EventFailedException: Trusted Recon Events Fail in Post Processing in a LDAPSync Environment using excludeEntityFilter (Doc ID 2177183.1)

Last updated on MAY 18, 2017

Applies to:

Identity Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Symptoms

A OIM connector such as DBAT connector is configured for trusted reconciliation in OIM with LDAP sync.

User created under the organization from this Recon is not part of LDAP sync by using the excludeEntityFilter option of LDAP sync. LDAP sync had some password encryption issue for which Patch for <Bug 22675042> was applied but after patching the following error is occurring while running Trusted recon Job:

[oim_server1] [NOTIFICATION] [] [oracle.iam.platform.kernel.impl] [tid: [ACTIVE].ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid:...] [APP: oim#11.1.2.0.0] Kernel Information: Invoked OIMEvent.execute() for ProcessId= Id 1896546 name b799e051-814f-4eb2-8f70-a3af447feaf3 handlerId Id 11 name UserSyncPasswordLDAPHandler operation CREATE class oracle.iam.ldapsync.impl.eventhandlers.user.UserSyncPasswordLDAPHandler sync true status NOTSTARTED stage POSTPROCESS
[2016-06-23T03:22:47.735-07:00] [oim_server1] [ERROR] [] [oracle.iam.platform.kernel.impl] [tid: [ACTIVE].ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid: ...] [APP: oim#11.1.2.0.0] Kernel Information: {0}[[
oracle.iam.platform.kernel.EventFailedException: IAM-3010003:Failed to execute the handler.:
at oracle.iam.ldapsync.impl.util.LDAPSyncUtil.createEventFailedException(LDAPSyncUtil.java:1411)
at oracle.iam.ldapsync.impl.util.LDAPSyncUtil.createEventFailedException(LDAPSyncUtil.java:1422)
at oracle.iam.ldapsync.impl.eventhandlers.user.UserSyncPasswordLDAPHandler.execute(UserSyncPasswordLDAPHandler.java:109)
at oracle.iam.platform.kernel.impl.OIMEvent.executeHandlers(OIMEvent.java:222)
at oracle.iam.platform.kernel.impl.MonitoredOIMEvent.invokeExecuteHandler(MonitoredOIMEvent.java:99)
at oracle.iam.platform.kernel.im

 

STEPS TO REPRODUCE
----------------------------------------
1. Set up a DBAT recon task to create users in OIM under organization "A" which finally ends up provisioning to Active Directory.
2. Set up ldapsync where users created in OIM in organization "B" are synced to OUD, hence excluding users created in Org "A".
3. Enable Ldapsync with the exclude entity filter
4. Run the DBAT trusted recon tasks set up in step 1.

Expected results:
Users created in Org "B" should sync successfully to OUD.
Users should be created through Trusted recon in Org "A" in OIM.

Actual Results

User created in Org "B" is created successfully at OIM and is synced successfully to OUD.
User creation through Trusted recon fails at OIM at postprocess UserSyncPasswordLDAPHandler

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms