Pageviews

Tuesday, December 10, 2013

UDF in OIM 11g R2, User Defined Fields in OIM 11g R2, Custom Attributes in OIM 11g R2

UDF(User Defined Fields) or Custom Attributes in Oracle Identity Management (OIM 11g R2)




1. REGISTERING A NEW ATTRIBUTE

2. ADDING A NEW ATTRIBUTE IN FORM

3. CREATE A NEW USER

4. CHECK NEW USER AND ATTRIBUTE IN OIM

USER TABLE


FOR DETAILED INFORMATION ON UDF PLEASE REFER "Configuring Custom Attributes" IN OIM 11G R2 ADMIN
GUIDE

1. REGISTERING A NEW ATTRIBUTE

To create a custom attribute or UDF Log in to Oracle Identity System Administration using
http://localhost:14000/sysadmin and change hostname and port no. accordingly.
Type username and password of admin.



















Create and activate a sandbox. Click on Sandboxes on upper right corner.




Click on Create Sandbox.







Give a name to your sandbox and click Save and Close.

















Click on Form Designer in the left pane under Configuration header.

















Search for the form of User Type and click User.











Click on Create icon under Custom Panel











Select Field Type as Text and click OK.
















After Clicking OK button you will receive a custom attribute wizard .





























Fill up fields as shown below and Click Save and Close to Save.
















Now goto Manage Sandboxes tab , Select the activated sandboxes and Click Publish Sandbox to


















Commit the changes done so far.
So far we have registered the new attribute in User Form.

2. ADDING A NEW ATTRIBUTE IN FORM

Login to OIM Self service Console using http://localhost:14000/oim and change hostname and port no.
accordingly.

Enter the admin username and password.

















Click on the Sandboxes to create a new Sandbox


















Click on the Create Sandbox, enter following details then save and close the wizard.




























Click Users under Administration in left pane.

















Click Create to open User Creation Form.


















Fill the mandatory fields to avoid some validation exceptions.

Click on the Customize link situated at above right corner to customize the user form.




Click on the View and select Source to edit ADF code.

Select basic Information Area of User form to add attribute there by using your mouse pointer.













After selecting the area a confirmation window appears, Click Edit and confirm.










Now click Add Content button. Scroll, search, and click Data Component - Manage Users Link.












Scroll Down and search for UserVO1 Component. Click it.














After clicking a new wizard will get appear , scroll deep down and search for Major_Skill text box
component.

Click on the add button on left and select ADF Input Text W/ Lable. You can observer that
a new Field is automatically appears in User Form in Basic Information Area. Close Wizard.























Select the new attribute in ADF editor and click edit












Check on the Auto Submit and click ok.



















Close the Customize window.





3. CREATE A NEW USER

In Create User Form just fill with some information and submit












4. CHECK NEW USER AND ATTRIBUTE IN OIM USER TABLE

Check User in Database and find the new attribute (column) USR_UDF_MAJOR_SKILL















Wednesday, October 16, 2013

ObAccessClient.lst does not contain a client id - ACCESS_GATE FATAL 0x00001824

Hi,

Problem Description :

When A new Webgate agent is registered with OAM, sometimes due to some mis-configuration it the OHS servers throws some common exception. Today I got a very uncommon exception in OHS - Webgate - OAM configuration. Below is the stack trace came in :
------------------------------------------------------------------------------------------------------------
Message from syslogd@ at Wed Oct 16 10:19:05 2013 ...
mmvhsgbobis001a Oblix: 2013/10/16@10:19:05.07603      
3716    3765    ACCESS_GATE     FATAL   0x00001520    
/ade/aime_ngamac_497961/ngamac/src/palantir/webgate2/src/apache2entry_web_gate.cpp:589
"Exception thrown during WebGate initialization"

Message from syslogd@ at Wed Oct 16 10:19:05 2013 ...
mmvhsgbobis001a Oblix: 2013/10/16@10:19:05.07618      
3716    3765    ACCESS_GATE     FATAL   0x00001824    
/ade/aime_ngamac_497961/ngamac/src/palantir/webgate2/src/apache2entry_web_gate.cpp:590
 "ObAccessClient.lst does not contain a client id."      raw_code^213

