This discussion is archived
0 Replies Latest reply: Sep 19, 2012 6:56 AM by 917206 RSS

AD account deleted when checking in Password View/User View

917206 Newbie
Currently Being Moderated
Hi All,

We have a custom workflow that allows our designated Password Admins to reset IDM passwords for users. What happens occasionally is that this action triggers a deletion of an AD account. It appears that the password is set as expected but the subsequent User View checkin results in the deletion of the AD account.

I have been up and down this trying to reproduce the problem in our test environments: unlinking the account, and then trying the password reset, unassigning the account and then trying the password reset, deleting the AD account on AD and then trying the password reset. I have not been able to reproduce this behaviour.

We are running Oracle Waveset 8.1.1.2.

The workflow only sets the IDM password using the Password View. And it ensures that the Lighthouse account is not locked using the User View. Below is the code snippet.

Has anyone run into this before? What am I missing here?

All help is much appreciated.

Kamil.
      <Activity id='6' name='Reset Password'>
        <Action id='0' name='Check out password view' application='com.waveset.session.WorkflowServices'>
          <Argument name='op' value='checkoutView'/>
          <Argument name='type' value='Password'/>
          <Argument name='id' value='$(accountId)'/>
          <Argument name='subject' value='$(view.waveset.name)'/>
          <Argument name='authorized' value='true'/>
          <Return from='view' to='passwdView'/>
        </Action>
        <Action id='1' name='Populate View'>
          <expression>
            <block>
              <set name='passwdView.resourceAccounts.selectAll'>
                <s>false</s>
              </set>
              <set name='passwdView.resourceAccounts.currentResourceAccounts[Lighthouse].selected'>
                <s>true</s>
              </set>
              <set name='passwdView.resourceAccounts.currentResourceAccounts[Lighthouse].expirePassword'>
                <Boolean>false</Boolean>
              </set>
              <set name='passwdView.resourceAccounts.password'>
                <ref>password</ref>
              </set>
            </block>
          </expression>
        </Action>
        <Action id='2' name='Checkin Password View' application='com.waveset.session.WorkflowServices'>
          <Argument name='op' value='checkinView'/>
          <Argument name='view' value='$(passwdView)'/>
          <Argument name='subject' value='$(view.waveset.name)'/>
          <Argument name='authorized' value='true'/>
        </Action>
        <Action id='3' name='Checkout user view' application='com.waveset.session.WorkflowServices'>
          <Argument name='op' value='checkoutView'/>
          <Argument name='type' value='User'/>
          <Argument name='id' value='$(accountId)'/>
          <Argument name='subject' value='$(view.waveset.name)'/>
          <Argument name='authorized' value='true'/>
          <Argument name='options'>
            <map>
              <s>TargetResources</s>
              <list>
                <s>Lighthouse</s>
              </list>
            </map>
          </Argument>
          <Return from='view' to='userView'/>
        </Action>
        <Action id='4' name='Set unlock lighthouse'>
          <expression>
            <block>
              <set name='userView.accounts[Lighthouse].selected'>
                <s>true</s>
              </set>
              <set name='userView.accounts[Lighthouse].locked'>
                <Boolean>false</Boolean>
              </set>
            </block>
          </expression>
        </Action>
        <Action id='5' name='Checkin unlock View' application='com.waveset.session.WorkflowServices'>
          <Argument name='op' value='checkinView'/>
          <Argument name='view' value='$(userView)'/>
          <Argument name='subject' value='$(view.waveset.name)'/>
          <Argument name='authorized' value='true'/>
        </Action>

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points