OIM Users Removed From Role After Trust Reconciliation For No Possible Reason (Doc ID 2518620.1)

Last updated on APRIL 28, 2023

Applies to:

Identity Manager - Version 12.2.1.3.180413 and later
Information in this document applies to any platform.

Symptoms

After running a trusted reconciliation, OIM Users are getting removed from roles for which the role membership rule matches the values as seen in the OIM User form (i.e. USR table) both before and after the trusted reconciliation is run.

In the OIM diagnostic log you will see the following entries from the default NOTIFICATION level logging of the oracle.iam.identity.usermgmt.impl.util class which proved roles are being removed from the OIM User:

entitiesToAdd.size() = 0[[EntitiesToAdd = [] ]]

entitiesToRemove.size() = 7[[EntitiesToRemove = [....] ]]

where the ids to be removed above are the Role keys values of the roles as seen in the UGP table. These id's are different for each environment.

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

OIM Users Removed From Role After Trust Reconciliation For No Possible Reason (Doc ID 2518620.1)

Applies to:

Symptoms

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!