------------------------------------------------------------------------------------------------------------

Message from syslogd@ at Wed Oct 16 10:46:35 2013 ...
mmvhsgbobis001a Oblix: 2013/10/16@10:46:35.09020    
 4728    4733    ACCESS_GATE     FATAL   0x00001520  
 /ade/aime_ngamac_497961/ngamac/src/palantir/webgate2/src/apache2entry_web_gate.cpp:589
  "Exception thrown during WebGate initialization"

Message from syslogd@ at Wed Oct 16 10:46:35 2013 ...
mmvhsgbobis001a Oblix: 2013/10/16@10:46:35.09035    
 4728    4733    ACCESS_GATE     FATAL   0x0000182A  
 /ade/aime_ngamac_497961/ngamac/src/palantir/webgate2/src/apache2entry_web_gate.cpp:590
"An internal ObError exception was caught."     raw_code^224

------------------------------------------------------------------------------------------------------------

Solution for Above Error:
------------------------------
Check "ObAccessClient.xml file in 
MW_HOME/ohs/instances/instance1/config/OHS/ohs1/webgate/config

If anything is looking inappropriate, just once more copy the artifacts from OAM_RREG_HOME/output/Agent_Name/ObAccessClient.xml  to this location.
(In My case I have registered the Agents using RREG - OAM remote Registration Tool).

If that doesn't work, you have to delete the present Agent from OAM and  re-register the Agent to create the new Artifacts (cwallet.sso and ObaccessClient.xml). Copy the new Artifacts to MW_HOME/ohs/instances/instance1/config/OHS/ohs1/webgate/config





Tuesday, October 8, 2013

ClassCastException error during OIM- Siebel Provisioning/Reconciliation

ClassCastException error during OIM-

Siebel Provisioning/Reconciliation

OIM connector for Siebel was apparently installed successfully. But, provisioning to the Siebel resource did not go through. A careful inspection of logs reveals the notorious “ClassCastException”.
Environment: OIM 11g 11.1.1.5.0 (PS1), Siebel 8.1.1, Oracle DB 11.2.0.1, Siebel User Management Release 11.1.1, Oracle Enterprise Linux 5.6 (64 bit), WLS 10.3.5
Stacktrace
java.lang.ClassCastException: java.lang.NoClassDefFoundError cannot be cast to org.identityconnectors.framework.common.objects.ConnectorObject
Other variants:
java.lang.NoClassDefFoundError
Investigation
This problem occurs if the required third party JARs (as noted in the connector documentation) were not successfully bundled within the connector during connector installation.
The documentation instructs one to copy siebel.jar and siebelji_enu.jar from SIEBEL_INSTALLATION_DIRECTORY/siebsrvr/CLASSES directory location and place in OIM_HOME/ConnectorDefaultDirectory/targetsystems-lib/siebel-RELEASE_NUMBER. But the downloaded third party jars size showed ridiculous 133KB (where healthy Siebel.jar ->1,295KB, SiebelJI_enu.jar -> 42KB).
Verification
1. $OIM_HOME/server/bin/DownloadJars.sh
[Enter Xellerate admin username :]xelsysadm
[Enter the admin password :]
[Enter serverURL :[ t3://localhost:7001 ]]t3://localhost:14000
[Enter context Factory :[ weblogic.jndi.WLInitialContextFactory ]]
Enter the jar type
  1.JavaTasks
  2.ScheduleTask
  3.ThirdParty
  4.ICFBundle
4 <——————————— Choose 4 for SiebelConnectorBundle here
Enter the full path of the download directory :

/tmp
Enter the name of jar file to be downloaded from DB :
org.identityconnectors.siebel-1.0.1.jar <—————– The name of the SiebelApps bundle
Do u want to download more jars [y/n] :n
Download jar executed successfully
2. Create a new Directory and name it Siebel_Jar. Unzip the downloaded org.identityconnectors.siebel-1.0.1.jar file into Siebel_Jar and check for the four required third-party JAR files which will not be present.
Your Directory Should look like :

Siebel_Jar
             |--------|
                        |----org
                        |----THIRDPARTYREADME.txt
                        |----META-INF
                        |----org.identityconnectors.siebel-1.0.1.jar

