Rollback back OIM 11gR2 PS3 sandbox using WLST command

If you need to revert back the wrongly imported sandbox in OIM 11gR2, then follow the below steps.

1. run [OIM_HOME]/common/bin/wlst.sh
2. Run below WLST commands

wls:/offline> connect('weblogic','password','t3://weblogic.host:7001')
wls:/OIMDomain/serverConfig>listMetadataLabels(application='oracle.iam.console.identity.self-service.ear', server='[OIM_MANAGED_SERVER_NAME]')

4. You will get a list of all the published sandboxes label like below

Creation_Imported_08:57:24
PostMerge_IdM_TestApp_form_55_08:52:15
Creation_Imported_08:50:49
Creation_IdM_aaa_02:25:07 
........................
........................
............. so on

5. Identify the sandbox where you want OIM to point.
6. Copy the Label name.
7. Run below WLST command to promote the selected sandbox

wls:/OIMDomain/serverConfig> promoteMetadataLabel (application='oracle.iam.console.identity.self-service.ear',server='OIM_MANAGED_SERVER_NAME', name='Creation_IdM_aaa_02:25:07')

8. Restart the OIM managed servers.

Workflow Policy Showing NullPointerException - OIM 11gR2 PS3

Some time we have seen in OIM 11gR2 PS3 sysadmin console, that Workflow policy showing NullPointerException. You can see all the workflow policies, but if you click on any of them it will show NullPointerException like below.

The server log will display errors like below


oracle.iam.exception.OIMServiceException: Error occurred while evaluating workflow policies. Could not determine if Modify Role operation requires approvals. Corresponding error message is: null.
        at oracle.iam.request.impl.RequestEngine.evaluateWorkflowPolicies(RequestEngine.java:4595)
        at oracle.iam.request.impl.RequestEngine.performAuthzAndRequestOverrideChecks(RequestEngine.java:4566)
        at oracle.iam.request.impl.RequestEngine.doOperation(RequestEngine.java:4523)
        at oracle.iam.impl.OIMServiceImpl.doOperation(OIMServiceImpl.java:43)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
        at oracle.iam.platform.utils.DMSMethodInterceptor.invoke(DMSMethodInterceptor.java:35)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        at com.sun.proxy.$Proxy366.doOperation(Unknown Source)
        at oracle.iam.identity.utils.Utils.invokeUnifiedService(Utils.java:3849)


Solution

1. Export the MDS of OIM
[OIM_HOME]/common/bin/wlst.sh
wls:/offline> connect('weblogic','password','t3://weblogic.host:7001')
wls:/OIMDomain/serverConfig>exportMetadata(application='OIMMetadata', server='[OIM_MANAGED_SERVER_NAME]', toLocation=/tmp/MDS');

2. Go to /tmp/MDS

3. Delete metadata/iam-features-reconciliation/entity-definition/RDBMSChildDataProvider.xml file

4. ZIP the MDS zip -r ../mds.zip . >/dev/null

5. Import the MDS again

wls:/OIMDomain/serverConfig>importMetadata(application='OIMMetadata', server='[OIM_MANAGED_SERVER_NAME]', fromLocation='/tmp/mds.zip');

6. Restart the OIM managed servers.

Adding New Logger for OIM Custom Code

When we write any custom code for scheduler, event handler or for adapter in OIM, if we use System.out.println, all the statements will be printed to the common server log.

Common server log contains all the OIM's operations logs, and if our custom code logs are also merged with this, then it will be very difficult for debug.

The best practice is to create a custom logger for our custom code. It is also applicable for any WebLogic based application.


Steps to Create Custom Logger

1. Go to the [DOMAIN_HOME]/config/fmwconfig/servers/[SERVER_NAME]. In this case the   SERVER_NAME is the oim server name.
2. Open the logging.xml in editor mode.
3. Add the Log Handler and Logger as below

Log Handler

<log_handler name='oim-custom' class='oracle.core.ojdl.logging.ODLHandlerFactory' level='FINEST'>
   <property name='useDefaultAttributes' value='false'/>
   <property name='format' value='ODL-Text'/>
   <property name='path' value='/u01/oracle/log/oim-custom.log'/>
   <property name='maxFileSize' value='10485760'/>
   <property name='maxLogSize' value='52428800'/>
   <property name='useSourceClassAndMethod' value='TRACE:1'/>
  </log_handler>

Logger

<logger name='OIM-CUSTOM' level='FINEST'>
   <handler name='oim-custom'/>
</logger>

4. After edit close the file and restart the OIM managed server.
5. If you have more than 1 OIM servers in a cluster then, perform the same operation for all the servers. Change the [SERVER_NAME].

6. Now you can use the new logger in your java code like below

final Logger logger = Logger.getLogger("OIM-CUSTOM");
logger.info("YOUR LOG MESSAGE");


Note: "OIM-CUSTOM" is your logger name.