Using LDAP Reconciled Groups As Assignees In OIM SOA Workflow, the Approval Tasks Fail

(Doc ID 2407277.1)

Last updated on JUNE 04, 2018

Applies to:

Identity Manager - Version 11.1.2.3.170718 to 11.1.2.3.180331 [Release 11g]
Information in this document applies to any platform.

Symptoms

You have configured LDAP Sync between OID (or some other LDAP) and OIM. You are trying to assign an ApprovalTask to one of these groups, but you find that the task fails at run time. The issue does not occur with groups created in OIM, but only with groups created via LDAP Sync. 

For example, say the entry in the UGP table for your role looks like this:

 

First, let's explain what these are:

At run time, you see errors like the following in the SOA diagnostic log when using the role name returned from invoking getRoleDetails which is UGP_ROLENAME:


The composites referenced in the errors above have been attached for your reference.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms