GENERAL ISSUES FACED DURING OIM(Oracle Identity manager) INSTALLATION

1.Before proceeding with the OIM installation make sure you set the oc4j,path and java home.
export JAVA_HOME=/u01apps/oraclesoa/jdk
export OC4J_HOME=/u01apps/oraclesoa
export PATH=$JAVA_HOME/bin:$PATH

2.If the OIM and OAM is installed on the same server there is high chances of port(RMI) contradiction between OIM and OAM (both ports should be different).By default it will take 12401.For OIM check the port no in opmn.xml file under ORACLE_HOME/opmn/conf

3.If your allication is clustered environment create a new oc4j instance in the application control (through browser). Don’t use the default instance in a clustered environment.

4.After installing OIM 9101, install the base patch 9102 before proceeding to the Bundle patch of 9102(BP).

5.Make sure the RMI port is same in both the nodes if incase the environment is clustered(OIM RMI port).

6.Make sure the oc4j application is running while applying the patch for Application server

7.Make sure the installation is done on oracle user and not root user.This is the recommended way of approach to install ,avoid installing application as root user

8.If OIM installation is done on clustered environment ,make sure the xellerate folder is deployed on newly created OC4J instance.folder structure and not in the default home instance: /u01apps/oraclesoa/j2ee/xluser2/application-deployments

9.I you get system encountered error(menu items are not working),Check the FormMetaData.xml.Check the xml by opening in a browser.

10.If an application is reployed(for example if Xellerate.ear is redeloed through em console),Run the oc4j(patch) script from setup folder.

Code to fetch all the Users available in OIM

public ArrayList getAllUsers(String users){
ArrayList allusers = new ArrayList();
String str = "";
HashMap userMap = new HashMap();
try {

userMap.put("Users.User ID", users);
tcResultSet moResultSet = moUserUtility.findUsers(userMap);
for (int i=0; i < moResultSet.getRowCount(); i++){ moResultSet.goToRow(i); str = moResultSet.getStringValue("Users.User ID"); allusers.add(str); System.out.println("User List in OIM==>"+str);
}
}catch(Exception e){
e.printStackTrace();
}
return allusers;
}

Code to fetch all the groups available in OIM

public ArrayList getAllGroups(String groups){
ArrayList groupAll = new ArrayList();
String str = "";
HashMap userMap = new HashMap();
try {

userMap.put("Groups.Group Name", groups);
tcResultSet moResultSet = moGroupUtility.findGroups(userMap);
for (int i=0; i < moResultSet.getRowCount(); i++){ moResultSet.goToRow(i); str = moResultSet.getStringValue("Groups.Group Name"); groupAll.add(str); System.out.println("All Groups==>"+str);
}
}catch(Exception e){
e.printStackTrace();
}
return groupAll;
}

Code to get(retrive) the Groups assigned to a OIM User

This code will return the groups assigned to a user present in OIM

//#######Getting User Key##########

public long getUserKey(String obj){
long key = 0;
HashMap userMap = new HashMap();

try {
userMap.put("Users.User ID", obj);
tcResultSet moResultSet = moUserUtility.findUsers(userMap);

for (int i=0; i < moResultSet.getRowCount(); i++){ moResultSet.goToRow(i); key = moResultSet.getLongValue("Users.Key"); } }catch(Exception e){ e.printStackTrace(); } return key; } public long getGroupKey(String obj){ long key = 0; HashMap userMap = new HashMap();

try {
userMap.put("Groups.Group Name", obj);
tcResultSet moResultSet = moGroupUtility.findGroups(userMap);

for (int i=0; i < moResultSet.getRowCount(); i++){ moResultSet.goToRow(i); key = moResultSet.getLongValue("Groups.Key"); } }catch(Exception e){ e.printStackTrace(); } return key; } //##########Getting the OIM groups for the particulat User######### public ArrayList getGroups(String uid){
ArrayList GroupList = new ArrayList();
String str = "";
HashMap userMap = new HashMap();

try {
userMap.put("Users.User ID", uid);
System.out.println("UID==>"+uid);
tcResultSet moResultSet = moUserUtility.getGroups(getUserKey(uid));

for (int i=0; i < moResultSet.getRowCount(); i++){ moResultSet.goToRow(i); str = moResultSet.getStringValueFromColumn(1); if ((!((str.equals("ALL USERS")) || (str.equals("SYSTEM ADMINISTRATORS"))||(str.equals("SELF OPERATORS"))))) GroupList.add(str); System.out.println("Groups assigned to the user"+uid+"==>"+str);
}
}catch(Exception e){
e.printStackTrace();
}
return GroupList;

}

Database command to unlock an user in OIM

When a user administrator is locked it needs another administrator to unlock the account from the admin console.

