Forum Stats

  • 3,837,822 Users
  • 2,262,300 Discussions
  • 7,900,399 Comments

Discussions

After create action script for Oracle DB user creation - DBUM Connector

user8744020
user8744020 Member Posts: 1,072 Silver Badge
edited Nov 18, 2015 12:10PM in Identity Manager

Hi,

After we provision a user from OIM into target system database, we need to insert the same user into the RLS_USER_GROUPS table. (INSERT INTO CAMPDB.RLS_USER_GROUPS VALUES (‘DV<username>’, RLS_DEV’);  )

The requirement is to provision user to multiple databases ( different SID values). But, insert user into a table for only one database (DB1).

If I write a After Create Action File  with action script, will it trigger for all the databases ?  How to trigger this script only for DB1 database ?

2) In the documentation, it is mentioned as below

Q) I have installed the connector only in OIM (there is no connector server). so, in the 3rd and 5th step, what should i mention for

    Code Key       ???

    Decode          ???

pastedImage_7.png

Please suggest

Thanks,

Tagged:
user8744020

Best Answer

Answers

  • Kevin Pinsky
    Kevin Pinsky Member Posts: 5,322 Silver Crown
    edited Oct 19, 2015 6:52PM

    If you only want to run the script on a single target then you will want to create a new lookup that has the configurations. The IT resource has the top level lookup that then contains the other lookup referneves. So if you need to do something different you need a different configuration.  Otherwise you need to code into your script a check for when not to execute.

    -Kevin

    user8744020
  • user8744020
    user8744020 Member Posts: 1,072 Silver Badge
    edited Oct 21, 2015 3:21PM

    Right now as i am in testing phase to provision only for single database ... i added below in the lookup and tried to provision a user to database

    pastedImage_5.png

    I have installed the connector only in OIM. we don't have a connector server.

    but got the below user in the log file :

    [2015-10-21T11:05:46.250-07:00] [oimext_server1] [ERROR] [] [ORACLE.IAM.CONNECTORS.ICFCOMMON.CONNECTOROPHELPER] [tid: [ACTIVE].ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: 77744a889dde03de:4a60c5b8:15085e63c18:-8000-0000000000000004,0] [APP: oim#11.1.2.0.0] oracle.iam.connectors.icfcommon.ConnectorOpHelper : execute : Error occured while executing action[[

    org.identityconnectors.framework.common.exceptions.ConnectorException: Only SQL and StoredProc languages are supported. Invalid value: Groovy

        at org.identityconnectors.dbum.utils.DBUMAssertions.conditionCheck(DBUMAssertions.java:57)

        at org.identityconnectors.dbum.DBUMConnector.runScriptOnConnector(DBUMConnector.java:270)

        at org.identityconnectors.framework.impl.api.local.operations.ScriptOnConnectorImpl.runScriptOnConnector(ScriptOnConnectorImpl.java:58)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

        at java.lang.reflect.Method.invoke(Method.java:597)

        at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:93)

        at com.sun.proxy.$Proxy553.runScriptOnConnector(Unknown Source)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

        at java.lang.reflect.Method.invoke(Method.java:597)

        at org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:107)

        at com.sun.proxy.$Proxy553.runScriptOnConnector(Unknown Source)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

        at java.lang.reflect.Method.invoke(Method.java:597)

        at org.identityconnectors.framework.impl.api.DelegatingTimeoutProxy.invoke(DelegatingTimeoutProxy.java:107)

        at com.sun.proxy.$Proxy553.runScriptOnConnector(Unknown Source)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

        at java.lang.reflect.Method.invoke(Method.java:597)

        at org.identityconnectors.framework.impl.api.LoggingProxy.invoke(LoggingProxy.java:76)

        at com.sun.proxy.$Proxy553.runScriptOnConnector(Unknown Source)

        at org.identityconnectors.framework.impl.api.AbstractConnectorFacade.runScriptOnConnector(AbstractConnectorFacade.java:208)

        at oracle.iam.connectors.icfcommon.ConnectorOpHelper.execute(ConnectorOpHelper.java:348)

        at oracle.iam.connectors.icfcommon.prov.ICProvisioningManager.createObject(ICProvisioningManager.java:284)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

        at java.lang.reflect.Method.invoke(Method.java:597)

        at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpORACREATESETFORM.CREATE(adpORACREATESETFORM.java:119)

        at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpORACREATESETFORM.implementation(adpORACREATESETFORM.java:60)

        at com.thortech.xl.client.events.tcBaseEvent.run(tcBaseEvent.java:197)

        at com.thortech.xl.dataobj.tcDataObj.runEvent(tcDataObj.java:2496)

