When Sys Admin tries to login to OIM basically executes tree queries to display the counts for his pending approvals , open tasks etc to avoid this you can do following
From Design console go to System Configuration
search for "XL.WebAdminHome.CounterDisplay.Type"
change values from "DayLimit" to "CheckLink"
if this property is not available in design console then do following.
See Oracle Metalink Doc 741590.1 for all the details, In short do following:
Edit the WEB-INF/classes/xlWebAdmin.properties
and change the webadminhome.message.skipPendingApprovalsOpenTasksCounter to true, and the run the patch_websphere.sh script to build and deploy the new war.
Wednesday, April 22, 2009
AD Date Issue
When you are calling that attribute ADSI is grabbing the value of “accountExpires” and casting the number of 100-nanosecond intervals since Jan 1, 1601 to an understandable datetime.
So far when I look at the “accountExpires” date in Softerra (doing a literal lookup on the date value and converting), or looking in my C# code—I get back the 4/21/2009 4:00:00 AM CST or equivalent 4/20/2009 11:00:00 PM GMT dates.
The really odd thing is that basically ADSI’s internal conversion routine is not following whatever accepted conversions are for .NET or Java.
Here is my C# code:
protected void Page_Load(object sender, EventArgs e)
{
//assume 'user' is DirectoryEntry representing user to check
DateTime expires = DateTime.FromFileTime(GetInt64(@"cn=wertman\, pam,ou=users,ou=cnc,OU=AIT,DC=us,DC=aegon,DC=com", "accountExpires"));
Response.Write(expires);
}
private Int64 GetInt64(string userDN, string attr)
{
DirectoryEntry root = null;
using (root = new DirectoryEntry(
@"LDAP://crdcusdc01.us.aegon.com:389/" + userDN,
username,
password,
bindingAuth
))
{
DirectorySearcher ds = new DirectorySearcher(
root,
String.Format("({0}=*)", attr),
new string[] { attr },
SearchScope.Base
);
SearchResult sr = ds.FindOne();
if (sr != null)
{
if (sr.Properties.Contains(attr))
{
return (Int64)sr.Properties[attr][0];
}
}
return -1;
}
}
C# code is a curtosy of one of my colleagues - Mark Morrison.
So far when I look at the “accountExpires” date in Softerra (doing a literal lookup on the date value and converting), or looking in my C# code—I get back the 4/21/2009 4:00:00 AM CST or equivalent 4/20/2009 11:00:00 PM GMT dates.
The really odd thing is that basically ADSI’s internal conversion routine is not following whatever accepted conversions are for .NET or Java.
Here is my C# code:
protected void Page_Load(object sender, EventArgs e)
{
//assume 'user' is DirectoryEntry representing user to check
DateTime expires = DateTime.FromFileTime(GetInt64(@"cn=wertman\, pam,ou=users,ou=cnc,OU=AIT,DC=us,DC=aegon,DC=com", "accountExpires"));
Response.Write(expires);
}
private Int64 GetInt64(string userDN, string attr)
{
DirectoryEntry root = null;
using (root = new DirectoryEntry(
@"LDAP://crdcusdc01.us.aegon.com:389/" + userDN,
username,
password,
bindingAuth
))
{
DirectorySearcher ds = new DirectorySearcher(
root,
String.Format("({0}=*)", attr),
new string[] { attr },
SearchScope.Base
);
SearchResult sr = ds.FindOne();
if (sr != null)
{
if (sr.Properties.Contains(attr))
{
return (Int64)sr.Properties[attr][0];
}
}
return -1;
}
}
C# code is a curtosy of one of my colleagues - Mark Morrison.
