Oracle EBS Integration with OIM (Identity Manager) : Things you should know

 

 

This post covers Oracle E-Business Suite (EBS or Apps) integration with Oracle Identity Manager (OIM) for User Provisioning and Reconciliation. OIM is Identity Management and Identity Provisioning/Reconciliation software from Oracle. OIM 11g Architecture & Administration is also covered in my book Oracle Identity and Access Manager for Administrators.

 

Here are key things you should know if you are planning to use OIM to provision accounts to EBS or reconcile users from EBS to OIM.
1. There are mainly three type of users in Oracle E-Business Suite

a) EBS Accounts – is an entry in FND_USER that represents an Oracle E-Business Suite Account. To login to E-Business Suite user must have record in FND_USER

b) HRMS / PERSON Record – Some applications in EBS (like iExpense) require user to have HRMS (Person) record. PERSON record can be of different type like Employee, Part-time worker, Contractor, etc. Person records are stored in table PER_ALL_PEOPLE_F

c) Customer/Vendor Record – Some applications in EBS (like iStore or iProcurement) require user to have TCA record (Trading Community Architecture) that are representative or employees of customers and vendors . TCA record is in stored in table HZ_PARTIES

2. OIM uses pre-built connectors to provision accounts or reconcile users with LDAP Servers, Databases, Operating Systems and Business Applications including Oracle E-Business Suite.

3. There are two type of OIM connector for EBS

a) Oracle e-Business Employee Reconciliation (ER) – In this integration Oracle E-Business Suite HRMS acts as an authoritative source (aka trusted source) for OIM. In this configuration (trusted source) of connector, person records are created and modified only on EBS HRMS. Information about these users is then reconciled in to OIM. This connector has a Reconciliation Process.

Note: You can NOT use EBS ER connector to provision accounts from OIM to EBS (FND_USER), if you need to provision accounts in EBS (FND_USER) from OIM then you should use EBS User Management (UM) connector.

b) Oracle e-Business User Management (UM) – In this integration Oracle E-Business Suite acts as managed resource (target resource) for OIM. Users in OIM can be provisioned to EBS. Using this connector, users created or modified directly on Oracle E-Business Suite can also be reconciled in to OIM.  There are two processes in this connector Reconciliation Process and Provisioning Process.


4. There are three versions of EBS-UM Connector
a) User Management (FND_USER)
b) User Management with HR Foundation (FND_USER & HRMS/PER)
c) User Management with TCA Foundation (FND_USER & TCA/HZ_PARTIES)

5. EBS-UM connector can be configured in any one or combination of

a) User Management : Use this to create FND_USER record (in EBS) for OIM User and to grant roles and responsibilities to this EBS Record (FND_USER).

b) User Management with HR Foundation :  Use this connector to create FND_USER record in EBS (same as User Management) but you can also create basic HRMS user in EBS and link record in HRMS with record in FND_USER (EMPLOYEE_ID column in FND_USER table is linked with PERSON_ID column of PER_ALL_PEOPLE_F table). Use this version of connector if you wish to create record in FND_USER (of EBS) and HRMS (of EBS) from OIM.

c) User Management with TCA Foundation : Use this connector to create  FND_USER record in EBS (same as User Management) but you can also create basic TCA person-type party record in EBS and link it with record in FND_USER (PERSON_PARTY_ID column in FND_USER table is linked with PARTY_ID column of HZ_PARTIES table). Use this version of connector if you wish to create record in FND_USER (of EBS) and TCA (of EBS) from OIM.

6. Documentation for connector

a) EBS User Management Connector installation & configuration document is available here

b) EBS Employee Reconciliation Connector installation & configuration document is available here

7. It is recommended NOT to configure Oracle e-Business Employee Reconciliation and Oracle e-Business User Management with HRMS (HRF or HR Foundation) both at same time.

 

To know more about OIM connector for Oracle E-Business Suite , leave comment below !

About the Author Atul Kumar

Oracle ACE, Author, Speaker and Founder of K21 Technologies & K21 Academy : Oracle Gold Partner specialising in Design, Implement, and Trainings.

follow me on:

Leave a Comment:

22 comments
kkaushick says March 31, 2012

Thank you so much for sharing this insight.Kind of in a hurry , but am sure this document is going to be very much helpful when I go through it, as had been your other posts to so many people like me.
Thanks Again,

Reply
Victor Lin says January 31, 2013

I got “” error message when I provision eBS UM user with SSO enabled. Is there any example for the configuration with SSO enable?

