My Oracle Support Banner

Certificate Definitions For User And Entitlements Not Generating Certificates (Doc ID 2641611.1)

Last updated on JULY 21, 2020

Applies to:

Identity Manager - Version 11.1.2.2.9 and later
Information in this document applies to any platform.

Goal

Some of User and Entitlements Certification related schedule jobs are not generating certificates. The Certificate Definitions that have Roles defined (And are Disconnected Applications) are creating Certifications but the ones that have User and Entitlements (and are Connected Applications) are not generating the certificates.
NOTE: recently  the BP09 patch was applied and after this this issue started happening

Following error is being thrown in the logs:

-------------------------------------------------------------

<Feb 19, 2020 2:22:13 PM CST> <Error> <oracle.iam.oimdataproviders.impl> <BEA-000000> <oracle.iam.oimdataproviders.impl.OIMRoleDataProvider>
<Feb 19, 2020 2:22:13 PM CST> <Warning> <oracle.iam.certification.impl.support> <BEA-000000> <role :ALL USERS is not certifiable or does not appear in the catalog, wont be included in certification>
<Feb 19, 2020 2:22:13 PM CST> <Warning> <oracle.iam.certification.impl.support> <BEA-000000> <role :ALL USERS is not certifiable or does not appear in the catalog, wont be included in certification>
<Feb 19, 2020 2:22:13 PM CST> <Warning> <oracle.iam.certification.impl.support> <BEA-000000> <role :<role_1> is not certifiable or does not appear in the catalog, wont be included in certification>
<Feb 19, 2020 2:22:13 PM CST> <Warning> <oracle.iam.certification.impl.support> <BEA-000000> <role :<role_1> is not certifiable or does not appear in the catalog, wont be included in certification>
<Feb 19, 2020 2:22:13 PM CST> <Warning> <oracle.iam.scheduler.vo> <BEA-000000> <IAM-1020021 Unable to execute job : <Certifcate_Name> Certification for ... with Job History Id:670393
java.lang.Exception: User certification creation succeeded but with the following errors:
User certification <Certifiaction Name> not created: No users to certify.
at oracle.iam.certification.scheduledtasks.CertificationCreationTask.createUserCertifications(CertificationCreationTask.java:387)
at oracle.iam.certification.scheduledtasks.CertificationCreationTask.execute(CertificationCreationTask.java:161)
at oracle.iam.scheduler.vo.TaskSupport.invokeExecute(TaskSupport.java:270)
at oracle.iam.scheduler.vo.TaskSupport.access$000(TaskSupport.java:46)
at oracle.iam.scheduler.vo.TaskSupport$1.processWithoutResult(TaskSupport.java:221)
at oracle.iam.platform.tx.OIMTransactionCallbackWithoutResult.process(OIMTransactionCallbackWithoutResult.java:9)
at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:13)
at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:6)
at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:128)
at oracle.iam.platform.tx.OIMTransactionManager.execute(OIMTransactionManager.java:22)
at oracle.iam.scheduler.vo.TaskSupport.executeJob(TaskSupport.java:201)
at sun.reflect.GeneratedMethodAccessor5699.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at oracle.iam.scheduler.impl.quartz.QuartzJob$TaskExecutionAction.run(QuartzJob.java:285)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:266)
at oracle.security.jps.internal.jaas.AccActionExecutor.execute(AccActionExecutor.java:65)
at oracle.security.jps.internal.jaas.AbstractSubjectSecurity$ActionExecutorWrapper.execute(AbstractSubjectSecurity.java:228)
at oracle.security.jps.internal.jaas.CascadeActionExecutor$SubjectPrivilegedAction.run(CascadeActionExecutor.java:68)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.security.Security.runAs(Security.java:41)
at oracle.security.jps.wls.jaas.WlsActionExecutor.execute(WlsActionExecutor.java:47)
at oracle.security.jps.internal.jaas.CascadeActionExecutor.execute(CascadeActionExecutor.java:50)
at oracle.security.jps.internal.jaas.AbstractSubjectSecurity$ActionExecutorWrapper.execute(AbstractSubjectSecurity.java:228)
at Thor.API.Security.LoginHandler.AssertionLoginSession.runAs(AssertionLoginSession.java:93)
at oracle.iam.scheduler.impl.quartz.QuartzJob.execute(QuartzJob.java:85)
at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:529)
-----------------------------------------------------------------------------------------------------------------------------------------------------------

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.