My Oracle Support Banner

OIM "Evaluate User Policies" Job Does Not Add Or Remove AD Groups During Role Changes. (Doc ID 2322328.1)

Last updated on FEBRUARY 25, 2019

Applies to:

Identity Manager - Version and later
Information in this document applies to any platform.


OIM version 11g R2 PS2 BP06  -

"Evaluate User Policies" job does not Add or Remove AD/OUD groups during role changes.

Expected behavior is that  accounts needs to be updated with entitlements and also appropriate process tasks for Child form updates should get triggered.

However one don't see "Group membership Insert" or "Group membership Delete" Process tasks added for the User.

 OIM diagnostic log shows the following errors.


2017-10-14T00:19:58.435+00:00] [oim_server1] [ERROR] [] [XELLERATE.DATABASE]
[tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default(self-tuning)'] [userId: oiminternal] [ecid:
27741e1f913cd975:-671ba680:15f17f41dd7:-8000-0000000000000004,0] [APP:oim#] Class/Method: tcDataBase/writeStatement encounter some problems: ORA-02291: integrity constraint (DEV_OIM.FK_UD_ADUSRC_UD_ADUSER)
violated - parent key not found[[java.sql.SQLIntegrityConstraintViolationException: ORA-02291: integrityconstraint (DEV_OIM.FK_UD_ADUSRC_UD_ADUSER) violated - parent key not found

[2017-10-14T00:19:58.454+00:00] [oim_server1] [ERROR] []
[oracle.iam.accesspolicy.impl.handlers.provisioning.util] [tid:
[ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default(self-tuning)'] [userId: oiminternal] [ecid:
27741e1f913cd975:-671ba680:15f17f41dd7:-8000-0000000000000004,0] [APP:oim#] childRecordChangedByPolicyKey:21 accountKey: 14279
childFormName: UD_ADUSRC childRecordPrimaryKeyName: UD_ADUSRC_KEYchildRecordPrimaryKeyValue: 38 action: Modify *** FAILED TO ADD/MODIFY CHILD
RECORD *** with error: DOBJ.UPDATE_FAILED: C: Update failed.
[2017-10-14T00:19:58.454+00:00] [oim_server1] [ERROR] [][oracle.iam.accesspolicy.impl.handlers.provisioning] [tid:
[ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default(self-tuning)'] [userId: oiminternal] [ecid:
27741e1f913cd975:-671ba680:15f17f41dd7:-8000-0000000000000004,0] [APP:oim#] An error occurred while retrieving details of user account(key: 41)
[2017-10-14T00:19:58.455+00:00] [oim_server1] [ERROR] [][oracle.iam.accesspolicy.impl.handlers.provisioning] [tid:[ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default
(self-tuning)'] [userId: oiminternal] [ecid:27741e1f913cd975:-671ba680:15f17f41dd7:-8000-0000000000000004,0] [APP:oim#] processId: 30089 eventId: 31016 operation:
ACCESS_POLICY_BASED_MODIFY entityType: Resource entityId-OIU_KEY: 41 GotError: An error occurred while retrieving details of user account (key: 41)
[2017-10-14T00:19:58.465+00:00] [oim_server1]
[NOTIFICATION] [][oracle.iam.platform.kernel.impl] [tid: [ACTIVE].ExecuteThread: '0' forqueue: 'weblogic.kernel.Default (self-tuning)'] [userId: oiminternal] [ecid:
27741e1f913cd975:-671ba680:15f17f41dd7:-8000-0000000000000004,0] [APP:oim#] Orchestration process moved to failed stage, and thecorresponding error is - {0}[[
oracle.iam.platform.kernel.EventFailedException: An error occurred whileretrieving details of user account (key: 41)at



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.