Reply
    Atul Kumar says January 31, 2013

    @ Victor Lin,
    Are you provisioning EBS user via OIM (identity Manager) ?

    Is OID (used by SSO and EBS) integarted with OIM using LDAP Sync or via LDAP Connector ?

    Paste error as I can’t see error

    Reply
Victor Lin says January 31, 2013

Hi Atul Kumar,

We use OIM to provision eBS user (EBSUM connector) and OID user (OID connector).

Here is the error from oim.out
=====================================

<oracle.iam.connectors.common.ConnectorException:
at oracle.iam.connectors.common.vo.ITResource.(Unknown Source)
at oracle.iam.connectors.ebs.usermgmt.integration.EBSUserManagement.initUtil(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpEBSCREATEUSER.INITUTIL(adpEBSCREATEUSER.java:181)
at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpEBSCREATEUSER.implementation(adpEBSCREATEUSER.java:89)
at com.thortech.xl.client.events.tcBaseEvent.run(tcBaseEvent.java:196)
at com.thortech.xl.dataobj.tcDataObj.runEvent(tcDataObj.java:2492)
at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(tcScheduleItem.java:2919)
at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(tcScheduleItem.java:553)
at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:604)
at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:474)
at com.thortech.xl.dataobj.tcORC.insertNonConditionalMilestones(tcORC.java:844)
at com.thortech.xl.dataobj.tcORC.completeSystemValidationMilestone(tcORC.java:1162)
at com.thortech.xl.dataobj.tcOrderItemInfo.completeCarrierBaseMilestone(tcOrderItemInfo.java:735)
at com.thortech.xl.dataobj.tcOrderItemInfo.eventPostInsert(tcOrderItemInfo.java:172)
at com.thortech.xl.dataobj.tcUDProcess.eventPostInsert(tcUDProcess.java:236)
at com.thortech.xl.dataobj.tcDataObj.insert(tcDataObj.java:604)
at com.thortech.xl.dataobj.tcDataObj.save(tcDataObj.java:474)
at com.thortech.xl.dataobj.tcTableDataObj.save(tcTableDataObj.java:2906)
at com.thortech.xl.ejb.beansimpl.tcFormInstanceOperationsBean.setProcessFormData(tcFormInstanceOperationsBean.java:710)
at com.thortech.xl.ejb.beansimpl.tcFormInstanceOperationsBean.setProcessFormData(tcFormInstanceOperationsBean.java:426)
at Thor.API.Operations.tcFormInstanceOperationsIntfEJB.setProcessFormDatax(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy349.setProcessFormDatax(Unknown Source)
at Thor.API.Operations.tcFormInstanceOperationsIntfEJB_h6wb8n_tcFormInstanceOperationsIntfRemoteImpl.__WL_invoke(Unknown Source)
at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
at Thor.API.Operations.tcFormInstanceOperationsIntfEJB_h6wb8n_tcFormInstanceOperationsIntfRemoteImpl.setProcessFormDatax(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
at $Proxy187.setProcessFormDatax(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:198)
at $Proxy347.setProcessFormDatax(Unknown Source)
at Thor.API.Operations.tcFormInstanceOperationsIntfDelegate.setProcessFormData(Unknown Source)
at com.thortech.xl.webclient.actions.DirectProvisionUserAction.handleVerifyProcessData(DirectProvisionUserAction.java:2077)
at com.thortech.xl.webclient.actions.DirectProvisionUserAction.goNext(DirectProvisionUserAction.java:363)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:269)
at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(tcLookupDispatchAction.java:133)
at com.thortech.xl.webclient.actions.tcActionBase.execute(tcActionBase.java:894)
at com.thortech.xl.webclient.actions.tcAction.execute(tcAction.java:213)
at org.apache.struts.chain.commands.servlet.ExecuteAction.execute(ExecuteAction.java:58)
at org.apache.struts.chain.commands.AbstractExecuteAction.execute(AbstractExecuteAction.java:67)
at org.apache.struts.chain.commands.ActionCommandBase.execute(ActionCommandBase.java:51)
at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
at org.apache.commons.chain.generic.LookupCommand.execute(LookupCommand.java:305)
at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
at org.apache.struts.chain.ComposableRequestProcessor.process(ComposableRequestProcessor.java:283)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1914)
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:463)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at com.thortech.xl.webclient.security.CSRFFilter.doFilter(CSRFFilter.java:78)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.iam.platform.auth.web.PwdMgmtNavigationFilter.doFilter(PwdMgmtNavigationFilter.java:122)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.iam.platform.auth.web.OIMAuthContextFilter.doFilter(OIMAuthContextFilter.java:108)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused by: Thor.API.Exceptions.tcAPIException: Row index out of bounds
at Thor.API.tcMetaDataSet.goToRow(tcMetaDataSet.java:870)
… 115 more
>

