They said all
-
Windows Update error 80072EFE when trying to update. Last automatic update was on October 23 or 26. By default it difficult without help. Used aggressive fix - it and all updates disappeared and told Never to recent audits and never for the installed
-
Adobe flash downloaded, but is blocked
I play games facebook flash player adobe blocked me loading the games called adobe said I must have downloaded flash player it is now blocked by my cell phone, I just want to play the games
-
AutoVue 20.2 - HotSpots - Java Implementation alone (without JavaScript)
All, Is it possible to apply hot spots in Java?We have implemented in JavaScript very well, but I'm fighting for it only in Java.With regard to the action to perform when you right click on a hotspot, it seems, you can only call a JavaScript action.I