Solution
1. In the directory where the downloaded org.identityconnectors.siebel-1.0.1.jar was unzipped (ie. so you’re in the structure of the archive itself) create a sub-directory within this called: lib
2. Copy the Two External Jars i.e. (Siebel.jar and SiebelJI_enu.jar) required Siebel third-party JAR files into this new lib directory.
3. Move org.identityconnectors.siebel-1.0.1.jar file from this directory to another directory. Re-jar the files which now contain the third-party files in the new lib directory (the following command assumes you’re in the same directory(Siebel_Jar) where the original jar was unzipped in to and you’ve moved the original JAR file from this directory so it doesn’t end up in the new archive):
Now Your Directory should look like:
Siebel_Jar
             |--------|
                        |----org
                        |----THIRDPARTYREADME.txt
                        |----META-INF
                        |----lib
 Now Run the command below.
jar cvfm org.identityconnectors.siebel-1.0.1.jar META-INF/MANIFEST.MF *
(note the use of the existing MANIFEST.MF file as OIM will check for this)
4. Upload this new updated JAR file back into the database:
$OIM_HOME/server/bin/UploadJars.sh
[Enter Xellerate admin username :]
[Enter Xellerate admin username :]xelsysadm
[Enter the admin password :]
[Enter serverURL :[ t3://localhost:7001 ]]t3://localhost:14000
[Enter context Factory :[ weblogic.jndi.WLInitialContextFactory ]]
Enter the jar type
   1.JavaTasks
   2.ScheduleTask
   3.ThirdParty
   4.ICFBundle
4 <———————— again choose option 4 here for the SiebelConnectorBundle
Enter the path/location of jar file :
/tmp/jars/ org.identityconnectors.siebel-1.0.1.jar <—————– The name of the SiebelApps bundle
Do u want to load more jars [y/n] :n
Upload jar executed successfully
5. Restart OIM and retest provisioning and monitor logs.





******************************************************************************
******************************************************************************

Wednesday, September 11, 2013

XELSYSADM user account locked or reset the password for the XELSYSADM account in OIM 11G.

How to reset the password for the XELSYSADM account in OIM 11G.

Fix

The following workaround can be used to reset the xelsysadm password:

1. In USR table using SQL Developer, manually copy the "xeloperator's" or "Group Operator's" encrypted password to xelsysadm user's password column and commit (Use Ctl-C and Ctrl-V).

2. Then login into admin console using username: xelsysadm and password as : xeloperator

The default password for "xeloperator's" or "Group Operator's" is xeloperator

3. If Set up Security Questions Screen Appears then again reset password for xelsysadm via oim console for the password change to get propagated.

 Note: When OIM is integrated with OAM having LDAP sync, this note doenst apply there as the passwords are in the LDAP not in the OIM DB.

Wednesday, September 4, 2013

Web Services



                                                       Web Services helps to make simple code,  a web application which can be accessed through any language. If there is need of synchronizing a .NET Based application with an application which was build in JAVA, by using the webservices in that Java Application it can be synchronized easily. The JAVA application will expose a WSDL file  (Web Service Description Language) for exposing the code remotely to a .NET based application. The WSDL file an XML file used as communication medium between these application. So in that way any application can communicate with numerous application independent of the platform (Linux, Windows, Macintosh, Android) and languages (Java, .Net, PHP).

In Simple, Web-Services are the secured way to access remote Data without exposing the client's code or any remote code.

For e.g: If you don't have any website's username and password (like yahoo mail)- now a days you can login using FACEBOOK credentials and Facebook will ask for permissions to provide credentials to YAHOO.Here yahoo is using a web-service to access the Facebook database and Facebook is giving access to Yahoo through web service remotely without exposing any data and code to Yahoo.

There are two ends in web Services :-  
First :  The Web Service Host where the actual code and data resides. 
Second : The web Service Client where the stubs(programs) are generated using the Web Service Host's URL or XML file also known as WSDL file (Web Service Description Language).

So in my Example here Facebook will be the Web Service Host and Yahoo being the Web Service Client.

