Wednesday, February 18, 2015

Useful OIM and SOA Tables for Reporting

Useful OIM and SOA Tables 


TableName
Description




OBI


Stores resource object instance information. OIM Creates a resource instance every time a resource is provisioned. This Instance Stores all generic Information related to that Provisioned Instance, including a request key (if the resource has been provisioned through a request), the corresponding process instance, and the instance status.

OBJ
Represents the Resource Object Data

OIU
User Information of the Resource object instance when provisioning takes place

MIL
Process Task Definitions. Each Entry Corresponds to a Process Task

ORC
Process Instance Information when Provisioning takes place. OIM generates an associated process or workflow instance that stores information to the provisioning instance

OSI
Information about the tasks created for process instance

PKG
Process details information.

SCH
Information about a specific task Instance such as task status, status bucket.

TOS
Stores atomic process Information.

UPD
Stores User Policy Profile Data.

UPP
Stores User Policy Profile-related details.

USG
Defines which users are in which groups and lists priorities for the users in a specific group.

UGP
Defines groups and roles in the system

RUL
Stores rule definitions.

POC
Stores Values for the child tables of the Object/Process form of a resource being provisioned by the access policy.

POF
Policy field table holds the field value pairs that Constitute the definition of a policy

POG
Join table between policy and user groups, specifies the groups to whom an access policy will apply

POL
Policy Table holds a Policy, define an Access Policy in the system

POP
Policy Package join table holds the packages that a particular policy orders for user, defines which resources will be provisioned or denied for a particular access policy

UPA
Main auditing table for the storing all snapshots and changes ,made to user profiles

UPA_FIELDS
Stores user profile audit history changes in denormalized format

UPA_GRP_MEMBERSHIP
Stores groups membership history

UPA_RESOURCE
Stores user profile resource history

UPA_USR
Stores user profile history

Request
To store Request Template related information

REUEST_APPROVALS
Request Approval Instances in a request and their status

REQUEST_BENEFICIARY
Stores the Ids of beneficiary for a given request

REQUEST_BENEFICIARY_ENTITIES
Stores the entities that are part of a beneficiary in a request

OTI
Holds Specific Information such as status or scheduled dates about an instance of a task which are in Pending (Provisioning/Approval Tasks) status buckets.

WF_DEFINITION
To Store SOA Composite Registration Information.

WF_INSTANCE
To store SOA Composite Instances.

WFTASK
Stores human workflow tasks run time metadata like taskid,title,state,user or group assigned, created and updated dates

WFASSIGNEE
Stores tasks Assignee Information

WFMESSAGEATTRIBUTE
Stores task input payload parameters


Wednesday, February 11, 2015

OAM Console Issue after Upgrade

We are seeing following issue in OAM Console, After Upgrade from 11g R2 to 11g R2 PS2.

java.lang.SecurityException: MBean operation access denied. MBean: oracle.oam:type=Config Operation: retrieveMapPropertyArray(java.lang.String) Detail: Access denied. Required roles: Admin, executing subject: principals=[weblogic, OAMSystemAdminGroup]
Error
MBean operation access denied. MBean: oracle.oam:type=Config Operation: retrieveMapPropertyArray(java.lang.String) Detail: Access denied. Required roles: Admin, executing subject: principals=[weblogic, OAMSystemAdminGroup]
Error
Access denied. Required roles: Admin, executing subject: principals=[weblogic, OAMSystemAdminGroup]


Solution:

1. Log in to the WebLogic Administration Server Console
2. In the left pane of the console, click Security Realms.
3. On the Summary of Security Realms page, click myrealm under the Realms table.
4. On the Settings page for myrealm, click the Roles & Policies tab.
5. On the Realm Roles page, expand the Global Roles entry under the Roles table. This brings up the entry for Roles.
6. Click the Roles link to go to the Global Roles page.
7. On the Global Roles page, click the Admin role to go to the Edit Global Role page:
8. On the Edit Global Roles page, under Role Conditions, click Add Conditions.
9. On the Choose a Predicate page, select Group from the predicates list and click Next.
10. On the Edit Arguments Page, specify the admin Group/User specified in OUD store (while setting it to system store in oamconsole) in the Group Argument field and click Add.
11. Click Finish to return to the Edit Global Rule page.
12. The Role Conditions now show the the admin group specified in OUD store Group as an entry.

13. Click Save to finish adding the Admin role to the admin group specified in OUD store Group. 

Other Posts