Reconciliation of the AD to the IOM

Similar Questions

• Reconciliation of the IOM is not updating after adding custom fields

  In Oracle Identity Manager 11.1.2 with connector

  Connector for Oracle Internet Directory version 11.1.1

  I close the IOM LDAP users, and after I add custom fields for the reconciliation of the target, and I try to update these users with the new event of reconciliation return of custom fields, this new custom fields poster in case page of reconciliation and not in the form user to LDAP.

  I already create the new form with the news of the custom fields associated with the application Instance.

  Solution:

  CVF (form Version Control Utility) comes with IOM that updates the form associated with existing users.

  With the help of the form Version control utility - 11g Release 2 (11.1.2)

  OR

  
  

  Update PROCESS_FORM_TABLE set PROCESS_FORM_TABLE_VERSION =(select SDK_ACTIVE_VERSION of the SDK where SDK_NAME = 'PROCESS_FORM_TABLE'); COMMIT; NOTE: Replace PROCESS_FORM_TABLE with process form real that is 'UD_XXX '.

• Reconciliation of the IOM

  Hi all
  
  IOM is supplied to AD and Exchange and I can't see the resource information in modules of resources through the IOM web console. There he shows two resources as implemented. But after reconciliation, a line of resources more Exchane showed information on the User Info page. (I think, IOM established a link to Exchane for the same user). Rule Exchane Recon is how ever UserLogin = samAccountName
  
  But in this case, userlogin = 1234 and samAccountName = i1234 (the two are not equal). Then how her be reconciled and the link with the same user.
  
  Please suggest me. I have to stop the construction of this single resource exchage more for the same user.
  
  Kind regards
  G. love

  There will be no problem as long as the resource points to the correct information of the target and the connection.

  -Kevin

• How to upgrade the IOM user profile fields after the reconciliation of target user AD

  Hello

  I have a problem of set-aside. When I'm changing the values of the attributes of the user in Active Directory and then I run Active Directory target user Recon, AD in IOM account attributes are updated only but I would like to update the attributes in the IOM user profile too. Please, how can I do?

  Thank you.

  Milan

  You can create a personalized card which is your AD attributes flow into the user profile and add it as a response to the task 'receipt of update of reconciliation. "

  Use the UserManager api to update the user's profile.

• IOM: Reconciliation with the Tables of database applications connector

  Hello!
  
  I am using the Application Connector 9.1.0.5.0 database Tables in OIM 11 g to reconcile the accounts of my target system: MySQL 5.1.37. I followed the steps described in the guide of the connector to create and set up and configure my system target as a reliable source.
  
  The problem is that user accounts are not created in IOM, however, I know the Connector retrieves the information of every user because I can see it in the log messages generated when I run the reconciliation work, so I supossed the problem may be in the "configuration of the connector to modify page", or some time after that.
  
  In addition, I don't know if it's important, but I don't see "User of Type" field "IOM user account data set" to "change the Connector Configuration Page.
  
  A I forgot to do something in the configuration or there's something I've had to do but the steps described in the guide?
  
  Thanks in advance!
  
  Published by: user10857411 on January 11, 2011 16:10
  
  Published by: user10857411 on January 11, 2011 16:12

  SUN IDM is better than the IOM
  Reconciliation process in Sun IDM (newest oracle) is easier to implement than IOM (worst solution identity)

  Saludos cordial Zam

• Reconciliation of the EBS target does not work for the payments.

  Hi all

  I use OIM 11 g 2 and Oracle EBS user Managment 9.1.0.7.0 connector.
  I want to link the user's responsibilities in EBS your child to IOM. I tried to use the Scheduler ""eBusiness UM target user reconciliation resource ' but the execution of this work is just creating the EBS account for the user at the IOM. " I can see the user's responsibilities in the details information of the EBS account, which was created by the work of reconciliation of target, but I don't see them as the user rights

  How can I achieve this?

  Any help is appreciated.

