The Group Entitlements form is displayed in the User Management folder. You use it
to create and move forms, and to designate the forms and folders that members of a
user group can access through the Explorer.
To designate forms and folders to user groups by using the Group Entitlements form:
1. In the Explorer, double-click Group Entitlements.
The User Group Information page is displayed.
2. In the Group Name field, enter the name of the user group.
3. Click Assign.
The User Form Assignment lookup table is displayed.
4. From the lookup table, select the user form for this user group.
Use the arrow buttons to either add or delete from the Assigned Forms list.
5. Click OK.
The newly added user forms are listed in a Group Entitlements table. The Group
Entitlements Table displays all available user groups. This table shows the name of
the user form and the type. In the Group Entitlements table, there are two types,
javaform and folder. A javaform is a Java-based, graphical interface. A folder is a
container of one or many javaforms.
Wednesday, November 24, 2010
Tuesday, November 23, 2010
Sequence Recon Field on the resource object form
Sequence Recon If you select this check box, then reconciliation events are processed
in the sequence in which they are created.
The application of this feature can be illustrated by the following
example:
Suppose there are two reconciliation events for the OIM User
resource object for user John Doe. The first reconciliation event (E1)
data is as follows:
■ Login: testuser1
■ First Name: John
■ Last Name: Doe
■ Organization: Xellerate Users
■ Type: End-User
■ Role: Full-Time
The second reconciliation event (E2) data is as follows:
■ Login: testuser1
■ First Name: John1
■ Last Name: Doe1
■ Organization: Xellerate Users
■ Type: End-User
■ Role: Full-Time
Between the first and second events, the first name and last name of
the user was changed.
During trusted source reconciliation, if events are processed in the
order in which they are created, then this change in first and last
names is correctly reconciled into Oracle Identity Manager. However,
if the second event is processed before the first one, then data in the
target system does not match data in Oracle Identity Manager at the
end of the reconciliation run. This inconsistency will be reflected in
the auditing tables, and will remain until another event from the
trusted source is created for this user.
If you enable the Sequence Recon option, then you can ensure that
events for the same entity (for example, same user or same process
form) are processed in the order in which they were created.
in the sequence in which they are created.
The application of this feature can be illustrated by the following
example:
Suppose there are two reconciliation events for the OIM User
resource object for user John Doe. The first reconciliation event (E1)
data is as follows:
■ Login: testuser1
■ First Name: John
■ Last Name: Doe
■ Organization: Xellerate Users
■ Type: End-User
■ Role: Full-Time
The second reconciliation event (E2) data is as follows:
■ Login: testuser1
■ First Name: John1
■ Last Name: Doe1
■ Organization: Xellerate Users
■ Type: End-User
■ Role: Full-Time
Between the first and second events, the first name and last name of
the user was changed.
During trusted source reconciliation, if events are processed in the
order in which they are created, then this change in first and last
names is correctly reconciled into Oracle Identity Manager. However,
if the second event is processed before the first one, then data in the
target system does not match data in Oracle Identity Manager at the
end of the reconciliation run. This inconsistency will be reflected in
the auditing tables, and will remain until another event from the
trusted source is created for this user.
If you enable the Sequence Recon option, then you can ensure that
events for the same entity (for example, same user or same process
form) are processed in the order in which they were created.
