here is very helpful post from oracle.
ISSUE:
Due to a misconfiguration in trusted reconciliation, a large number of users were created in OIM which were not intended to be created. It is now necessary to delete those users. There are too many for manual deletion to be feasible. Is there an approach that can be used to delete them in a bulk process?
The reconciliation engine in OIM can be configured to do the deletion. It is multithreaded due to its use of J2EE message-driven bean technology. However, since this will be only a one-off deletion, it may not be advisable to be modifying the reconciliation configuration in order to achieve it. Therefore, one instead could consider the following script. But, if this was a common requirement, as opposed to a one-off event, then use of the reconciliation engine would be recommended instead.
The following script can be used to bulk delete users from OIM, by creating a text file listing their login IDs.
Please see Note 801377.1, Note 457649.1, for how to compile & run this program.
The following steps will work however on Linux platform:
For other platforms, please consult those notes for information on how to compile. Please change the paths above as needed. Also, note that authwl.conf is WebLogic. Other appservers need a different file, i.e. OC4J needs authoc4j.conf, WebSphere authws.conf, JBoss auth.conf.
Please save this file as BulkDelete.java:
ISSUE:
Due to a misconfiguration in trusted reconciliation, a large number of users were created in OIM which were not intended to be created. It is now necessary to delete those users. There are too many for manual deletion to be feasible. Is there an approach that can be used to delete them in a bulk process?
Fix
Due to the large number of users to be deleted, it will be necessary to delete them using multiple threads to receive acceptable execution time.The reconciliation engine in OIM can be configured to do the deletion. It is multithreaded due to its use of J2EE message-driven bean technology. However, since this will be only a one-off deletion, it may not be advisable to be modifying the reconciliation configuration in order to achieve it. Therefore, one instead could consider the following script. But, if this was a common requirement, as opposed to a one-off event, then use of the reconciliation engine would be recommended instead.
The following script can be used to bulk delete users from OIM, by creating a text file listing their login IDs.
Please see Note 801377.1, Note 457649.1, for how to compile & run this program.
The following steps will work however on Linux platform:
export XL_HOME=/oim/client/xlclient
export CLASSPATH=$(echo $XL_HOME/{lib,ext}/*.jar . | tr ' ' ':')
javac -cp $CLASSPATH BulkDelete.java
java -cp $CLASSPATH -Dlog4j.configuration=file://$XL_HOME/config/log.properties -Djava.security.auth.login.config=$XL_HOME/config/authwl.conf -DXL.HomeDir=$XL_HOME BulkDeletePlease save this file as BulkDelete.java:
import java.util.*;
import java.io.*;
import com.thortech.xl.util.config.*;
import Thor.API.*;
import Thor.API.Operations.*;
public class BulkDelete extends Thread {
public static void main(String[] args) {
try {
// ***** CONFIGURATION SECTION *****
// Please adjust following as needed in your environment
oimUser = "xelsysadm";
oimPass = "xxx";
usersFile = "users.txt";
howManyThreads = 10;
// ***** END CONFIGURATION SECTION *****
ConfigurationClient.ComplexSetting config =
ConfigurationClient.getComplexSettingByPath("Discovery.CoreServer");
env = config.getAllSettings();
BulkDelete[] bd = new BulkDelete[howManyThreads];
for (int i = 0; i < howManyThreads; i++) {
bd[i] = new BulkDelete(i);
bd[i].start();
}
for (int i = 0; i < howManyThreads; i++)
bd[i].join();
System.exit(0);
}
}
catch (Exception e) {
e.printStackTrace();
System.exit(1);
}
}
private BulkDelete(int tid) {
this.tid = tid;
}
public void run() {
try {
tcUtilityFactory ioUtilityFactory =
new tcUtilityFactory(env,oimUser,oimPass);
tcUserOperationsIntf oUsr =
(tcUserOperationsIntf)ioUtilityFactory
.getUtility("Thor.API.Operations.tcUserOperationsIntf");
Hashtable hSearch = new Hashtable();
FileReader rdrF = new FileReader(usersFile);
BufferedReader rdr = new BufferedReader(rdrF);
int i = 0, entries = 0, notFound = 0, alreadyDeleted = 0,
deletedOK = 0, deletionFailed = 0;
while (true) {
String ln = rdr.readLine();
if (ln == null)
break;
ln = ln.trim();
if (ln.equals(""))
continue;
if (i++ % howManyThreads != tid)
continue;
entries++;
hSearch.put("Users.User ID", ln);
tcResultSet rs = oUsr.findUsers(hSearch);
String pfx = "[thread=" + tid + ",entry=" + i + "] ";
if (rs.getRowCount() == 0) {
System.err.println(pfx + "User not found: " + ln);
notFound++;
}
else if (rs.getStringValue("Users.Status")
.equalsIgnoreCase("Deleted")) {
System.err.println(pfx + "Skipping Deleted status user: " + ln);
alreadyDeleted++;
}
else {
long usrKey = rs.getLongValue("Users.Key");
try {
oUsr.deleteUser(usrKey);
System.err.println(pfx + "Deleted user: " + ln);
deletedOK++;
} catch (Exception e) {
System.err.println(pfx + "Error deleting user: " + ln);
e.printStackTrace();
deletionFailed++;
}
}
}
System.err.println("Thread " + tid + " completed - processed " +
entries + " entries, " + notFound + " not found, " +
alreadyDeleted + " already deleted, " +
deletedOK + " deleted OK, " +
deletionFailed + " deletion failed.");
}
catch (Exception e) {
System.err.println("Thread " + tid + " failing with exception: " + e);
e.printStackTrace();
System.exit(1);
}
}
private static String oimUser, oimPass, usersFile;
private static int howManyThreads;
private int tid;
private static Hashtable env;}
No comments:
Post a Comment