 | Please look at following instructions in the guide to how to export oim metadata: https://docs.oracle.com/cd/E40329_01/admin.1112/e27149/emcon.htm#OMADM4229 ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- 22.2 Exporting and Importing Configuration Files To export or import configuration files: When the administrative server and at least one Oracle Identity Manager managed server is running, login to Oracle Enterprise Manager Fusion Middleware Control by using the URL in the following format: http://ADMINSTRATION_SERVER:PORT/em Navigate to Identity and Access, oim. Right-click and navigate to System MBean Browser. Under Application Defined MBeans, navigate to oracle.mds.lcm, Server:oim_server1, Application:OIMMetadata, MDSAppRuntime. To export the configuration files: Click the Operations tab, and then click exportMetaData. In the toLocation field, enter enter /tmp or the name of another directory (ensure /tmp is empty if using it) Select createSubDir as false. In the docs field, here don't provide any value Also select false for excludeAllCust, excludeBaseDocs, and excludeExtendedMetadata. Then, click Invoke. This exports the file specified in the docs field to the directory specified in the toLocation field. Note: if you want to import to specific place you have to mention complete path at docs for example if you want to import EventHandler.xml under /db you have to create create folder name db and put the file there and at docs put /db/EventHandler.xml fromLocation /tmp/shahbaz docs /db/EventHandler.xml (make sure EventHandler.xml is under /db folder) |
Wednesday, March 23, 2016
export metadata using em console
Tuesday, March 22, 2016
exporting and importing metadata from oim using exportMetadata command
this example i am exporting all whole metadata to a directory /tmp/shahbaz/reexpor
here is the commands
cd to $OIM_HOME/commom/bin
[oracle@orasystems bin]$ ./wlst.sh
connect()
exportMetadata(application='OIMMetadata',server='oim_server2',toLocation='/tmp/shahbaz/reexpor')
below command i am only importing one file EventHandlers.xml
importMetadata(application='OIMMetadata',server='oim_server2',fromLocation='/tmp/shahbaz/expor',docs="/db/EventHandlers.xml")
disconnect()
exit()
oim 11g exporting metadata using command line exportMetadata
oracle documentation about exporting meta data
- In order to perform MDS opertations, log on to the OIM Server Host with the account used to install and run the WebLogic Server.
- Set you environment variables for the OIM domain by running the appropriate setDomainEnv script found in the <Middlewarhome>/user_projects/domains/<domain name>/bin folder.
- Create a temporary directory that will be used to store the resulting xml files from the database.
- Verify that the app server is up and running.
- Ensure that you know the weblogic admin username and the URL to the Admin Server.
Performing the Export
- In the command shell / console window, go to the OIM_ORACLE_HOME/common/bin directory.
- Execute the wlst.sh command and issue the connect() command.
- Provide the weblogic admin username and password and the URL to the Admin Server.
- Execute the exportMetadata command providing at least the following arguments:
application, server and toLocation
Be sure to pass the argument data in single quotes, like: server='oim_server1' - You should see a list of the files exported, at that point you can issue the disconnect() command followed by the exit() command.
Friday, March 18, 2016
LsInventorySession failed: OracleHomeInventory gets null oracleHomeInfo
opatch lsinventory
Oracle Interim Patch Installer version 11.1.0.9.9
Copyright (c) 2012, Oracle Corporation. All rights reserved.
List of Homes on this system:
Inventory load failed... OPatch cannot load inventory for the given Oracle Home.
Possible causes are:
Oracle Home dir. path does not exist in Central Inventory
Oracle Home is a symbolic link
Oracle Home inventory is corrupted
LsInventorySession failed: OracleHomeInventory gets null oracleHomeInfo
OPatch failed with error code 73
Solution:
i was missing following files under /home/oracle/oraInventory after copying these files. OPATCH worked for me.
ContentsXML
createCentralInventory.sh
oui
Thursday, March 3, 2016
OIM How To Bulk Delete Large Number Of Users Created By Accident
here is very helpful post from oracle.
ISSUE:
Due to a misconfiguration in trusted reconciliation, a large number of users were created in OIM which were not intended to be created. It is now necessary to delete those users. There are too many for manual deletion to be feasible. Is there an approach that can be used to delete them in a bulk process?
The reconciliation engine in OIM can be configured to do the deletion. It is multithreaded due to its use of J2EE message-driven bean technology. However, since this will be only a one-off deletion, it may not be advisable to be modifying the reconciliation configuration in order to achieve it. Therefore, one instead could consider the following script. But, if this was a common requirement, as opposed to a one-off event, then use of the reconciliation engine would be recommended instead.
The following script can be used to bulk delete users from OIM, by creating a text file listing their login IDs.
Please see Note 801377.1, Note 457649.1, for how to compile & run this program.
The following steps will work however on Linux platform:
For other platforms, please consult those notes for information on how to compile. Please change the paths above as needed. Also, note that authwl.conf is WebLogic. Other appservers need a different file, i.e. OC4J needs authoc4j.conf, WebSphere authws.conf, JBoss auth.conf.
Please save this file as BulkDelete.java:
ISSUE:
Due to a misconfiguration in trusted reconciliation, a large number of users were created in OIM which were not intended to be created. It is now necessary to delete those users. There are too many for manual deletion to be feasible. Is there an approach that can be used to delete them in a bulk process?