WebSphere JMSManagedQueueSessionFactory in OIM
Actually, this is a known idiot light thrown by IBM:
http://download-west.oracle.com/docs/cd/B32479_01/doc.903/b32458/toc.htm#CHDEIIBG
"3.2.2 Benign Exception Warning Message Appears in WebSphere Log After Installing Release 9.0.3 and Starting the Application Server (Bug 5607996)
After installing Release 9.0.3 on WebSphere 5.1.1.12 and starting the application server, a benign exception warning message appears in the WebSphere log regarding the following:
J2CA0007W: An exception occurred while invoking method setsetMcfPassword on com.ibm.ejs.jms.JMSManagedQueueSessionFactory
This is a known WebSphere exception warning message and can safely be ignored. Refer to IBM's WebSphere Application Server support Web site for more information."
Here is the full mea culpa from IBM:
http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg1PK32670
Best fix is to migrate all servers to WAS 6.1/OIM 9.1 combo.
http://download-west.oracle.com/docs/cd/B32479_01/doc.903/b32458/toc.htm#CHDEIIBG
"3.2.2 Benign Exception Warning Message Appears in WebSphere Log After Installing Release 9.0.3 and Starting the Application Server (Bug 5607996)
After installing Release 9.0.3 on WebSphere 5.1.1.12 and starting the application server, a benign exception warning message appears in the WebSphere log regarding the following:
J2CA0007W: An exception occurred while invoking method setsetMcfPassword on com.ibm.ejs.jms.JMSManagedQueueSessionFactory
This is a known WebSphere exception warning message and can safely be ignored. Refer to IBM's WebSphere Application Server support Web site for more information."
Here is the full mea culpa from IBM:
http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg1PK32670
Best fix is to migrate all servers to WAS 6.1/OIM 9.1 combo.
Remedy
From the Remedy docs : “Because Java handles the deallocation of memory automatically (using garbage collection), another key difference between the C API and the AR System Java API is that when references to an object no longer exist, that object is assumed to no longer be needed, and then the memory occupied by that object is reclaimed. So, freeing allocated memory and shutdown/cleanup of the general structure of a C API program do not have a counterpart in an AR System Java API program. However, in an AR System Java API program, you must use the clear method to release context (user and server) information as well as other methods of the classes you use, and to use the releaseInstance method of the factory object to reclaim memory that has been allocated to a factory object. The underlying resources are not touched by garbage collection. They must be released.”
However, to the relevant point of connectionPooling—I do not see the CLEAR() method EVER called. In your helper methods of disconnect() I do you see you setting context to null; however, what you want is to instead set arServer.Clear() rather than arServer = null.
http://spider.kineticdata.com/arApi63/com/remedy/arsys/api/ARServerUser.html#clear()
However, to the relevant point of connectionPooling—I do not see the CLEAR() method EVER called. In your helper methods of disconnect() I do you see you setting context to null; however, what you want is to instead set arServer.Clear() rather than arServer = null.
http://spider.kineticdata.com/arApi63/com/remedy/arsys/api/ARServerUser.html#clear()
Creating Javadocs using ANT
Here is potentially a very easy way :
http://www.geocities.com/richard_hoefter/eclipse2ant/
http://www.geocities.com/richard_hoefter/eclipse2ant/
Monday, April 20, 2009
Active Directory , userAccountControl Values
When you are writing AD Connectors following values are help a lot, All these values are specific to attribute "userAccountControl"
512 - Enable User Account
514 - Disable User account
544 - Requires user to change password at first logon
66048 - password never expires when the user is enabled
66050 - password never expires when the user is disabled
8388608 - Password is expired
for all detailed values of refer
http://support.microsoft.com/kb/305144
for more information on userAccountControl refer
http://technet.microsoft.com/en-us/library/cc709691.aspx
Convert Date to AD Format(Long)
512 - Enable User Account
514 - Disable User account
544 - Requires user to change password at first logon
66048 - password never expires when the user is enabled
66050 - password never expires when the user is disabled
8388608 - Password is expired
for all detailed values of refer
http://support.microsoft.com/kb/305144
for more information on userAccountControl refer
http://technet.microsoft.com/en-us/library/cc709691.aspx
Convert Date to AD Format(Long)
Subscribe to:
Posts (Atom)