  Thank you and best regards,

  Thank you for your help. I solved this problem with the use of assignments of rights enforcement after the work MU target resource user reconciliation eBusiness

• E-mail notification triggered during the reconciliation of the Active directory trust

  Hello

  When we run the scheduled task of reconciliation of trust user Active Directory, the user gets created by IOM and sends a notification to the user to create . But, if there is no change in Active Directory for the same user (any attribute changes) and we run the recon work trust, will be change also trigger an email notification?

  I mean, is that the notification of the user to create triggers the user and Manager too?

  During the reconciliation of trust, generated notification is to create user... is it good?

  I searched a lot of places, but could not find any appropriate entries. Please provide some input?

  Thank you

  No, during the change won't email notification.

  Creating trusted users, suite of property gets used:

  Must send notifications in recon or not

  Determines whether the notification is sent to the user in the user login and password are generated in the event handler postprocess for the creation of the user through reconciliation of the trusted source. If the value is set to true, then notification is sent when the user name and password are generated in the event handler postprocess for the creation of the user through reconciliation of the trusted source. If the value is set to false, then notification is not sent when the user name and password are generated in the event handler postprocess for the creation of the user through reconciliation of the trusted source.

  Recon.SEND_NOTIFICATION

  true

  If you want to send messages during the recon trust (update/changes), you must write your own code to java of notification, FYI: http://www.ateam-oracle.com/oim-11g-notifications/

  ~ J

• Get the error during the execution of the IOM in script integrated purge OIM_ReconArch.sh

  Get the error during the execution of the IOM in script integrated purge OIM_ReconArch.sh
  
  
  bash-3. $00 cat Err_Arch_Recon_2012_11_01_15_36_06.log
  ****
  -The execution state of archives reconciliation
  ****
  BEGIN OIM_SP_ReconArchival ("n", "n", 200000, 'ARCHIVE_SELECT_WITH_CONS_DROP_REC', 'both, '20110101',' 20111231'); END;
  
  *
  ERROR on line 1:
  ORA-00942: table or view does not exist
  ORA-06512: at "PREPRD. OIM_SP_RECONARCHIVAL', line 722
  ORA-00942: table or view does not exist
  ORA-01031: insufficient privileges
  ORA-06512: at line 1
  
  
  Help, please

  ORA-06512: at "PREPRD. OIM_SP_RECONARCHIVAL', line 722
  ORA-00942: table or view does not exist
  ORA-01031: insufficient privileges

  (1) check if the OIM_SP_RECONARCHIVAL table or the view exists or not...
  (2) if it exists, check if the DEV_OIM user has enough privilege to view this table...
  Otherwise, give it all privileges to open as a sys as sysdba

  GRANT ALL PRIVILEGES ON DEV_OIM;

  COMMIT;

• OIM 11g - reconciliation of the status of resource target

  Hello
  
  
  We work closely with IOM 11.1.1.5.2 and DBUM 9.1.0.4 and MSAD 9.1.1.7.
  Commissioning and reconciliation seem to work fine, but we found that the State of the resource is not be compared on the console of the IOM.
  
  For example, if supply us a user with an account of Oracle database, then lock the account on the database, when we run the reconciliation, the event is generated and finished with 'update succeeded', we go to the UD_DB_ORA_U table and find that the UD_DB_ORA_U_LOCK field has a value "BLOCKED." , then if we check the newspapers, we can see that the connector is properly mapping the State of resources with purpose of IOM status:
  
  prepareTargetUsersRecordInOIMFormat: save the value: LOCKED
  prepareTargetUsersRecordInOIMFormat: map: {OPEN = enabled 1 = Disabled, YES = Disabled, 0 = active, EXPIRED & LOCKED = Disabled No. = Enabled, LOCKED = disabled}
  ...
  prepareTargetUsersRecordInOIMFormat: roValue: TEMPORARY_TABLESPACE_QUOTA
  prepareTargetUsersRecordInOIMFormat: Temp RO value: null
  prepareTargetUsersRecordInOIMFormat: reconData: [{default Tablespace = 27 ~ USERS, Authentication Type = PASSWORD, password = dummy, default Tablespace = 27 ~ USERS, Authentication Type = PASSWORD, password = dummy, Quota of Tablespace default = profile_name = 27 ~ USERS, resource = Oracle, user name is USPRUEBA65, temporary Tablespace = 27 ~ TEMP, account status is LOCKED, status = Disabled, Global DN =, privilege list is [], the list of roles = [{role Admin Option = number}] [{[{, role name =}], Quota of temporary Tablespace =}]
  prepareTargetUsersRecordInOIMFormat: COMPLETED
  