Fix
Due to the large number of users to be deleted, it will be necessary to delete them using multiple threads to receive acceptable execution time.The reconciliation engine in OIM can be configured to do the deletion. It is multithreaded due to its use of J2EE message-driven bean technology. However, since this will be only a one-off deletion, it may not be advisable to be modifying the reconciliation configuration in order to achieve it. Therefore, one instead could consider the following script. But, if this was a common requirement, as opposed to a one-off event, then use of the reconciliation engine would be recommended instead.
The following script can be used to bulk delete users from OIM, by creating a text file listing their login IDs.
Please see Note 801377.1, Note 457649.1, for how to compile & run this program.
The following steps will work however on Linux platform:
export XL_HOME=/oim/client/xlclient
export CLASSPATH=$(echo $XL_HOME/{lib,ext}/*.jar . | tr ' ' ':')
javac -cp $CLASSPATH BulkDelete.java
java -cp $CLASSPATH -Dlog4j.configuration=file://$XL_HOME/config/log.properties -Djava.security.auth.login.config=$XL_HOME/config/authwl.conf -DXL.HomeDir=$XL_HOME BulkDeletePlease save this file as BulkDelete.java:
import java.util.*;
import java.io.*;
import com.thortech.xl.util.config.*;
import Thor.API.*;
import Thor.API.Operations.*;
public class BulkDelete extends Thread {
public static void main(String[] args) {
try {
// ***** CONFIGURATION SECTION *****
// Please adjust following as needed in your environment
oimUser = "xelsysadm";
oimPass = "xxx";
usersFile = "users.txt";
howManyThreads = 10;
// ***** END CONFIGURATION SECTION *****
ConfigurationClient.ComplexSetting config =
ConfigurationClient.getComplexSettingByPath("Discovery.CoreServer");
env = config.getAllSettings();
BulkDelete[] bd = new BulkDelete[howManyThreads];
for (int i = 0; i < howManyThreads; i++) {
bd[i] = new BulkDelete(i);
bd[i].start();
}
for (int i = 0; i < howManyThreads; i++)
bd[i].join();
System.exit(0);
}
}
catch (Exception e) {
e.printStackTrace();
System.exit(1);
}
}
private BulkDelete(int tid) {
this.tid = tid;
}
public void run() {
try {
tcUtilityFactory ioUtilityFactory =
new tcUtilityFactory(env,oimUser,oimPass);
tcUserOperationsIntf oUsr =
(tcUserOperationsIntf)ioUtilityFactory
.getUtility("Thor.API.Operations.tcUserOperationsIntf");
Hashtable hSearch = new Hashtable();
FileReader rdrF = new FileReader(usersFile);
BufferedReader rdr = new BufferedReader(rdrF);
int i = 0, entries = 0, notFound = 0, alreadyDeleted = 0,
deletedOK = 0, deletionFailed = 0;
while (true) {
String ln = rdr.readLine();
if (ln == null)
break;
ln = ln.trim();
if (ln.equals(""))
continue;
if (i++ % howManyThreads != tid)
continue;
entries++;
hSearch.put("Users.User ID", ln);
tcResultSet rs = oUsr.findUsers(hSearch);
String pfx = "[thread=" + tid + ",entry=" + i + "] ";
if (rs.getRowCount() == 0) {
System.err.println(pfx + "User not found: " + ln);
notFound++;
}
else if (rs.getStringValue("Users.Status")
.equalsIgnoreCase("Deleted")) {
System.err.println(pfx + "Skipping Deleted status user: " + ln);
alreadyDeleted++;
}
else {
long usrKey = rs.getLongValue("Users.Key");
try {
oUsr.deleteUser(usrKey);
System.err.println(pfx + "Deleted user: " + ln);
deletedOK++;
} catch (Exception e) {
System.err.println(pfx + "Error deleting user: " + ln);
e.printStackTrace();
deletionFailed++;
}
}
}
System.err.println("Thread " + tid + " completed - processed " +
entries + " entries, " + notFound + " not found, " +
alreadyDeleted + " already deleted, " +
deletedOK + " deleted OK, " +
deletionFailed + " deletion failed.");
}
catch (Exception e) {
System.err.println("Thread " + tid + " failing with exception: " + e);
e.printStackTrace();
System.exit(1);
}
}
private static String oimUser, oimPass, usersFile;
private static int howManyThreads;
private int tid;
private static Hashtable env;}
OIM property XL.UserIDReuse to true in order to reuse USERID
in order to reuse the USERID we need to set XL.UserIDReuse property to true at
Definition:
Determines whether a deleted user account can be reused. To reuse a deleted user account, assign this property a value of TRUE and drop the unique index for the USR_LOGIN column in the USR table and create a nonunique index. To prevent a user account from being reused, assign this property a value of FALSE.
Note: It is imperative to de-provision all accounts associated with a deleted user, because if you create a new user with the same user name as that of the deleted user by setting the
Definition:
Determines whether a deleted user account can be reused. To reuse a deleted user account, assign this property a value of TRUE and drop the unique index for the USR_LOGIN column in the USR table and create a nonunique index. To prevent a user account from being reused, assign this property a value of FALSE.
Note: It is imperative to de-provision all accounts associated with a deleted user, because if you create a new user with the same user name as that of the deleted user by setting the
XL.UserIDReuse property to true,
then the new user might get access to offline accounts of the deleted
user that was not deleted as part of the de-provisioning process.
Subscribe to:
Posts (Atom)