How Web Services Work:

The four major components on which web services works are :

1. SOAP  : Simple Object Access Protocol. More on this: http://www.w3schools.com/soap/soap_intro.asp
2. HTTP   : Hyper Text Type Protocol : More on this : http://www.tutorialspoint.com/http/what_is_http.htm
3. WSDL  : Web Service Description Language : More on this http://www.tutorialspoint.com/wsdl/wsdl_introduction.htm
4. UDDI    : Universal Decsription Discovery and Integration. More on this : http://www.w3schools.com/wsdl/wsdl_uddi.asp


There are different ways to use Web - Services. The usage depends on requirements and also depends on the Hosting Server. The different types of web services are listed below

1. RestFul
2. SOAP Based

1. RestFul Web-Services:

 In the web services world, REpresentational State Transfer (REST) is a key design idiom that embraces a stateless client-server architecture in which the web services are viewed as resources and can be identified by their URLs. Web service clients that want to use these resources access a particular representation by transferring application content using a small globally defined set of remote methods that describe the action to be performed on the resource. REST is an analytical description of the existing web architecture, and thus the interplay between the style and the underlying HTTP protocol appears seamless.
The HTTP methods such as GET and POST are the verbs that the developer can use to describe the necessary create, read, update, and delete (CRUD) actions to be performed. Some may see an analogy to operations in SQL, which also relies on a few common verbs, as shown in Table 1. However, the REST style and HTTP protocol are mutually exclusive, and REST does not require HTTP.
                                          Image Courtesy : http://wink.apache.org/documentation/1.0/html/1%20Introduction%20to%20Apache%20Wink.html 

2. SOAP Based:

A SOAP-based design may be appropriate when
  • A formal contract must be established to describe the interface that the web service offers. The Web Services Description Language (WSDL) describes the details such as messages, operations, bindings, and location of the web service.
  • The architecture must address complex nonfunctional requirements. Many web services specifications address such requirements and establish a common vocabulary for them. Examples include Transactions, Security, Addressing, Trust, Coordination, and so on. Most real-world applications go beyond simple CRUD operations and require contextual information and conversational state to be maintained. With the RESTful approach, developers must build this plumbing into the application layer themselves.
  • The architecture needs to handle asynchronous processing and invocation. In such cases, the infrastructure provided by standards such as WSRM and APIs such as JAX-WS with their client-side asynchronous invocation support can be leveraged out of the box.






Friday, August 16, 2013

Oracle Pidgin in Android Phone using Xabber or Connect Beehive chat in Android or Use XMPP in Xabber/Jabber

Connect pidgin in Andriod, Connect Oracle Chat in Android, Connect Oracle Pidgin in Android, Configure Pidgin in Android, Pidgin, Pidgin Help, Steps to Login in Pidgin or Beehive Chat in Android, Use Pidgin in Android, Xabber, 

Steps to Connect Pidgin in Android Phone or Beehive Chat in Your Android Phone is Here

1. Download Xabber from https://play.google.com/store/apps/details?id=com.xabber.android&hl=en of-course its a free app. Install it and Open.
2. Open Settings
3. Goto XMPP accounts - Manage your Accounts
4. Add Account
5. Enter User name : username@oracle.com
    Check - Store Password
    Password           : ***********
    Server                : oracle.com
    Check - Custom Host
    Host                  : stbeehive.oracle.com   
    Port                   : 5223
    Resource           : stbeehive
    Priority               : 5
    Check -  Use SASL Authentication
    TLS/SSL Usage  : Select Legacy SSL
   
And Press Back Key

It will try to connect and it will definitely connect.  Be sure to use your correct Oracle User Name and Password .

Now if You want to connect any chat room here is the trick

After Login into your chat account

1. Goto Options and select More.
2. Select Join Conference.
3. Enter the Following Details
     Multi User Chat Server      : conference.oracle.com
     Conference                      : name of chat room you want to join      
     nick                                : name to be shown in chat room (normally user name)
     Password                        : ********* (Oracle's Password)
     Check - Join Conference
    
     Save Conference 

And you are done now.




Monday, July 22, 2013

Flat File Reconciliation OIM 11g, OIM 11g R1, OIM 11g R2

OIM 11G : Using Flat File as Trusted Resource for Reconciliation of Users.