        at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(tcScheduleItem.java:3168)

        at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(tcScheduleItem.java:713)

        at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:608)

        at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:478)

        at com.thortech.xl.dataobj.tcORC.insertNonConditionalMilestones(tcORC.java:847)

        at com.thortech.xl.dataobj.tcORC.completeSystemValidationMilestone(tcORC.java:1165)

        at com.thortech.xl.dataobj.tcOrderItemInfo.completeCarrierBaseMilestone(tcOrderItemInfo.java:954)

        at com.thortech.xl.dataobj.tcOrderItemInfo.eventPostInsert(tcOrderItemInfo.java:185)

        at com.thortech.xl.dataobj.tcUDProcess.eventPostInsert(tcUDProcess.java:243)

        at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:608)

        at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:478)

        at com.thortech.xl.dataobj.tcTableDataObj.save(tcTableDataObj.java:2910)

        at com.thortech.xl.dataobj.tcUDProcess.save(tcUDProcess.java:1294)

        at com.thortech.xl.dataobj.tcORC.autoDOBSave(tcORC.java:3008)

        at com.thortech.xl.dataobj.util.tcOrderPackages.createOrder(tcOrderPackages.java:489)

        at com.thortech.xl.dataobj.util.tcOrderPackages.orderPackageForUser(tcOrderPackages.java:180)

        at com.thortech.xl.dataobj.tcOIU.provision(tcOIU.java:855)

        at com.thortech.xl.dataobj.tcOIU.eventPostInsert(tcOIU.java:367)

        at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:608)

        at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:478)

        at com.thortech.xl.dataobj.tcTableDataObj.save(tcTableDataObj.java:2910)

        at com.thortech.xl.dataobj.tcUserProvisionObject.insertImplementation(tcUserProvisionObject.java:289)

        at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:595)

        at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:478)

        at oracle.iam.accesspolicy.impl.handlers.provisioning.ProvisionAccountActionHandler.execute(ProvisionAccountActionHandler.java:150)

        at oracle.iam.accesspolicy.impl.handlers.provisioning.ProvisionAccountActionHandler.execute(ProvisionAccountActionHandler.java:48)

        at sun.reflect.GeneratedMethodAccessor1894.invoke(Unknown Source)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

        at java.lang.reflect.Method.invoke(Method.java:597)

        at oracle.iam.platform.kernel.impl.EventHandlerDynamicProxy$1.process(EventHandlerDynamicProxy.java:30)

        at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:13)

        at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:6)

        at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:128)

        at oracle.iam.platform.tx.OIMTransactionManager.execute(OIMTransactionManager.java:22)

        at oracle.iam.platform.kernel.impl.EventHandlerDynamicProxy.invoke(EventHandlerDynamicProxy.java:26)

        at com.sun.proxy.$Proxy302.execute(Unknown Source)

        at oracle.iam.platform.kernel.impl.OrchProcessData.runActionEvents(OrchProcessData.java:1285)

        at oracle.iam.platform.kernel.impl.OrchProcessData.access$500(OrchProcessData.java:76)

        at oracle.iam.platform.kernel.impl.OrchProcessData$8.processWithoutResult(OrchProcessData.java:840)

        at oracle.iam.platform.tx.OIMTransactionCallbackWithoutResult.process(OIMTransactionCallbackWithoutResult.java:10)

        at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:13)

        at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:6)

        at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:128)

        at oracle.iam.platform.tx.OIMTransactionManager.execute(OIMTransactionManager.java:22)

        at oracle.iam.platform.kernel.impl.OrchProcessData.runEvents(OrchProcessData.java:835)

        at oracle.iam.platform.kernel.impl.OrchProcessData.executeEvents(OrchProcessData.java:357)

        at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:944)

        at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.resumeChildProcess(OrchestrationEngineImpl.java:1025)

        at oracle.iam.platform.kernel.impl.OrchProcessData.handleAdditionalChanges(OrchProcessData.java:721)

        at oracle.iam.platform.kernel.impl.OrchProcessData.runEvents(OrchProcessData.java:1001)

        at oracle.iam.platform.kernel.impl.OrchProcessData.executeEvents(OrchProcessData.java:357)

       

    Thanks

  • Animesh Anand
    Animesh Anand Member Posts: 476 Bronze Badge
    edited Oct 22, 2015 3:22AM

    This is what Oracle says:

    To configure a before or after action, your connector must support running scripts. An exception is Groovy (with target set to Connector), which the Identity Connector Framework (ICF) supports by default for all converged connectors.

  • user8744020
    user8744020 Member Posts: 1,072 Silver Badge
    edited Oct 22, 2015 9:46AM

    by default groovy scripts are supported by connectors...right ?