Monday, November 22, 2010
OIM database back up and restore
Backup
@echo on
set ORACLE_SID=VOC4J
exp jboss9102/jboss9102 full=no owner=jboss9102 file=D:\Backupof_VOC4J_jboss9102_dontdelete\BACKUP\emptydb log=D:\Backupof_VOC4J_jboss9102_dontdelete\BACKUP\emptydb
@echo off
Restore::
sqlplus /nolog
CONNECT sys/sys123@VOC4J AS SYSDBA
DROP USER jboss9102 CASCADE;
@D:\oracle\javavm\install\initxa.sql
CREATE USER jboss9102 IDENTIFIED BY jboss9102 DEFAULT TABLESPACE jboss9102 TEMPORARY TABLESPACE temp QUOTA UNLIMITED ON jboss9102;
GRANT connect, resource, aq_administrator_role, dba, query rewrite TO jboss9102 with ADMIN OPTION;
@D:\oracle\RDBMS\ADMIN\dbmspool.sql
GRANT EXECUTE ON sys.dbms_shared_pool TO jboss9102 WITH GRANT OPTION;
BEGIN
dbms_resource_manager_privs.grant_switch_consumer_group( grantee_name => 'jboss9102',consumer_group => 'SYS_GROUP',grant_option => TRUE);
END;
/
Exit
imp jboss9102/jboss9102@VOC4J fromuser=jboss9102 touser=jboss9102 file=D:\Backupof_VOC4J_jboss9102_dontdelete\BACKUP\emptydb.DMP log=D:\Backupof_VOC4J_jboss9102_dontdelete\BACKUP\emptydb.log
OIM API Usage
//This class demonstrates the usage of OIM API's
import java.util.HashMap;
import java.util.Hashtable;
import com.thortech.util.logging.Logger;
import Thor.API.tcResultSet;
import Thor.API.tcUtilityFactory;
import Thor.API.Exceptions.tcAPIException;
import Thor.API.Exceptions.tcColumnNotFoundException;
import Thor.API.Operations.tcFormInstanceOperationsIntf;
import Thor.API.Operations.tcProvisioningOperationsIntf;
import Thor.API.Operations.tcUserOperationsClient;
import Thor.API.Operations.tcUserOperationsIntf;
import com.thortech.xl.dataaccess.tcDataSetException;
import com.thortech.xl.dataobj.tcDataSet;
import com.thortech.xl.dataobj.util.tcProcessUtilities;
import com.thortech.xl.util.config.ConfigurationClient;
public class OimApi {
tcUserOperationsIntf userOperationsintf=null;
tcFormInstanceOperationsIntf formInstanceOperationsIntf=null;
tcProvisioningOperationsIntf provisioningOperationsIntf=null;
Logger logger=Logger.getLogger("Sample");
tcUtilityFactory tcFactory=null;
//OIMCreateUser oimAPI=new OIMCreateUser();
private void init()
{
try{
getUtilityFactory();
userOperationsintf=(tcUserOperationsIntf)tcFactory.getUtility("Thor.API.Operations.tcUserOperationsIntf");
formInstanceOperationsIntf=(tcFormInstanceOperationsIntf)tcFactory.getUtility("Thor.API.Operations.tcFormInstanceOperationsIntf");
provisioningOperationsIntf=(tcProvisioningOperationsIntf)tcFactory.getUtility("Thor.API.Operations.tcProvisioningOperationsIntf");
}catch(Exception e){
logger.error(e.getLocalizedMessage());
}
}
public tcUtilityFactory getUtilityFactory()
{
try{
System.out.println("calling configuration Client");
ConfigurationClient.ComplexSetting config = ConfigurationClient.getComplexSettingByPath("Discovery.CoreServer");
final Hashtable env = config.getAllSettings();
/* env.put("java.naming.provider.url", "jnp://localhost:1099");
System.out.println("--------");
env.put("java.naming.factory.initial", "org.jnp.interfaces.NamingContextFactory");*/
System.out.println(env);
tcFactory=new tcUtilityFactory(env,"xelsysadm","xelsysadm");
}catch(Exception e)
{
e.printStackTrace();
}
return tcFactory;
}
//This method gets the user key
/**
* @param employeeid This contains the employee User ID
*
*/
private long finduserkey(String employeeid) {
HashMap map = new HashMap();
map.put("Users.User ID", employeeid);
long userkey=0;
try{
tcResultSet result = userOperationsintf.findUsers(map);
printTcResultSet(result,"User Form", logger);
if(result.getRowCount()!=1){
return 0;
}else{
userkey = result.getLongValue("Users.Key");
}
}catch (Exception e) {
}
return userkey;
}
public static void main(String arg[])
{
OimApi mo=new OimApi();
mo.init();
long usrKey=mo.finduserkey("testusr");
System.out.println(usrKey);
long procinstKey=mo.getProcessInstKeyOfRes("DB USER", usrKey, "provisioned");
mo.setValueOnProcessForm(procinstKey, "UD_DBUSER1_EMAIL", "xxx_yyy@yahoo.com");
System.out.println("updated form details successfully");
System.out.println("goin to disable the user");
//mo.disableApp(usrKey, procinstKey);
System.out.println("Printing form data");