Reply
Victor Lin says January 31, 2013

Below is the eBS UM resource configuration.

SSO Enabled: yes
SSO IT Resource: OID Staff IT Resource
SSO Identifier: orclGUID
SSO Login Attribute: uid

Reply
Atul Kumar says January 31, 2013

@ Victor Lin,
What is version of EBS UM connector ?

Atul

Reply
Victor Lin says January 31, 2013

OIM version: 11.1.1.5.0.0.0
EBS UM version: 9.1.0.4

Victor

Reply
Victor Lin says February 1, 2013

Hi Atul,

Any information require for your checking? I look forward to your reply.

Thanks for your kind assistance!
Victor

Reply
nitin says February 6, 2013

Hi Atul,

Truly appreciate your effort in putting this information for OIM folks.

I have a query – What are the drawbacks of having both connectors? want more information when you said “It is recommended NOT to configure Oracle e-Business Employee Reconciliation and Oracle e-Business User Management with HRMS (HRF or HR Foundation) both at same time.”

Thanks,
Nitin

Reply
Atul Kumar says February 6, 2013

@ Nitin,
If you configure bith EBS Employee Recon and EBS USER management with HR then one will create user in FND table and PER tables EBS-ER will again try to sync them to OIM. Why do you want to install both connectors ?

What is requirement ?

Reply
nitin says February 6, 2013

Hi Atul,

I don’t have any specific requirement, was just trying to understand. I understand that EBS UM connector shouldn’t provision to PERSON Table because it is configured as trusted source in EBS ER. You said it is “not recommended” and you didn’t say that it shouldn’t be done therefore wanted to dig more on the use case where we would need to have both and if we have both then what should be the approach – just need your expert comments.

Thanks,
Nitin

Reply
» OIM 11g : User Detail/Attribute (Description) not visible in OIM User screen : EBS / OID / OIM integration Online Apps DBA: One Stop Shop for Apps DBA’s says March 18, 2013

[…] E-Business Suite with Oracle Internet Directory (OID) and Oracle Identity Manager (OIM) (without Oracle EBS connectors) then users from EBS to OID are synced via EBS Provisioning Profile. These user in OID are then […]

Reply
PezGod says March 21, 2013

Atul,

Is it possible to use the IT Resource that exists for LDAP sync (by default called “Directory Server”) as the SSO IT resource for EBS integration or should I setup an OID Connector that is pointed to the same directory?

Hoping not to have to use a new OID connector, but I thought you may have had experience with this.

Kind Regards,

Jerry

Reply
    Atul Kumar says March 22, 2013

    @ PezGod.

    OID connector is not required if you are using OIM/OID 11g. Make sure that when you install/configure OIM select LDAPSync and when prompted for LDAP server then provide OID server details .

    Users created in OIM will always be in sync with OID .

    You now need to decide how you integrate EBS with OID i.e. provisioning type between OID/EBS

    a) EBS to OID
    b) OID to EBS
    c) Bidrectional i.e. OID to EBS and EBS to OID
    d) No create i.e. Do not create EBS to OID or OID to EBS

    Any doubts then paste them here

    Reply
PezGod says March 22, 2013

Atul,

Thanks for the input. You website has proved very helpful. We are actually provisioning EBS accounts using the OIM EBS User Management connector. It was my understanding that the EBS connector would retrieve the orclguid of the OID account that was created in LDAP sync and would then put that value on the FND_USER record.