    I installed connector only in OIM and configured After crate target=connector in lookup ?

    are there any other steps to configure ?

    Thanks

  • Animesh Anand
    Animesh Anand Member Posts: 476 Bronze Badge
    edited Oct 23, 2015 1:02AM

    But ur erroe says that groovy is not supported.

    user8744020
  • user8744020
    user8744020 Member Posts: 1,072 Silver Badge
    edited Nov 2, 2015 4:30PM

    Hi,

    I checked with Oracle Support, they said "Unfortunately the DBUM connector documentation is incorrect. Groovy scripts are not supported with this connector, only SQL or StoredProc scripts are supported".

    I tried using the same sql script mentioned in the document.

    INSERT INTO AUDIT_USERLOG VALUES ({__NAME__}, CURRENT_TIMESTAMP))

    I just modified the query to INSERT INTO RLS_USER_GROUPS VALUES ({__NAME__},'RLS_DEV’);           

    Here 'RLS_DEV' is going to be same for all the users.

    But, when i try to provision the TESTDB02 user, the user got provisioned but didn't get inserted into the table. I see below error in the log file

    [2015-11-02T12:57:21.328-08:00] [oimext_server1] [NOTIFICATION] [] [ORG.IDENTITYCONNECTORS.DBUM.DBUMCONNECTOR] [tid: [ACTIVE].ExecuteThread: '23' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: 77744a889de03de:-3e9693ae:150ba7cf2ea:-8000-0000000000000004,0] [APP: oim#11.1.2.0.0] org.identityconnectors.dbum.DBUMConnector : applyTagEffect : Applying tags []

    [2015-11-02T12:57:21.330-08:00] [oimext_server1] [TRACE] [] [ORG.IDENTITYCONNECTORS.DBUM.SQLEXECUTIONHANDLER] [tid: [ACTIVE].ExecuteThread: '23' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: 77744a889dd03de:-3e9693ae:150ba7cf2ea:-8000-0000000000000004,0] [APP: oim#11.1.2.0.0] [SRC_CLASS: com.thortech.util.logging.Logger] [SRC_METHOD: debug] org.identityconnectors.dbum.SQLExecutionHandler : executeUpdate : Executable query: INSERT INTO RLS_USER_GROUPS VALUES (?,'RLS_DEV');[[

    , Params: [__NAME__="TESTDB02":[VARCHAR]]

    ]]

    [2015-11-02T12:57:21.335-08:00] [oimext_server1] [ERROR] [] [ORG.IDENTITYCONNECTORS.DBUM.SQLEXECUTIONHANDLER] [tid: [ACTIVE].ExecuteThread: '23' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: 77744a889dd03de:-3e9693ae:150ba7cf2ea:-8000-0000000000000004,0] [APP: oim#11.1.2.0.0] org.identityconnectors.dbum.SQLExecutionHandler : executeUpdate : Error while executing INSERT INTO RLS_USER_GROUPS VALUES (?,'RLS_DEV');[[

    java.sql.SQLSyntaxErrorException: ORA-00911: invalid character

            at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:462)

            at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:405)

            at oracle.jdbc.driver.T4C8Oall.processError(T4C8Oall.java:931)

            at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:481)

            at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:205)

            at oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:548)

            at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:217)

            at oracle.jdbc.driver.T4CPreparedStatement.executeForRows(T4CPreparedStatement.java:1115)

            at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1488)

            at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3769)

            at oracle.jdbc.driver.OraclePreparedStatement.executeUpdate(OraclePreparedStatement.java:3904)

            at oracle.jdbc.driver.OraclePreparedStatementWrapper.executeUpdate(OraclePreparedStatementWrapper.java:1512)

            at org.identityconnectors.dbcommon.SQLUtil.executeUpdateStatement(SQLUtil.java:1028)

            at org.identityconnectors.dbum.SQLExecutionHandler.executeUpdate(SQLExecutionHandler.java:223)

            at org.identityconnectors.dbum.ExecutionHandler.executeAsUpdateQuery(ExecutionHandler.java:175)

            at org.identityconnectors.dbum.SQLExecutionHandler.executeProvisioningQuery(SQLExecutionHandler.java:160)

            at org.identityconnectors.dbum.DBUMConnector.runScriptOnConnector(DBUMConnector.java:290)

    Thanks

  • user8744020
    user8744020 Member Posts: 1,072 Silver Badge
    edited Nov 18, 2015 12:10PM Answer ✓

    This query worked fine.

    INSERT INTO CAMPDB.RLS_USER_GROUPS (USERNAME,GROUP_NAME) VALUES ({__NAME__},'RLS_DEV')

This discussion has been closed.