This content has been marked as final. Show 5 replies
Assuming your workflow is configured to already allow Enable and Disable, you can use this API:
tcUserOperationsIntf.disableAppForUser(long plUserKey, long plObjectInstanceForUserKey)
You can also return a response code that triggers disable, or other options. What are your requirements?
thanks for the reply kevin,
My requirement is :
All AD user are sync in OIM, Now i am able to look all user attributes in OIM that exist in AD.
Now i am creating provisioning java service to provision user. Through this provisioning java service, i am giving call to OIM.
What i need to do is that if i am giving call to lock OIM user, it should lock user in OIM as well as in AD .
So, what are the steps i need to do.
What configuration i need to do and which OIM API i need to call for lock and unlock user in OIM to AD
Do you have any sample code or any OIM blog, where each and every step is mention that i can help me.
Till now what i have done is that i have created connection in OIM and able to do the CURD operation in OIM by using java provisioning service.
So here's what i'll assume. The only thing you have to start with is the user login.1 person found this helpful
You can use the following:
UserManager usermgr = Platform.getService(UserManager.class);
usermgr.lock(userID, true, true);
You have two option now. You can use the Lookup.USR_PROCESS_TRIGGERS and add an entry for USR_LOCKED. I don't know off hand if there is a default adapter for Lock/Unlock rather than Enable/Disable but you can check in your instance. If this does exist, on your task that triggers on the Change User Lock (the decode value in the lookup), use this adapter. Otherwise, you willl need to write your own code, or add the attribute to the form and using the ootb expansion of the attributes in the documentation, add this attribute to the modifyable attributes. Just put a check in your code if the User Locked value from the user definition is a 1 or 0 before doing the lock or unlock.
The other option is you can create an event handler that is on the USER object and for the action of LOCK. In your code, you can lookup the user's AD instance, or connect to AD directly here, however you want. You could insert the task into the users existing instance from the above code. It all depends on how you want to do it, but you just need to propagate it one way or another.
Thanks for the reply
Can you please tell me what UserManager interface operations create, delete,changePassword and modify do?
It only do all this operation in OIM or it also sync into AD . If OIM is connected to AD by using ADConnector. If yes, how does it happen.
I understand that you are new to OIM, and I understand you want assistance. However, i refuse to provide you the full how to.
OIM is a product that requires you to trial and error your configurations if you ever want to learn the product. You need to put in the effort to attempt to learn some of the basics of the product. There are oracle by examples, as well as connector documentation for installing them.
Best of luck to you.