OIM Trusted User Delete Reconciliation Job Deletes Non-System OIM User That Were Not Created By That Resource (Doc ID 2577367.1)

Last updated on JULY 26, 2023

Applies to:

Identity Manager - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Symptoms

The following KM explains in detail how OIM trusted deletion jobs work:

How to Implement Delete Reconciliation in Oracle Identity Manager (Doc ID 565464.1)

The problem is that OIM's Trusted User Delete Reconciliation Job (for any resource) will delete all non-system OIM Users (i.e. users withOUT usr_data_level = 1 or 2) such as:

- OIM Users created manually via the API or UI

- OIM Users created by other trusted recons

As an aside, below are the values which usr_data_level can have. A 'null' value in the USR sql table is equal to a '0'.

0 : Data level that indicates that a row can be updated and/or deleted.
1 : Data level that indicates that a row cannot be updated and/or deleted.
2 : Data level that indicates that a row can be updated but not deleted.
3 : Data level that indicates that a row can be deleted but not updated.

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

OIM Trusted User Delete Reconciliation Job Deletes Non-System OIM User That Were Not Created By That Resource (Doc ID 2577367.1)

Applies to:

Symptoms

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!