Oracle Identity Manager (OIM) Provides assigning Proxy to some other user so that when a user is on leave or out of office, user can delegated task/approvals to someone else.
- To assign proxy in OIM: login to Self Service Console : My Profile -> Proxies -> Add Proxy
On Adding Proxy, users were getting error “The add proxy operation for user [user_name] failed with following error oracle. bpel. services. workflow. client. workflowServiceClientException javax.xml.ws.WebServiceException could not determine wsdl ports”
When you assign Proxy in OIM 11g, request is fulfilled by SOA server (SOA server is mandatory in OIM 11g). If you hit this error first thing to check is that SOA server is running and there are no errors in SOA server log file. In my case SOA server was running and there were no errors related to SOA service /soa-infra (STATE of deployment soa-infra in WebLogic Console was ACTIVE )
Message reported in OIM server out file was
<24-Mar-2013 20:47:50 o’clock UTC> <Error> <oracle.iam.configservice.impl> <IAM-3020003> <The attribute PROXY_NAME does not exist!>
<24-Mar-2013 20:47:50 o’clock UTC> <Warning> <oracle.iam.selfservice.self.agentry> <BEA-000000> <IAM-3045001>
<24-Mar-2013 20:47:51 o’clock UTC> <Error> <oracle.iam.identity.usermgmt.impl> <IAM-3050062> <Failed setting proxy in BPEL. The operation will be rolled back.>
Message reported in OIM Diagnostics log file was
[2013-03-24T20:47:50.722+00:00] [WLS_OIM2] [NOTIFICATION] [IAM-1010010] [oracle.iam.platform.authz.impl] [tid: [ACTIVE].ExecuteThread: ‘1’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: xelsysadm] [ecid: 004qB7DDy4I7u1W5Lzl3ie00053X000M4O,0:1] [APP: oim#188.8.131.52.0] [URI: /oim/faces/pages/Self.jspx] ********** Entering the Authorization Segment with parameters:: LoggedInUserId = 30, target resourceID = null, Feature = SELF_SERVICE_USER_MANAGEMENT, Action = MODIFY_SELF_USER_PROXY_PROFILE **********
[2013-03-24T20:47:50.722+00:00] [WLS_OIM2] [NOTIFICATION] [IAM-1010033] [oracle.iam.platform.authz.impl] [tid: [ACTIVE].ExecuteThread: ‘1’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: xelsysadm] [ecid: 004qB7DDy4I7u1W5Lzl3ie00053X000M4O,0:1] [APP: oim#184.108.40.206.0] [URI: /oim/faces/pages/Self.jspx] OES Results are not found in cache with Key F: SELF_SERVICE_USER_MANAGEMENTS: 30P: MODIFY_SELF_USER_PROXY_PROFILEOESDefinition
[2013-03-24T20:47:51.696+00:00] [WLS_OIM2] [ERROR] [IAM-3050062] [oracle.iam.identity.usermgmt.impl] [tid: [ACTIVE].ExecuteThread: ‘1’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: xelsysadm] [ecid: 004qB7DDy4I7u1W5Lzl3ie00053X000M4O,0:1] [APP: oim#220.127.116.11.0] [URI: /oim/faces/pages/Self.jspx] Failed setting proxy in BPEL. The operation will be rolled back.
Here are some of the questions that came to my mind while troubleshooting this issue
How OIM knows which SOA server to connect (Where is SOA server URL defined in OIM) ?
What user OIM server uses to connect to SOA Server ?
Where is password stored for this user (used to connect to SOA server) ?
SOA URL is defined in OIM’s Application Defined MBEAN (oracle.iam -> Server: <oim_server_name>, Application: oim -> XMLConfig -> Config -> XML.Config.SOAConfig -> SOAConfig)
- URL to connect to SOA server is defined by Attribute SoapURL and User that is used to connect is defined in attribute Username
- Password for username defined above is stored in credential store of OIM (Map : OIM ; key : SOAAdminPassword )
Root Cause : In my case SOA URL ( defined by SoapURL property) was not reachable from OIM server (blocked by firewall).