mo.getFormData(procinstKey);
mo.getProcesstaskDetails(procinstKey);
System.exit(0);
}
//This method is used to get the process instance key
/**
* @param res_Name This parameter contains the resource Object name
* @param userkey This parameter contains the user key
* @param ROState This parameter contains the state of the RO either provisioned,enabled or disabled or revoked
*/
private long getProcessInstKeyOfRes(String res_Name,long userkey, String ROState) {
ROState = ROState.toLowerCase();
long longProcessInstanceKey = 0;
try{
tcResultSet resultGetObjects = userOperationsintf.getObjects(userkey);
int countResultGetObjects = resultGetObjects.getRowCount();
System.out.println("--------------"+countResultGetObjects);
for(int i = 0; i < countResultGetObjects; i++) {
resultGetObjects.goToRow(i);
String objetcName = resultGetObjects.getStringValue("Objects.Name");
System.out.println("---------Object name"+objetcName);
if(res_Name.equalsIgnoreCase(objetcName)) {
String status = resultGetObjects.getStringValue("Objects.Object Status.Status");
status = status.toLowerCase();
if(ROState.indexOf(status) >= 0) {
longProcessInstanceKey = resultGetObjects.getLongValue("Process Instance.Key");
}
}
}
}catch (Exception e) {
}
return longProcessInstanceKey;
}
//This method is used to update the process form details
/**
* @param proInstKey This param contains the process Instance Key
* @param key This param contains the form column name
* @param value This param contains the value to be updated
*/
public String setValueOnProcessForm(long proInstKey, String key, String value){
String SUCCESS = "SUCCESS";
String FAILURE = "FAILURE";
HashMap hm = new HashMap();
hm.put(key, value);
try {
formInstanceOperationsIntf.setProcessFormData(proInstKey, hm);
} catch (Exception e) {
e.printStackTrace();
return FAILURE;
}
return SUCCESS;
}
//This method gets the child table data
/**
* @param procInstKey This parameter contains the process instance key
*/
public void getChildData(long procInstKey)
{
try{
long formDefKey=formInstanceOperationsIntf.getProcessFormDefinitionKey(procInstKey);
int iVersion=formInstanceOperationsIntf.getActiveVersion(formDefKey);
System.out.println("Printing the child table details");
tcResultSet childResult=formInstanceOperationsIntf.getChildFormDefinition(formDefKey, iVersion);
System.out.println("------------"+"Printing the child values");
printTcResultSet(childResult,"childResult", logger);
long lChildKey=childResult.getLongValue("Structure Utility.Child Tables.Child Key");
tcResultSet childTableData=formInstanceOperationsIntf.getProcessFormChildData(lChildKey, procInstKey);
printTcResultSet(childTableData,"Child Table Data", logger);
System.out.println(lChildKey);
}catch(Exception e){
logger.error(e.getMessage());
}
}
//This method disables the OIM user
/**
* @param usrKey This param contains the user key
*/
public void disableXellerateUser(long usrKey)
{
try{
userOperationsintf.disableUser(usrKey);
}catch(Exception e)
{
e.printStackTrace();
}
}
//This method is used to disable the App for the user
/**
* @param usrKey This param contains the user Key
* @param procInstKey This param contains the process instance key
*/
public void disableApp(long usrKey,long procInstKey)
{
try{
userOperationsintf.disableAppForUser(usrKey, procInstKey);
}catch(Exception e)
{
e.printStackTrace();
}
}
//This method prints the DataSet Data
/**
* @param tcdataset This param contaisn the dataset
* @param tcdatasetName This param contains the name of the dataset
* @param logger This is the logger reference
*/
private static void printTcDataSet(tcDataSet tcdataset, String tcdatasetName, Logger logger) {
if(! logger.isDebugEnabled()) {
return;
}
logger.debug("printTcDataSet Starts for " + tcdatasetName);
try {
if (tcdataset == null || tcdataset.isEmpty()) {
logger.debug("tcdataset is Empty or null");
return;
}
String columnNames = tcdataset.getColumnNames();
logger.debug("columnNames = " + columnNames);
String[] columnNamesArray = columnNames.split(",");
int rowCount = tcdataset.getRowCount();
logger.debug("rowCount = " + rowCount);
for (int j = 0; j < rowCount; j++) {
tcdataset.goToRow(j);
