OIM 11 g - authorization of the user management policy questions

Similar Questions

• The User Manager window problem

  Hello

  I am ti connected TestStand as administrator, but the 'User Manager' window is prepared I can't acess.

  Can you help me please

  TestStand 13.0

  
  

• Cisco SRP527w cannot find the user management tab

  Hello

  Can someone help me? I just bought a new Cisco SRP527w and I'm all new to this type of material. I can't find the tab for user management that I'm changing the default password.

  Also, I can't access the internet. My rj45 of the ADSL modem is connected to the WAN/LAN port with parameters IP static. What missed here? your help is very appreciated.

  Hi Ronald, if you are clicking on all other tabs and it still seems only the setup of the wizard, you must change your internet browser. Try Firefox or IE. This should solve that.

  -Tom
  Please evaluate the useful messages

• The user managed based backup Rman backup cold cold vs

  Hi all

  I just want to know the advantages and disadvantages for backup managed user cold and cold backup Rman.

  What is the best cold backup?

  Some some can help me?

  Thank you

  Cedric Joshi

  Hello

  Both are good only... If you took the clod backup (managed by the user), you can also do with RMAN catalog.

  I feel clod RMAN backup is good.

  Reason:

  ======

  ++ with RMAN you can avoid used used block, you can only backup used blocks

  ++ RMAN has its own compression algorithm

  ++ We also have the ability to assign multiple channels to parallelize the backup

• The user managed backup hot via Sql

  Hi being a little old school - I'm trying to understand the steps required for a Hotbackup managed through Sql (sorry fans RMAN!)
  
  I understand that I can save each tablespace in turn (via the necessary ALTER TABLESPACE < x > BEGIN BACKUP and then out of backup)
  I also assume that I simply take a backup of my control file (wither in binary form or trace if necessary)
  I also assume that you do not back up the Redo Logs (since you reset draw on any recovery anyway)
  
  The bit I'm not sure of is the Undo Tablespace - can be backup in eactly the same way as any other tablespaces?
  
  Y at - it all components that I need backup (outside the archive logs)
  
  Thank you
  Jim

  Always provide the Oracle version 4-digit.

  The documentation covers all of the steps required for a manual backup.

  http://docs.Oracle.com/CD/B28359_01/backup.111/b28270/osbackup.htm#CEGJIHJF

  See Chapter 27 Making User-Managed database backup for instructions.

• prompt (Functions) are not displayed in the user management responsibility

  Hello
  
  EBS 12.0.3
  
  I added the responsibility of user management with my user application it shows not all prompt (functions) that it is empty, while the sysadmin user's show.
  Kindly answer me.
  
  Thank you

  You have assigned the role of "security administrator" for the user and see if that helps?

  Thank you
  Hussein

• IOM - different email to the User / Manager

  Hi all
  In IOM, I need to send emails that are different to the user and his Manager at the end of the process task. I tried assigning two notifications on the status of the task - C (complete) but its not not allowing me to do so because as mapping / the status of the task must be unique.
  
  Please let me know how can I send different emails to the user and his manager.
  
  Thank you

  Upon completion of your task in process, you can trigger two tasks (send a Mail to Manager, send a message to the user and join two task-specific templates) and trigger their answer your task in process Completed.

  Attach tcComplete adapter for both tasks (send mail to the Director, send a message to the user) so that they are self done.

  Thank you
  Suren

• The user managed backup hot

  Hello
  
  When we started a tablespace begin backup mode State, I know that the RCS data files will be blocked and the recovery log generation will be more. I just want to know where the DML activities occur when the tablespace mode backup how to get updated records? why there are no changes in the SNA? why there is excess redo generation compared with the normal DML region?
  
  Vincent

  This is not true, as a simple audit would have told you.

  SQL> select file#, checkpoint_change# from v$datafile;
  
       FILE# CHECKPOINT_CHANGE#
  ---------- ------------------
           1         7667692204
           2         7667692204
           3         7667692204
           4         7667692204
           5         7667692204
           6         7667692204
           7         7667692204
           8         7667692204
           9         7667692204
          10         7667692204
          11         7667692204
          12         7667692204
  
  12 rows selected.
  

  Note: we start with all files with the same checkpoint change number. All data is synchronized

  SQL> alter tablespace data_medium begin backup;
  
  Tablespace altered.
  
  SQL> select file#, checkpoint_change# from v$datafile;
  
       FILE# CHECKPOINT_CHANGE#
  ---------- ------------------
           1         7667692204
           2         7667692204
           3         7667692204
           4         7667692204
           5         7667692204
           6         7667727909
           7         7667692204
           8         7667692204
           9         7667692204
          10         7667692204
          11         7667692204
          12         7667692204
  
  12 rows selected.
  

