Tuesday, 18 February 2014

Error with Ldapsync OIM and OID

Error with creating users in OIM with LdapSync 

After Ldap sync in OIM When create a user bellow error may trigger.

"An error Occurred while  performing create user operation.Unable to get  LDAP  connection,and  the root cause  is -null"

To fix this error
check IT Resource (Manage IT Resource) in OIM Advanced Administration Console


Search for IT Resource Type Directory Server and change Connection Pooling Supported to False



Now try to create user error may not  trigger.

But during Opening IT resource to update Connection pooling supported  value some times another error may occurred 

"A system error has occurred. Contact the Oracle Identity Manager System Administrator"

This error occurred after configuring oim for ldap sync. When you want to edit directory server(oim console- >advance->manage it resource->search->edit) to make connection pooling false in order to create user's it shows this error message. In order to resolve this error perform the following steps.

  • 1) open SQL developer console and connect with OIM schema 
  • 2) Run the following query:


select svr.svr_name, spd.spd_field_name, svp.svp_key, svp_field_value from svp inner join spd on spd.spd_key = svp.spd_key inner join svr on svr.svr_key = svp.svr_key; 

After this query you will get following value in plain text format i.e they are not encrypted


SVR_NAME
SPD_FIELD_NAME
SVP_KEY
SVP_FIELD_VALUE
Directory Server
Admin login
4
cn=oimLDAP,cn=system ids,dc=your domain,dc=com
Directory Server
Admin Password
5
oracle123
Directory Server
Search base
18
dc=your domain,dc=com
Directory Server
User reservation container
20
cn=Reserve,dc=your domain,dc=com

looking at this we can say that these value are not encrypted. Because of this we are facing this error. First make them null. 

  • Before making them null backup the table through following query:


create table DEV_OIM.svp_bkp as (select * from DEV_OIM.svp);
  • Now make them null:


update svp set svp_field_value=null where svp_field_value like ‘%dc%’; update svp set svp_field_value=null where svp_field_value like ‘%oracle%’; 

after this make sure to commit these changes to db. Now edit directory server, it will open now.

  •  we have made some value null that value we have to provide manually in directory. provide that values and user will now be created. Due to this two problem will be solved user creation and the original one also. 









Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)