Steps

1. CREATE SHARED DRIVE, CSV AND ARCHIVE
2. CREATE GENERIC CONNECTOR
3. RUN SCHEDULER AND CONFIRM
4. CREATING RULE GENERATORS
5. CREATING RECONCILATION PROFILE
6. RUN SCHEDULER
7. SEARCH RECONCILIED USER

-------------------------------------------------------------------------------------------------------

1. CREATE SHARED DRIVE, CSV AND ARCHIVE

    Create a directory Archive in C:\myDIR\HRFEED\

  

Create a csv file, name it hrfeed.csv and place it in C:\myDIR\HRFEED\ with file containing below details.
  


2. CREATE GENERIC CONNECTOR

    Login to sysadmin page of OIM with url

    http://localhost:14000/sysadmin

    place your hostname and port accordingly.



    Enter OIM user name and password and sign in to OIM sysadmin console



  Click on Generic Connector link in the Left Pane

Click on Create to create a new Generic Connector.
 

 Populate the fields as given below, uncheck provisioning and continue.


Now Specify Correct parameters in step 2 and continue.





Now in step 3 a pop-up will get displayed showing the mapping between your flat file attributes with OIM.

Here we require two new attributes in Reconciliation Staging table to map it with OIM Table.

Click on + icon in Reconciliation Staging table to add new attributes.


Fill all details as given below and click continue.

  

  


Repeat above steps to create userType attribute in Reconciliation Staging Table.




 


Now it's time to map Reconciliation Staging Table to OIM table.
Click on the edit button of UserLogin Attribute of OIM table and click continue to map.


 

 After mapping each and every attribute we will get following matching lines.

Click close to jump into step 5.



Click save and wait for some time



After clicking save button connector creation confirmation window will appear . Close and go to sysadmin console.



3. RUN SCHEDULER AND CONFIRM

Click on Scheduler link on the Left Pane under System Management.





A pop up will get appear, click on search arrow to get the list of scheduler jobs.



Find and open OIM_FlatFile_Recon_GTC and click Run now button.



Confirm job is running.



Go to oim_server terminal and watch for the error. If you receive the same error, then you need to configure the newly created GTC.



4. CREATING RULE GENERATORS

Design Console Configuration Needed . If it is already configured then continue to the below steps or configure design console using following link

http://onlineappsdba.com/index.php/2010/10/11/part-vii-install-configure-oim-design-console-oracleidm-11g-step-by-step-installation-of-oam-oim-oaam-oapm-oin/

To debug the above error we need to create rule generators for the newly created GTC.

Open design console from windows start menu

or alternatively you can also start by going to path

MIDDLEWARE_HOME\Oracle_IDM1\designconsole\xlclient

Login to design console with OIM user name and password.


Click and open resource object form, from left panel, and click query button from toolbar, then go to resource objects table tab. In this step we will confirm that the newly created connector appears in database records.


Click on OIM_FlatFile_Recon_GTC record and open Resource Objects Tab


Select and Copy name field.


Now open Reconciliation Rule form and paste the copied resource object name in previous step into Object field and click on Query icon.


If no record message appears, we will create a new one, a new Rule for flat file reconciliation.


So to create a rule, populate fields as below and save it.


Click on Add Rule Element button.

Fill up the fields as below and save it.


Close the error message and exit.


Click yes to exit.


Click save and close the error message if any.


Close the form


5. CREATING RECONCILATION PROFILE
    Open Resource Object form, query for records.


Open Resource Object Table Tab and select OIM_FlatFile_Recon_GTC record


Now open Resource Object.


Go to Object Reconciliation Tab in above panel


Click on Create Reconciliation Profile



Cut and paste hrfeed.csv file from Archive Directory to HRFEED directory.



6. RUN SCHEDULER Login to sysadmin.
      Click on scheduler link on the Left Pane.


A pop up will get appear, click on search arrow to get the list of scheduler jobs.


Find and open OIM_FlatFile_Recon_GTC and click Run now button.


Confirm job is running.


Open oim_server terminal and check for the following message without any error.


7. SEARCH RECONCILIED USER

Login to oim self service console using

http:\\localhost:14000\oim

Change IP address and port Accordingly. Click on User link on left pane


Click on search and find new user reconciled from the flat file.


Hope this was helpful post. Please give your Valuable feedback and comments for any queries.