  Note: file 6 is now out-of-synch with the rest of the database, as it has been in hot backup mode. Change of control point number is ahead of the rest of the database.

  SQL> alter tablespace data_medium end backup;
  
  Tablespace altered.
  
  SQL> select file#, checkpoint_change# from v$datafile;
  
       FILE# CHECKPOINT_CHANGE#
  ---------- ------------------
           1         7667692204
           2         7667692204
           3         7667692204
           4         7667692204
           5         7667692204
           6         7667727909
           7         7667692204
           8         7667692204
           9         7667692204
          10         7667692204
          11         7667692204
          12         7667692204
  
  12 rows selected.
  

  And to note now that even if the END BACKUP command has been issued, the data files remain in exactly the same state that they were ahead. File 6 is always out of sync with all other files. No additional control points have been issued, and nothing further happened to produce 6 or anything else to do things to re - sync.

  Put a tablespace IN backup mode hot indeed causes a control point will take place for this table space. But out of hot backup mode does NOT work. The SNA in the headers of this tablespace will be re - synchronize the next time there is a checkpoint of the whole system, but not until then.

  So no, it's NOT ' updated when we take tablespace in backup mode using online redo log files "-Although the syntax of this sentence is so weird as to defy rational explanation and require pure conjecture.

  As for questions of the original poster, so:

  I just want to know where the DML activities occur when the tablespace mode backup how to get updated records? why there are no changes in the SNA? why there is excess redo generation compared with the normal DML region?

  1 DML activities occur quite normally. Put a tablespace in backup mode hot stops CKPT update its header, but does absolutely nothing to prevent your server to update another process the contents of the file. If you update every row to a million lines of table during a hot backup of the repository containing this table, each row is updated, exactly as he would have done if no hot backup took place. It is not property of a backup hot, after all, if the content data file was unflappable frozen for the duration, would it?

  2 there IS a change in the SCN when you put a tablespace in mode backup hot. See above. When you exit the hot backup mode, there is no special update for the RCS... but the next time that all the headers of data file are updated through a checkpoint at the system level (caused by things like a log switch or the ADMINISTRATOR requesting a) , then the header will be updated with the SNA as all the other data file headers.

  Get some more: this is the checkpoint change the number that is stored in the headers of data files, and it is that which does not change during a backup hot. Number of system change, including change of control point number is simply a snapshot at a point in time, increases continuously throughout the system, all the time.

  3. in a user managed backup, it's the operating system that copies things and it copies the things that the operating system is aware of--such as the "operating system block', which is commonly size of 512 bytes. An Oracle block consists of several operating system blocks (16 in the case of a block of 8 K and blocks of 512 bytes OS). Oracle knows 16 blocks BONE to form a block Oracle; the operating system itself has no idea of their interdependence.

  Therefore, the silent operating system will copy one of these 16 blocks at any time as seems it, because he realizes that if it copies one, she really should to copy other 15 institutions. If it were a cold maintained by users of backup, which is not serious, because nothing would be happening to all the 16 blocks of BONE, and as long as it took the BONES to copy all of them, the result would be the same, as if all 16 had been copied at the same time.

  But it's a hot backup, it happens at these blocks. Therefore, it is possible for the operating system to copy, say, three of them, just at the moment where Oracle is about to change one of its blocks with an update or insertion. Three blocks of BONE thus copied in one State and the other thirteen OS blocks copied in another State. You now have a block of 8K in a backup that is internally in all directions and totally unusable. It's called a cracked block, and that's what happens when a single entity (BONE) copy unconscious things the importance invested in this is it the copy by another (the Oracle database).

  The cure for a broken block is to have a clean block copy as it was before the updates that happened to her. This clean copy of the block, you can apply all redo them later generated who touched it. So it is what guarantees Oracle exist. If a tablespace is in hot backup mode, the first update that is subject to change an Oracle block causes this whole block to write in it again connects. There's your own copy. The copy that creates the backup operation is the copied data file can now be fractured or not as chance allows: he'll always be a good version of it stored in the recovery logs.

  However, an update that generated usually 200 bytes redo just caused all of a block of 8K to copy in the redo logs. And this increase in the generation of redo is a feature of backups maintained by users (and why you should use RMAN).

• Change the User Manager api for the update

  Hi all

  I'm trying to change some attributes using the UserManager change call.