for (int i = 0; i < columnNamesArray.length; i++) {
if(! (isNullOrEmpty(columnNamesArray[i]) || columnNamesArray[i].toUpperCase().indexOf("NULL") >= 0)) {
logger.debug(columnNamesArray[i] + " = " + tcdataset.getString(columnNamesArray[i]));
}
}
logger.debug("---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----");
}
} catch (tcDataSetException e) {
}
}
private static boolean isNullOrEmpty(String s) {
return s == null || s.trim().length() == 0;
}
//This method gets the form data
/**
* @param procInstKey This contains the process Instance Key
*/
public void getFormData(long procInstKey)
{
try{
tcResultSet data=formInstanceOperationsIntf.getProcessFormData(procInstKey);
printTcResultSet(data,"Parent Form", logger);
getChildData(procInstKey);
}catch(Exception e)
{
logger.error(e.getMessage());
}
}
//This method prints the ResultSet Data
/**
* @param resultSet This param contaisn the dataset
* @param resultSetName This param contains the name of the dataset
* @param logger This is the logger reference
*/
private static void printTcResultSet(tcResultSet resultSet, String resultSetName, Logger logger) {
if(! logger.isDebugEnabled()) {
return;
}
System.out.println("printTcResultSet Starts for " + resultSetName);
try {
if (resultSet == null || resultSet.isEmpty()) {
System.out.println("resultSet is Empty or null");
return;
}
int rowCount = resultSet.getRowCount();
System.out.println("rowCount = " + rowCount);
for (int j = 0; j < rowCount; j++) {
resultSet.goToRow(j);
String[] columnNames = resultSet.getColumnNames();
for (int i = 0; i < columnNames.length; i++) {
System.out.println(columnNames[i] + " = " + resultSet.getStringValue(columnNames[i]));
}
logger.debug("---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----");
}
} catch (tcAPIException e) {
logger.error("printTcResultSet... tcAPIException:", e);
} catch (tcColumnNotFoundException e) {
logger.error("printTcResultSet... tcColumnNotFoundException:", e);
}
logger.debug("---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----");
logger.debug("---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----");
}
//This method is used to get the process task details for a user
/**
* @param procInstKey This contains the process instance key
*/
public void getProcesstaskDetails(long procInstKey)
{
try{
tcResultSet processTaskResult=provisioningOperationsIntf.getProcessDetail(procInstKey);
printTcResultSet(processTaskResult,"Process Task", logger);
}catch(Exception e){
logger.error(e.getMessage());
}
}
}
import java.util.HashMap;
import java.util.Hashtable;
import com.thortech.util.logging.Logger;
import Thor.API.tcResultSet;
import Thor.API.tcUtilityFactory;
import Thor.API.Exceptions.tcAPIException;
import Thor.API.Exceptions.tcColumnNotFoundException;
import Thor.API.Operations.tcFormInstanceOperationsIntf;
import Thor.API.Operations.tcProvisioningOperationsIntf;
import Thor.API.Operations.tcUserOperationsClient;
import Thor.API.Operations.tcUserOperationsIntf;
import com.thortech.xl.dataaccess.tcDataSetException;
import com.thortech.xl.dataobj.tcDataSet;
import com.thortech.xl.dataobj.util.tcProcessUtilities;
import com.thortech.xl.util.config.ConfigurationClient;
public class OimApi {
tcUserOperationsIntf userOperationsintf=null;
tcFormInstanceOperationsIntf formInstanceOperationsIntf=null;
tcProvisioningOperationsIntf provisioningOperationsIntf=null;
Logger logger=Logger.getLogger("Sample");
tcUtilityFactory tcFactory=null;
//OIMCreateUser oimAPI=new OIMCreateUser();
private void init()
{
try{
getUtilityFactory();
userOperationsintf=(tcUserOperationsIntf)tcFactory.getUtility("Thor.API.Operations.tcUserOperationsIntf");
formInstanceOperationsIntf=(tcFormInstanceOperationsIntf)tcFactory.getUtility("Thor.API.Operations.tcFormInstanceOperationsIntf");
provisioningOperationsIntf=(tcProvisioningOperationsIntf)tcFactory.getUtility("Thor.API.Operations.tcProvisioningOperationsIntf");
}catch(Exception e){
logger.error(e.getLocalizedMessage());
}
}
public tcUtilityFactory getUtilityFactory()
{
try{
System.out.println("calling configuration Client");
ConfigurationClient.ComplexSetting config = ConfigurationClient.getComplexSettingByPath("Discovery.CoreServer");