  But, even if reconciliation succeeded the administration shows console account status "Enabled" and when I check the table Ouedraogo, I see that the status of an object of the IOM is always enabled.
  
  
  I found a few discussions on this issue, the closest was this one: reconciliation for users deleted on the target resource accounts but all it doesn't seem to be a great help because all the tasks described are already carried out by the installation of the connector (at least in the msad and dbum connectors).
  
  This problem occurs both Active Directory and Oracle database users, maybe we missed something but based on the documentation for both connectors, we thought it was a STANDARD feature. Is there some setting of the connector or the property of the system, that we have to configure to make it work?
  
  Thank you.
  
  Published by: fmc on July 26, 2012 12:53

  It should work OOTB. No need to write an adapter for it.
  It works for me like OOTB waited.

  Don't see you not received update reconciliation task inserted into the details of the profile of the users of resources? You have changed the status of the object mapping task in this task? It must be set to NONE.

  Thank you
  Patricia

• Reconciliation of the target of a WebService

  Hello experts,
  
  We would need to perform a reconciliation of the target of a web service, in order to create new users, remove and update the most common fields (name, surname, e-mail).
  Because we have seen that there is a web service that is already running in IOM (which we have reached throw IOM/spml-xsd/SPMLService?) (WSDL), we were wondering if operations we need are already available (just need to be called) or if we would need to develop something custom to catch requests.
  
  I read somewhere that the GTC connector may be able to manage web services applications. I think it's possible for commissioning, it would be possible for the reconciliation of too?
  
  If these operations are not available, which could be the best strategy to make IOM able to listen to the requests?
  
  Thank you!

  Reconciliation is not supported by us service. You can develop your own connector to make it work. See the discussion here and MOS discussion:
  Reconciliation of SAP to IOM by using Web services and SPML

  Kind regards
  GP

• OIM 11 g Sending Notification on the creation of the user of the IOM

  Hi gurus!
  
  I have the following requirement: whenever a user is created in the IOM (via the Administration Console, request or through trust reconciliation) an email notification should be sent to the Manager of the user, informing him that his collaborator has a connection to (automatically generated) given user and a password (also automatically generated) and that must be changed the first time newspapers user recently created by IOM.
  
  I have seen that we have in IOM definitions of email (in Console design) and the Notification Templates (in the Administration Console).
  
  I tried to use the definitions of Email but I'm not able to select the usr_password field in the variables section so I couldn't use this solution which seems to be very easy to use because you can directly use the definition of enamel on the Notification tab in the tasks of process.
  
  Subsequently, I analyzed the Templates of Notification solution. I defined the XML of the Type of event and in the Notification template (in the Administration Console), I was able to choose usr_password as a variable of the notification. However, when I tried to develop Java code (class that implements NotificationEventResolver), although I was able to extract most of the IOM user profile fields, I could not extract the domain usr_password... It seems that the usr_password domain (which is encrypted) cannot be obtained from the UserManager service.
  
  How can I get the user password and inject into the email notification?
  
  Thank you very much!

  Check this: Re: decrypt the Xellerate user password and review the code posted here by me. Since you're using the resolver of notification, you can use the PasswordManager to get the password for the user in your code.

  -Marie

• Generate the password in the IOM 10 g

  Hello
  
  I am able to set default user password (abc_123) use entity adapter in IOM. Now, I need suggestion how to generate a random password for users of the IOM.
  