  I get the exception below-

  Caused by: oracle.iam.platform.kernel.ValidationFailedException: this attribute is not supported for the change of the bulk operation.

  at oracle.iam.identity.usermgmt.impl.handlers.modify.ModifyUserValidationHandler.validate(ModifyUserValidationHandler.java:192)

  at oracle.iam.platform.kernel.impl.OrchProcessData.validate(OrchProcessData.java:246)

  at oracle.iam.platform.kernel.impl.OrchProcessData.runValidationEvents(OrchProcessData.java:190)

  at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.validate(OrchestrationEngineImpl.java:728)

  at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.process(OrchestrationEngineImpl.java:579)

  at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.orchestrate(OrchestrationEngineImpl.java:492)

  at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.orchestrate(OrchestrationEngineImpl.java:409)

  to s

  I am able to change using the same api string or text attributes, I get the above error only when I add an attribute of date format.

  HM.put (CommonConstants.EMPLOYEESTATUS, "T");

  HM.put (CommonConstants.EMPSTATUSDESC, CommonConstants.TERMINATED);

  HM.put (CommonConstants.TERMINATIONDATE, new Date ((new java.util.Date () .getTime ()));

  Employee status and type PEM desc are attributes of text and they have updated if I comment the termdate entry in the hash table.

  Pls let me know.

  Note: I checked to find and use in bulk for all the attributes that I spend in the hash table.

  Thanks in advance.

  ~ THE VSN

  Thank you J_IDM.

  I just followed the same same approach before, but the real problem was after I did the editable attribute, there is actually an update of the User.xml.

  Where the question.

  I took mds export and manually updated.

  ~ THE VSN

• The user managed the issue of recovery

  Hi all

  While doing refresh it by using the backup hot, recreate us the controlfile and cancel the recovery of the base (base to recover using backup controlfile until cancel). How oracle suggests the next archiving log.

  I mean we have recreated the controlfile right?

  It can suggest change (SNA), which is the required form datafile headers. But how is it that it gives the necessary exact archivelog.

  The CCR, for the second case, it gives just the necessary change.

  Someone help me please understand this.

  Enter the user name: / as sysdba

  Connected to:
  Oracle Database 11 g Enterprise Edition Release 11.2.0.3.0 - 64 bit Production
  With the partitioning, Real Application Clusters, OLAP, data mining
  and Real Application Testing options

  SQL > restore database using backup controlfile until cancel;
  ORA-00279: change 12913047615299 September at 08/12/2013 09:08:08 to
  thread 1
  ORA-00289: suggestion:
  /U23/backup/archive/abctest/redolog_1_5052_814521583.arc
  ORA-00280: change 12913047615299 thread 1 is in sequence #5052

  > But how is it that it gives the necessary exact archivelog.

  LOG_ARCHIVE_DEST parameters / LOG_ARCHIVE_FORMAT and LOG_ARCHIVE_DEST_n.  He used to 'build' the expected file name.

  In the CCR, he needs a starting point for the first file Archivelog must be provided by the ADMINISTRATOR.  Subsequent archivelog filenames are self-built.

  Hemant K Collette

• OIM 11g - EventHandler PostProcess add the user to the Group

  Hello world
  
  I am developing an eventhandler postprocess after a create operation of the user, in which I would like this user to be added to a group. I don't know if it's possible?
  
  This is the code to java that I wrote :
  
  
  public EventResult run (long processId, long eventId, orchestration of the Orchestration) {}
  
  
  tcDataProvider tcdata is XLDatabase.getInstance () .getDataBase ();.
  
  Take string = getUserKey (processId, orchestration);
  
  try {}
  long n = Long.parseLong (take);
  gKey long = 56;
  
  groupAPI = (tcGroupOperationsIntf) tcUtilityFactory.getUtility (tcdata, "Thor.API.Operations.tcGroupOperationsIntf");
  
  groupAPI.addMemberUser (gKey, nabil, true);
  
  } catch (tcAPIException e) {}
  System.out.println ("NOK");
  } catch (tcGroupNotFoundException e) {}
  System.out.println ("NOK1");
  } catch (tcUserNotFoundException e) {}
  }
  
  return new EventResult();
  }
  
  
  
  And this is the error I get :
  
