2 Replies Latest reply: May 19, 2013 9:43 PM by dongsu RSS

    OIA Role Import Error from OIM

      I am trying OIM-OIA integration excercise.
      Following the manual,
      Resource Metadata, Resources, ENtitlements, Policies were imported successfully.
      But in role import step, I met an error as follows

      In Administration->Configuration->Import/export->completed jobs the status is completed.
      But in Administration->Auditing&Events-> Import/Export log the status is failed.

      and the exception says ..
      Exception Type : Error importing roles:
      Description: Error importing roles: Transaction rolled back because it has been marked as rollback-only

      Can anyone help me?
      or have any idea what to check?

      The system environments are as follows
      (Actually it is OIM R2 VM image distributed by Oracle)

      WIN7 / VMWARE V7 is base system
      and the actual system is
      OS: Oracle Linux 6

      Edited by: dongsu on 2013. 5. 14 오후 7:39

      Edited by: dongsu on 2013. 5. 14 오후 7:42
        • 1. Re: OIA Role Import Error from OIM
          Daniel Redfern

          The GUI error logs are pretty shocking, hence it only shows you the fact that it 'failed'.

          To discover the reason, you need to look into the rbacx.log but first go into the log4properties file and change the following to DEBUG
          #RBACx Scheduling logging
          #Vaau commons logging
          #RBACx Core logging
          Bounce the server and see if the error pops up in the logs once you reattempt to import

          • 2. Re: OIA Role Import Error from OIM
            Hi Daniel,

            Thank you very much for help.

            Below is error log.
            The provisioning server is identity.oracleads.com as show in first line.
            OIA reach it and says "Connection successful".

            But later OIA try to reach 'OIM' and make ERROR message.
            'OIM' is old name of provisioning server.
            It looks like OIA start some certification process with workflow.
            But I don't understand why OIA looking for old name?

            As a work-around, if I put in OIM in etc/hosts file, it may work.
            But I like to know what exactly OIA doing and why OIA looking for old name.

            Can you help me further?

            10:38:24,107 DEBUG [OimUtilityFactory] Xellerate Discovery Settings {java.naming.provider.url=t3://identity.oracleads.com:14000/oim, java.naming.factory.initial=weblogic.jndi.WLInitialContextFactory}
            10:38:24,107 DEBUG [OimUtilityFactory] ********** Connecting to OIM Server **********
            10:38:24,525 DEBUG [OimUtilityFactory] ********** Connection successful **********
            10:38:24,526 DEBUG [DBIAMSolution] Fetch Roles(Groups) from OIM Server....
            10:38:24,890 DEBUG [DBIAMSolution] Creating Rbacx Role for Group ---> ALL USERS
            10:38:24,890 DEBUG [DBIAMSolution] [enter] createRole()
            10:38:24,890 DEBUG [DBIAMSolution] Custom Property Values --> [null, null, null, null, null, null, null, null, null, null]
            10:38:24,890 DEBUG [DBIAMSolution] Creating Role ---> ALL USERS
            10:38:24,890 DEBUG [DBIAMSolution] [exit] createRole()
            10:38:24,890 DEBUG [DBIAMSolution] Fetching Access Policies for Group ----> ALL USERS
            10:38:30,371 ERROR [ExportIAMRoleBatchFunction] connection name:OIM not found!
            10:38:30,527 ERROR [RoleManagerImpl] com.vaau.rbacx.workflow.WorkflowInitializationException: Error starting workflow
            10:38:30,527 ERROR [RbacxDataImporterImpl] Unable to request approval for roles
            com.vaau.rbacx.idw.IDWException: Error starting workflow
                 at com.vaau.rbacx.idw.manager.RoleManagerImpl.requestMassMembershipApproval(RoleManagerImpl.java:2280)