  
  I found a blog where he explains to generate the password using entity adapter
  
  http://idminfo.WordPress.com/2011/01/31/OIM-how-to-create-and-use-entity-adapter-to-generate-passwords-doc/
  
  In that
  
  Adapter use an entity to generate passwords and attach it to the task of process of "Reconciliation insert received" process definition "Xellerate User. This approach could be used to update the password for the user from its inception*.
  
  My doubt is how a feature adapter can be attached to a process task.
  
  
  Please suggest me how to generate random password for a user.
  
  
  Kind regards
  877247

  For task received Reconcillation insertion, go to the tab of the answer and see the response to the event handled. Click on this answer and click assign task to generate. Now add your newly created task.

• Need to update a user existing in the IOM by running the scheduled task.

  Hi all
  
  I configured the GTC connector for flat file with which I am able to create users in the IOM successfully. Here is an example of flat file
  
  ##hRDB
  UserID, firstname, lastname, Manager, EmployeeType, Org, role, service, location, position
  AWinslet, Aate, Winslet, null, full-time, Xellerate users, end-user, engineering, Mumbai, Software Engineer
  
  and now, I'm not trying to update service user attribute by changing (financial engineering) Department in a flat as file below.
  
  ##hRDB
  UserID, firstname, lastname, Manager, EmployeeType, Org, role, service, location, position
  AWinslet, Aate, Winslet, null, full-time, Xellerate users, the end user, finance, Mumbai, Software Engineer
  
  When I ran a task scheduled for the resource to flat file GTC I get below error.
  
  
  WARN, January 5, 2011 23:26:29, 354, [XELLERATE. DCM PROVIDER. RECONCILIATIONTRANSPORT], FILE ARCHIVED successfully: C:\HRFeed\staging\identities 20110105.txt
  ERROR, January 5, 2011 23:26:34, 588, [XELLERATE. SERVER], class/method: tcUSR/verifyUserLogin error: User Loginid is doubled.
  ERROR, January 5, 2011 23:26:34, 744, [XELLERATE. SERVER], class/method: tcUSR/eventPreInsert error: user login is not correct.
  ERROR, January 5, 2011 23:26:34, 760, [XELLERATE. SERVER], class/method: tcDataObj/save error: wrong to save SQL operation
  ERROR, January 5, 2011 23:26:35, 088, [XELLERATE. DATABASE], class/method: tcDataBase/rollbackTransaction some problems: Rollback performed
  java.lang.Exception: Rollback performed
  
  Errors, that I got to know which scheduled task to the resource of flat file GTC tries to create the new user but not to update existing user. I want to update the attributes of the user for existing users by running the flat file GTC
  
  Please provide your valuable contributions
  
  Kind regards
  Madhu

  Check the indicator "Matching" only in the management section BMS. This indicator is as a rule of reconciliation and should be checked for the primary key for example attribute emp number or the connection. Please let me know if the corresponding flag setting is correct in your environment.

• Group seeking reconciliation in the connector of the OID of filtering

  Is it possible to add a filter to the scheduled task of reconciliation research group in the connector of the OID 9.0.4.11?
  My version of the IOM is 9.1.0.2 BP10
  
  Thank you

  I went through the doc, I dnt think you can do.
  Look in the eyes to the top of Lookup.OID.Configuration, you could get something here.

  Thank you
  Suren

• Firmware of the IOM on switch m6348 failed, incompatibility of fabric

  Update the firmware of the IOM 2 of the 4 m6348 failed to update and report incompatibility of fabric.  I tried the update process again and put back them in place.  They don't have the same power on in the Cabinet to access the console, is it possible to recover?

  The problem was caused because if you link the internal chassis interrrupteurs CMC, updated the firmware on the causes of MCC switches in the chassis of the cycle power and corrupt the update. (this is a trap that should not exist tbh)

  Avoid this problem by connecting the CMC directly or via an external switch during firmware updates.

  The firmware on switches is corrupt, I think that it should be possible to reflash the chips directly however this would require electronic expertise.  In our case, the seller has replaced the switches under warranty and we were able to update those successfully.