If there is only one admin user and it it is locked or disabled,the only possible way to enable the account is by executing the query in the OIM

Login to database machine and exxecute the SQL query

SQL> UPDATE USR SET USR_LOCKED=0,USR_LOGIN_ATTEMPTS_CTR=0 WHERE USR_LOGIN='XELSYSADM';
SQL> update USR set usr_status='Active' where USR_LOGIN='XELSYSADM';
SQL> update USR set usr_end_date='' where USR_LOGIN='XELSYSADM';
SQL> update USR set usr_disabled='0' where USR_LOGIN='XELSYSADM';
SQL> commit;

Checking OIM built version

Login to database machine and execute the following query

SELECT XSD_VALUE FROM XSD WHERE XSD_CODE='XL_BUILD_NUMBER';

Code to establish connection with OIM

This code will establish the connection to OIM.

package com.oim;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import Thor.API.tcResultSet;
import Thor.API.tcUtilityFactory;
import Thor.API.Exceptions.tcAPIException;
import Thor.API.Exceptions.tcColumnNotFoundException;
import Thor.API.Exceptions.tcOrganizationNotFoundException;
import Thor.API.Operations.tcGroupOperationsIntf;
import Thor.API.Operations.tcOrganizationOperationsIntf;
import Thor.API.Operations.tcUserOperationsIntf;


import com.thortech.xl.crypto.tcCryptoUtil;
import com.thortech.xl.crypto.tcSignatureMessage;
import com.thortech.xl.util.config.ConfigurationClient;

public class ConnectionEstablish {

public tcUtilityFactory ioUtilityFactory;
public tcUserOperationsIntf moUserUtility;
public tcGroupOperationsIntf moGroupUtility;

HashMap userMap = new HashMap();

public ConnectionEstablish(){


}

public String roleAuthenticate(String usr, String pass){
try {

System.setProperty("XL.HomeDir", "/u01/apps/oraclesoa/j2ee/home/applications/PREntRole/EntRole/WEB-INF");
System.setProperty("java.security.policy", "/u01/apps/oraclesoa/j2ee/home/applications/PRNICEntRole/EntRole/WEB-INF/Config/xl.policy");//server or client
System.setProperty("java.security.auth.login.config","/u01/apps/oraclesoa/j2ee/home/applications/PREntRole/EntRole/WEB-INF/Config/auth.conf");//server or client
System.setProperty("java.naming.provider.url", "");

ConfigurationClient.ComplexSetting config =
ConfigurationClient.getComplexSettingByPath("Discovery.CoreServer");
Hashtable env = config.getAllSettings();
System.out.println("test1");

tcUtilityFactory ioUtilityFactory = new tcUtilityFactory(env,usr,pass);

System.out.println("Getting utility interfaces...");
System.out.println("Connection Established");
moUserUtility = (tcUserOperationsIntf)ioUtilityFactory.getUtility("Thor.API.Operations.tcUserOperationsIntf");
moGroupUtility = (tcGroupOperationsIntf)ioUtilityFactory.getUtility("Thor.API.Operations.tcGroupOperationsIntf");
Logger logger = oracle.j2ee.rmi.RMIMessages.getLogger();
logger.setLevel(Level.OFF);

return "Valid";
} catch(Exception e){
e.printStackTrace();
return "Invalid";
}
}

To create a user with the same UserID of a deleted User in OIM

Steps to Follow

1.Login to the OIM Design Console
2.Goto the Administration - System Configuration form
3.Search for the Keyword "XL.UserIDReuse" and set the value to TRUE(by default it will be false)

Login to database Machine which has User

Login to SQLPrompt and Execute the query

DROP INDEX UDX_USR_LOGIN;
create unique index UDX_USR_LOGIN_UNQ ON USR (USR_LOGIN, ACT_KEY, DECODE(USR_STATUS,'Active',USR_STATUS,TO_CHAR(USR_KEY)));