Wednesday, May 17, 2017

OIM: FVC (Form Version Control Utility) Alternate Query

If new fields are added in the Process Form, that fields will not be available for the users who already have the account provisioned. In this case, OIM provides and OOTB utility to update the process form for such(provisioned) accounts, called Form Version Control Utility (FVC).

An alternate approach to this is executing the following query to update such accounts:

Update <process_form_UD_table> set process_form_table_version = (Select sdk_active_version from sdk where sdk_name='process_form_UD_table');
at No comments:
Labels: , ,

Monday, May 15, 2017

OIM: PS3 Sizing Guide

OIM PS3 sizing guide can be found at the following location:

http://www.oracle.com/technetwork/middleware/id-mgmt/oim11g-sizingguide-194346.pdf
at No comments:
Labels: ,

OIM Error: java.io.InvalidClassException: oracle.iam.request.vo.BasicRequest; local class incompatible:

Error while running RequestService API

Exception in thread "main" javax.ejb.EJBException: failed to unmarshal interface oracle.iam.request.vo.Request; nested exception is: 
java.io.InvalidClassException: oracle.iam.request.vo.BasicRequest; local class incompatible: stream classdesc serialVersionUID = -5945010536412041491, local class serialVersionUID = -7263199514123717932; nested exception is: java.io.InvalidClassException: oracle.iam.request.vo.BasicRequest; local class incompatible: stream classdesc serialVersionUID = -5945010536412041491, local class serialVersionUID = -7263199514123717932
java.io.InvalidClassException: oracle.iam.request.vo.BasicRequest; local class incompatible: stream classdesc serialVersionUID = -5945010536412041491, local class serialVersionUID = -7263199514123717932

Solution:

Copy the 'oimclient.jar' and 'eclipselink.jar' from the location 'MIDDLEWARE_HOME/Oracle_IDM1/server/client/oimclient.zip' and add the same in your classpath.
at No comments:
Labels: , , ,

OIM: Update 'xelsysadm' Password In Working OIM Environment


  1. Login to Oracle Identity Manager Self Service as Oracle Identity Manager administrator and change the xelsysadm's password.
  2. Also update the password in the OIMAdmin key under the oracle.wsm.security map in CSF.

If you have OIM-OAM integration environment with OVD and an LDAP in the back end, you need to change the xelsysadm password at following places.

  1. Change xelsysadm password in Identity Self service console.
  2. Change OIMAdmin password from EM Console under Weblogic domain -> iam domain -> security ->credentials - > oracle.wsm.security folder.
  3. Change xelsysadm password in Directory side using ldap. Because change in xelsysadm password will NOT be propagated to LDAP. One need to manually update the password in LDAP directory as well.
at No comments:
Labels: , ,

Friday, May 12, 2017

OIM: Create OIM connection from IDE(Eclipse/Jdev)

Given that you are able to create a project a your IDE, carry out the following two exercise to connect to OIM to execute your APIs:

  1. Writing the code
  2. Importing the necessary jars

Code:

import java.util.Hashtable;
import javax.security.auth.login.LoginException;
import oracle.iam.platform.OIMClient;


public class OimConnection {

    private static final String OIM_URL = "t3://iamsoaguru.local.com:14000";
    private static final String AUTH_CONF = "C://Rohit//designconsole//config//authwl.conf";
    protected static final String OIMUSERNAME = "xelsysadm";
    protected static final String OIMPASSWORD = "Welcome1";
    protected OIMClient oimClient = null;

    public OIMClient BaseClient() {

        System.setProperty("APPSERVER_TYPE", "wls");
        System.setProperty("java.security.auth.login.config", AUTH_CONF);
        Hashtable<String, String> env = new Hashtable<String, String>();
        env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL,
                "weblogic.jndi.WLInitialContextFactory");
        env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, OIM_URL);
        oimClient = new OIMClient(env);

        try {
            oimClient.login(OIMUSERNAME, OIMPASSWORD.toCharArray());
            System.out.println("BaseClient.BaseClient() Login SUCCESS");
        } catch (LoginException e) {
            System.out.println("Exception in getting oimConnection");
            e.printStackTrace();
        }

        return oimClient;
    }

}

Required Jars:
  1. Commons-logging.jar
  2. Eclipselink.jar
  3. Jrf-api.jar
  4. OIMClient.jar
  5. Spring.jar
  6. WLFullClient.jar
at 1 comment:

Tuesday, May 2, 2017

OIM Query: List of roles without access policy attached

SELECT
  ugp1.ugp_name AS "Role Name",
  ugp1.UGP_DISPLAY_NAME AS "Role Display Name",
  ugp1.UGP_DESCRIPTION AS "Description",
  ugp1.UGP_CREATE AS "Create Date"
FROM ugp ugp1
WHERE ugp1.ugp_name not in (select  ugp.ugp_name
from pol
left join pog on pog.pol_key=pol.pol_key
join ugp on ugp.ugp_key = pog.ugp_key)
;
at No comments:
Labels: , , ,

Thursday, April 27, 2017

OIM SOA - Callback Server URL location


  1. Login into EM console.
  2. Right click on SOA -> SOA_INFRA -> SOA Administration -> Common Properties
  3. The callback server url will be inside Server URLs section

Callback server URL location

at No comments:
Labels: , ,
Subscribe to: Comments (Atom)