final Hashtable env = config.getAllSettings();
/* env.put("java.naming.provider.url", "jnp://localhost:1099");
System.out.println("--------");
env.put("java.naming.factory.initial", "org.jnp.interfaces.NamingContextFactory");*/
System.out.println(env);
tcFactory=new tcUtilityFactory(env,"xelsysadm","xelsysadm");
}catch(Exception e)
{
e.printStackTrace();
}
return tcFactory;
}
//This method gets the user key
/**
* @param employeeid This contains the employee User ID
*
*/
private long finduserkey(String employeeid) {
HashMap map = new HashMap();
map.put("Users.User ID", employeeid);
long userkey=0;
try{
tcResultSet result = userOperationsintf.findUsers(map);
printTcResultSet(result,"User Form", logger);
if(result.getRowCount()!=1){
return 0;
}else{
userkey = result.getLongValue("Users.Key");
}
}catch (Exception e) {
}
return userkey;
}
public static void main(String arg[])
{
OimApi mo=new OimApi();
mo.init();
long usrKey=mo.finduserkey("testusr");
System.out.println(usrKey);
long procinstKey=mo.getProcessInstKeyOfRes("DB USER", usrKey, "provisioned");
mo.setValueOnProcessForm(procinstKey, "UD_DBUSER1_EMAIL", "xxx_yyy@yahoo.com");
System.out.println("updated form details successfully");
System.out.println("goin to disable the user");
//mo.disableApp(usrKey, procinstKey);
System.out.println("Printing form data");
mo.getFormData(procinstKey);
mo.getProcesstaskDetails(procinstKey);
System.exit(0);
}
//This method is used to get the process instance key
/**
* @param res_Name This parameter contains the resource Object name
* @param userkey This parameter contains the user key
* @param ROState This parameter contains the state of the RO either provisioned,enabled or disabled or revoked
*/
private long getProcessInstKeyOfRes(String res_Name,long userkey, String ROState) {
ROState = ROState.toLowerCase();
long longProcessInstanceKey = 0;
try{
tcResultSet resultGetObjects = userOperationsintf.getObjects(userkey);
int countResultGetObjects = resultGetObjects.getRowCount();
System.out.println("--------------"+countResultGetObjects);
for(int i = 0; i < countResultGetObjects; i++) {
resultGetObjects.goToRow(i);
String objetcName = resultGetObjects.getStringValue("Objects.Name");
System.out.println("---------Object name"+objetcName);
if(res_Name.equalsIgnoreCase(objetcName)) {
String status = resultGetObjects.getStringValue("Objects.Object Status.Status");
status = status.toLowerCase();
if(ROState.indexOf(status) >= 0) {
longProcessInstanceKey = resultGetObjects.getLongValue("Process Instance.Key");
}
}
}
}catch (Exception e) {
}
return longProcessInstanceKey;
}
//This method is used to update the process form details
/**
* @param proInstKey This param contains the process Instance Key
* @param key This param contains the form column name
* @param value This param contains the value to be updated
*/
public String setValueOnProcessForm(long proInstKey, String key, String value){
String SUCCESS = "SUCCESS";
String FAILURE = "FAILURE";
HashMap hm = new HashMap();
hm.put(key, value);
try {
formInstanceOperationsIntf.setProcessFormData(proInstKey, hm);
} catch (Exception e) {
e.printStackTrace();
return FAILURE;
}
return SUCCESS;
}
//This method gets the child table data
/**
* @param procInstKey This parameter contains the process instance key
*/
public void getChildData(long procInstKey)
{
try{
long formDefKey=formInstanceOperationsIntf.getProcessFormDefinitionKey(procInstKey);
int iVersion=formInstanceOperationsIntf.getActiveVersion(formDefKey);
System.out.println("Printing the child table details");
tcResultSet childResult=formInstanceOperationsIntf.getChildFormDefinition(formDefKey, iVersion);
System.out.println("------------"+"Printing the child values");
printTcResultSet(childResult,"childResult", logger);
long lChildKey=childResult.getLongValue("Structure Utility.Child Tables.Child Key");
tcResultSet childTableData=formInstanceOperationsIntf.getProcessFormChildData(lChildKey, procInstKey);
printTcResultSet(childTableData,"Child Table Data", logger);
System.out.println(lChildKey);
}catch(Exception e){
logger.error(e.getMessage());