  ----------
  
  < 24 Jul. 2012 10: 45 CEST > < error > < oracle.iam.identity.rolemgmt.utils > < ARA-3056030 >
  java.lang.RuntimeException: method not implemented
  at oracle.iam.request.eventhandlers.RequestDataActionHandler.execute(RequestDataActionHandler.java:110)
  at oracle.iam.platform.kernel.impl.OrchProcessData.runPreProcessEvents(OrchProcessData.java:896)
  at oracle.iam.platform.kernel.impl.OrchProcessData.runEvents(OrchProcessData.java:634)
  at oracle.iam.platform.kernel.impl.OrchProcessData.executeEvents(OrchProcessData.java:227)
  at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:665)
  at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.process(OrchestrationEngineImpl.java:435)
  at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.orchestrate(OrchestrationEngineImpl.java:381)
  at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.orchestrate(OrchestrationEngineImpl.java:334)
  at oracle.iam.identity.rolemgmt.impl.RoleManagerImpl.grantRoles(RoleManagerImpl.java:566)
  at oracle.iam.identity.rolemgmt.impl.RoleManagerImpl.grantRole(RoleManagerImpl.java:552)
  at oracle.iam.identity.rolemgmt.api.RoleManagerEJB.grantRolex (unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
  at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
  at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
  at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
  at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
  at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
  to $Proxy343.grantRolex (Unknown Source)
  at oracle.iam.identity.rolemgmt.api.RoleManager_ogut7n_RoleManagerRemoteImpl.__WL_invoke (unknown Source)
  (....)
  
  NOK
  ----------
  
  I tried to implement other methods such as getMemberUsers ("gKey") , and this one works...
  
  
  If you can help me with this, it will be really useful!
  
  Thank you
  
  Thibault

  You have entered the code in the execute method. Put it in the method bulkexecute as well.

  Why do you need to write event handlers to put the user in a group? Better to create a rule group membership and attach it to a group. Whenever a new user is created, the role membership rule is evaluated. All the users who fill out this membership rule will be automatically get assigned to this group.

  Kind regards
  GP

• Need to deny access to the file for the User Manager

  Hello

  I need be able to deny access to the file manager, as I don't want my client, deleting files. However, for some reason, I have to allow him access to what he should be able to download files via InContext Editor (he needs to link the pages to documents that are not on the server so he needs to download and do it, I have to grant access to the file manager).  How can I get around this?  I don't want to reupload the site whenever it deletes a file...

  Unfortunately we can not do - file manager access to removal as well as download and at this stage that cannot be changed.

• The UCS Manager LDAP question

  Hi guys,.

  I was wondering if anyone could help with a weird problem that we seem to have met with our UCS Manager.  We set it up to use LDAP authentication for log on which works very well for four of the five members of the team, but we have a user that although it is in exactly the same groups as the rest of us continually gets unautheticated errors to the user.

  We did the habit of checking that it is not his machine or installation and in the newspapers that it even does not save an attempt to log on default so not sure what I can check any thoughts would be much appreciated!

  We use UCSM v2.1 (1e) in case it's relevant?

  Thank you very much

  John

  I ran into the same issue.  Has proved to be a bug in the firmware DN was too long.

  CSCth96721

  It is more a limitation of 128 characters for the number of units of organization or the length of the distinguished name (DN) when you use LDAP to Active Directory authentication.

  http://www.Cisco.com/en/us/docs/unified_computing/UCS/release/notes/UCS_28313.html

• The user group policy does not

  Recently, I noticed that the group policies that are assigned the user to my organization OR may not apply.  When I do a gpresult, does not that the virtual machine is looking this UO at all even.  View machines are supposed to load user policies as any other workstation domain?

  I found the cause, a stupid mistake on my part.  There is a strategy of the computer that had active loopback, but replace the value.

• The user AD setAttribute questions

  I try to use the AD_User.setAttribute method as part of an workflow to unlock a user account, I can read the attribute, but it does not appear to be written correctly.

  My code is:

  User.setAttribute ("lockoutTime", "0");

  When the user is of type AD: User

  The workflow runs successfully, but I can read the attribute and the lockoutTime value has not changed.

  I'm this call correctly, or is this a bug?

  It turns out that SSL is NOT required to do this. After a bit of back & comes with some internal contacts, I advanced and tried again in my dev environment...

  Windows 2003 domain controller...

  Set group policy to accounts to lockout during 120 minutes after 3 failed password attempts

  Connection attempt 4 times with password invalid

  experienced account has been locked

  Confirmed my plugin announcement has been configured with and ADMINISTRATIVE account

  The following code to unlock the locked account:

  user.setAttribute('lockoutTime','0');

  In the line above, 'user' is my AD account: User has been locked. After the execution of the workflow containing this code, I have confirmed that the user was more llocked outside and could connect to my Windows 2003 domain.

  UPDATE: just as tested in a different environment to test this using a Windows 2008 R2 domain - same results as above. Account successfully unlocked using user.setAttribute('lockoutTime','0');

  Post edited by: Burke.