When integrating EBS with OAM login through the EBS AccessGate looks for the orclguid of the oam user and finds a corresponding FND_USER record in EBS to match the OAM user with the EBS user record.

Am I mistaken?

Kind Regards,

Jerry

Reply
ABhijit says June 8, 2013

Atul

I am installing EBS connector . I have dounloaded files for connector and pasted contetnts to folder $OIM_HOME\Server\ConnectorDefaultDirectory

I have also Uploaded common.jar, EBSCommon.jar and EBSUM.jar using to uploadJar utility to OIM data base .

While installing connector ,I am getting below at fist stage “configuration of connector libraries”

The following files or folders are not available.
EBS-UM.properties
EBS-UM_da.properties
EBS-UM_de.properties
EBS-UM_es.properties
EBS-UM_fr.properties
EBS-UM_it.properties
EBS-UM_ja.properties
EBS-UM_ko.properties
EBS-UM_pt_BR.properties
EBS-UM_zh_CN.properties
EBS-UM_zh_TW.properties
EBS-UM_ar.properties
EBS-UM_en_US.properties
EBS-UM_en.properties
EBSCommon.jar
EBSUM.jar
Common.jar

Will you please guide me on this

Reply
ARama says July 28, 2013

Hi Atul,

Thank you so much for putting together this useful information. We are currently migrating our EBS 11i HRMS to Fusion Apps HCM and intend to use the EBS-UM Connector with HR Foundation to provision to EBS the employees created in Fusion.

Section 2.1.2.3 of the installation manual requires to set the employee number generation mode to manual (currently it is automatic). What is the reason of this requirement since the linkage between account and employee is done by employee id? Is the employee number used for reconciliation? Until the whole ERP is migrated a set of employees will still be created in EBS and we are concerned about the impact of this change.

Best regards,
Alberto

Reply
chewbaluba says November 13, 2013

Atul,

My requirement is to essentially manage EBS roles from OIM and provide SSO via OAM 11gR2. I have the EBS UM connector at my disposal. OID is the user store.

What is the best practice when registering OID with EBS (provisiontype)? If user is added to a role in OIM, he/she is added to a group in OID. If the connector is adding the user to the role in EBS, it seems redundant to have ‘outbound’ provisiontype i.e. OID to EBS. My thinking is that ‘4’ or the bizarely named ‘BiDiNoCreation’ is appropriate, but I wanted to get your thoughts. Thanks!

Reply
» EBS Integration with OIM : Employee Reconciliation : NumberFormatException: “BUSINESS_GROUP_ID” Online Apps DBA: One Stop Shop for Apps DBA’s says April 20, 2014

[…] r12 I discussed about Oracle EBS (R12/11i) integration with Oracle Identity Manager (OIM) here, I discussed about two type of connectors available for EBS […]

Reply
» OIM EBS User Management : eBusiness UM Lookup Definition Reconciliation failed with Invalid Schedule Task Parameter Online Apps DBA: One Stop Shop for Apps DBA’s says April 24, 2014

[…] discussed about Oracle EBS (R12/11i) integration with Oracle Identity Manager(OIM) here, and two type of connectors available for EBS integration […]

Reply
gopal says November 16, 2014

Hi Atul,

I want to sysnc APPS R12 HRMS users to Active Directory , Please clarify me bellow points.

1. please let me know this intigration will be ok?
A.Intigrate APPS R12 HRMS to OIM (using Oracle e-Business Employee Reconciliation connector )
and
B.Intigrate OIM with Active directory (using Microsoft Active Directory connector)

2. I need to use OID also for this case ?

Regards
Gopal

Reply
Cassim Juma says September 11, 2016

Hi Atul,

Great post. I have Oracle IDM, EBS HRMS, AD & Siebel CRM environment. IDM was brought later in and I already have users created in AD, HRMS and some in Siebel CRM.
The problem, when I create users in IDM, if the account exists in AD, AD refuses to create. I end up with partial accounts in the other systems. Please advise what to do. I want to reconcile and create dummy users in IDM, but my HRMS has some users who are on contract and should not access IDM.

Reply
Add Your Reply