}
}
//This method disables the OIM user
/**
* @param usrKey This param contains the user key
*/
public void disableXellerateUser(long usrKey)
{
try{
userOperationsintf.disableUser(usrKey);
}catch(Exception e)
{
e.printStackTrace();
}
}
//This method is used to disable the App for the user
/**
* @param usrKey This param contains the user Key
* @param procInstKey This param contains the process instance key
*/
public void disableApp(long usrKey,long procInstKey)
{
try{
userOperationsintf.disableAppForUser(usrKey, procInstKey);
}catch(Exception e)
{
e.printStackTrace();
}
}
//This method prints the DataSet Data
/**
* @param tcdataset This param contaisn the dataset
* @param tcdatasetName This param contains the name of the dataset
* @param logger This is the logger reference
*/
private static void printTcDataSet(tcDataSet tcdataset, String tcdatasetName, Logger logger) {
if(! logger.isDebugEnabled()) {
return;
}
logger.debug("printTcDataSet Starts for " + tcdatasetName);
try {
if (tcdataset == null || tcdataset.isEmpty()) {
logger.debug("tcdataset is Empty or null");
return;
}
String columnNames = tcdataset.getColumnNames();
logger.debug("columnNames = " + columnNames);
String[] columnNamesArray = columnNames.split(",");
int rowCount = tcdataset.getRowCount();
logger.debug("rowCount = " + rowCount);
for (int j = 0; j < rowCount; j++) {
tcdataset.goToRow(j);
for (int i = 0; i < columnNamesArray.length; i++) {
if(! (isNullOrEmpty(columnNamesArray[i]) || columnNamesArray[i].toUpperCase().indexOf("NULL") >= 0)) {
logger.debug(columnNamesArray[i] + " = " + tcdataset.getString(columnNamesArray[i]));
}
}
logger.debug("---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----");
}
} catch (tcDataSetException e) {
}
}
private static boolean isNullOrEmpty(String s) {
return s == null || s.trim().length() == 0;
}
//This method gets the form data
/**
* @param procInstKey This contains the process Instance Key
*/
public void getFormData(long procInstKey)
{
try{
tcResultSet data=formInstanceOperationsIntf.getProcessFormData(procInstKey);
printTcResultSet(data,"Parent Form", logger);
getChildData(procInstKey);
}catch(Exception e)
{
logger.error(e.getMessage());
}
}
//This method prints the ResultSet Data
/**
* @param resultSet This param contaisn the dataset
* @param resultSetName This param contains the name of the dataset
* @param logger This is the logger reference
*/
private static void printTcResultSet(tcResultSet resultSet, String resultSetName, Logger logger) {
if(! logger.isDebugEnabled()) {
return;
}
System.out.println("printTcResultSet Starts for " + resultSetName);
try {
if (resultSet == null || resultSet.isEmpty()) {
System.out.println("resultSet is Empty or null");
return;
}
int rowCount = resultSet.getRowCount();
System.out.println("rowCount = " + rowCount);
for (int j = 0; j < rowCount; j++) {
resultSet.goToRow(j);
String[] columnNames = resultSet.getColumnNames();
for (int i = 0; i < columnNames.length; i++) {
System.out.println(columnNames[i] + " = " + resultSet.getStringValue(columnNames[i]));
}
logger.debug("---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----");
}
} catch (tcAPIException e) {
logger.error("printTcResultSet... tcAPIException:", e);
} catch (tcColumnNotFoundException e) {
logger.error("printTcResultSet... tcColumnNotFoundException:", e);
}
logger.debug("---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----");
logger.debug("---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----");
}
//This method is used to get the process task details for a user
/**
* @param procInstKey This contains the process instance key
*/
public void getProcesstaskDetails(long procInstKey)
{
try{
tcResultSet processTaskResult=provisioningOperationsIntf.getProcessDetail(procInstKey);
printTcResultSet(processTaskResult,"Process Task", logger);
}catch(Exception e){
logger.error(e.getMessage());
}
}
}
OIM Approval Workflow
OIM Approval Workflow
====================
http://forums.oracle.com/forums/thread.jspa?threadID=690118
need to implement the following scenario in OIM.I have following 3 types of users in OIM . Employee,Organization Admin and Resource Admin.