- Setting Proxy User In OIM Fails with “Could not determine wsdl ports” Error [ID 1459121.1]
- Enable OIM to connect to SOA using LDAP User
Related Posts for Identity Manager
- Oracle Identity Manager (User Provisioning – Thor)
- Installing Oracle Identity Manager (Thor Xellerate)
- Oracle Identity Manager 9.1 released
- Oracle Identity Manager (Thor Xellerate) Architecture
- Resource, Reconciliation, Provisioning and Connector in Oracle Identity Manager #OIM
- Oracle Identity Manager (OIM) Connector for Oracle Internet Directory (OID) : Architecture and Overview
- Step by Step Installation of OIM Design Console 9.1.0
- Error while running PurgeCache in OIM 11g : LoginException unable to find LoginModule class : WebLogic Full Clinet
- Integrate OIM 11g with OID using connector for Provisioning / Reconcilliation – Installation
- PurgeCache in OIM 11g : CategoryName
- OIM LDAP Sync : Overview and Key Points
- OIM 11g : How to export/import/delete Files from MDS
- Where are OAM details stored in OIM (account unlock, password reset)
- libOVD adapters in OIM LDAP Integration : LDAPsync – view and modify Adapter settings (bindDN and bindPassword)
- Error Starting OIM Design Console (xlclient.sh) on Linux java.lang. NoClassDefFoundError
- OIM 11g Challenge Questions (PCQ) for forgot password
- Oracle EBS Integration with OIM (Identity Manager) : Things you should know
- Users not synced from OID to OIM : Debug Scheduled Job
- OIM Connector for Microsoft : AD, Exchange, Windows, Password Management
- Connector Server for OIM connectors : .NET or JAVA
- OIM 11g Challenge Questions – Everything you must know
- OIM 11g How to add Challenge Questions
- OIM : Assign AD resource : An error occurred because the Adapters are not compiled : How to compile adapters in OIM
- OIM User Creation : An Error occurred while performing create user operation. Unable to get LDAP connection
- OIM – AD integration : Active Directory Group Lookup Recon failed with error Remote Framework Key is invalid
- Microsoft Active Directory (AD) to Oracle Identity Manager (OIM) Password Synchronization: Things you must know : Part I
- Provision resource “Microsoft Exchange” to user in OIM : Status remains in Provisioning : Part I
- Target Resource (or Managed Resource) vs Trusted Source (or Authoritative Source) Mode : OIM integration with applications (AD, OID, OVD, EBS, SAP, HR, LDAP)
- 500 Internal server accessing OIM application : com.bea. security.MicroSM. getInstance oracle.iam. platform. authz.impl
- Your account is locked. You can unlock your account by going to Forgot Password
- OIM 11g : How to find User and Manager details : USR table
- OIM 11g : User Detail/Attribute (Description) not visible in OIM User screen : EBS / OID / OIM integration
- OIM 11g: The add proxy operation for user XXXXX failed with following error oracle. bpel. services. workflow. client. workflowservieclientException javax.xml.ws.WebServiceException could not determine wsdl ports
- Oracle Identity Manager BP07 for 11gR1 PS1 18.104.22.168.7 (16097399) is now available – (Part of Identity Management SUite BP03 16209876)
- OIM 11g : SQL to List User’s Manager
- OIM integrated with OAM (SSO) showing OIM login screen : User Soft Locked
- OIM 11g: Beware if you are applying WebLogic patch !
- Help Me : Microsoft Active Directory Password Sync version and latest patch for Oracle Identity Manager 22.214.171.124
- Upgrade OIM connector for Microsoft Exchange to 126.96.36.199 Part I
- OIM Administrators : Is your OIM database Growing ? Do you purge enough ?
- EBS Integration with OIM : Employee Reconciliation : NumberFormatException: “BUSINESS_GROUP_ID”
- OIM EBS User Management : eBusiness UM Lookup Definition Reconciliation failed with Invalid Schedule Task Parameter