1.Organization Admin logs into OIM and request a resource to an user.While requesting,Organization admin needs to enter some information about the user (it could be either process form or resource form)
2.Once the request is submitted,Resource Admin should see it in his pending task list.
3.Resource admin approves the request and the user gets provisioned to the target system.
I tried creating a process form,in which the admin can enter user details,but I am not sure how to attach approval workflow in that.
When I tried using Resource Form,I am not able to populate user's information in the form.
Any idea about how to implement this scenario?.Thanks in Advance.
=============
If I understood your workflow correctly then this might be a solution for you.
1.Create an object form.Attach it to Resource object form.This object form will be filled by Organization Admin.
2.Have your approval process for this resource object form which will be approved by resource admin.
3.All user attribute can be populated in process form using pre-pop adapters.
4.Create Data Flow so that information from object form can flow in process form.
Task Assignment Adapter Creation and use
Task Assignment adapter is used to acertain the user/group to whom the process task should be assigned in a provisioning workflow. Task Assignment adapters are in use Jupiter onwards only.
Example to use a Task Assignment Adapter:
- Login into Java client with an admin user
- Move to Resource Management -> Resource Objects
- Create a resource object
- Move to Process Management -> Process Definition
- Create a provisioning process for the above resource object
- Create a new task in the above process and save
- Move to Development Tools -> Adapter Factory
- Enter valid adapter name, description and select “Task Assignment ” as adapter type
- Save the adapter
- Verify in the variable list tab that 2 default adapter return variables are created
- In the Adapter Tasks tab, click on Assign to add a task to the adapter. Select to add a java task
- In the API source, select the appropriate jar (eg. newtask.jar). Also select appropriate Methods and save the task.
- Add two java tasks to the above adapter:
- For first select method as getType and map the variables as “Output variable” -> Adapter Variable -> Return Variable for key type. Map the second variable to a literal “User/Group” and the third variable to anything.
- For second select method as getKey and map the variables as “Output variable” -> Adapter Variable -> Return Variable for key. Map the second variable to a user/group key and the third variable to anything.
- For first select method as getType and map the variables as “Output variable” -> Adapter Variable -> Return Variable for key type. Map the second variable to a literal “User/Group” and the third variable to anything.
- Save and compile the adapter
- Move to Process Management -> Process Definition and query for the process created in step 5
- Double click to invoke the edit task dialog for the task created in step 6 and move to the assignment tab
- Double click on the Target type lookup field and select either User/Group
- In the adapter lookup field, select the adapter created in step 9.
- After making an adapter association, select the row and click on Map button
- Map the adapter return variables to task information and save
- Now provision the resource object to a user/organization
<Expected Result>
Verify that the tasks (Approval/Provisioning) get assigned to appropriate users as mapped in the adapter.
Other things to test:
- Provision to organization
- Check for both approval and provisioning processes
- Login with appropriate user and complete the assigned task
Query regarding OIM approval workflows.
In OIM approval workflows, how can we ensure that the requestor is not the approver for his requests (Seggregation of Duty - SOD)
2. As per the OOTB functionality of OIM, the request goes to user's manager for approval. In case the Manager's ID is disabled, the request goes to xelsysadm.
How can we change this behavior so that if the user's manager is disabled, the request should go to User's manager's manager.
2. As per the OOTB functionality of OIM, the request goes to user's manager for approval. In case the Manager's ID is disabled, the request goes to xelsysadm.
How can we change this behavior so that if the user's manager is disabled, the request should go to User's manager's manager.
Answer to your questions:
You need a custom task assignment adapter that will check whether the manager is disabled and return the manager of manager user key instead.
Welcome
Hi Guys,
This blog has been created to post your ideas,solutions and any issues you have encountered while working on OIM or while doing any customizations or implementation. Lets help each other and solve our issues in no time. So guys lets blog!!!!
This blog has been created to post your ideas,solutions and any issues you have encountered while working on OIM or while doing any customizations or implementation. Lets help each other and solve our issues in no time. So guys lets blog!!!!
Subscribe to:
Posts (Atom)