Joining Policy Store While Upgrading from Oracle Entitlement Server 11.1.1.5.0 to Oracle Entitlement Server 11.1.2 by Invoking configureSecurityStore.py Script Fails

The -m join parameter option fails while running the configureSecurityStore.py script in an upgrade from 11.1.1.5.0 to 11.1.2 environment, with the following error:

./wlst.sh /scratch/zlixin/PS1_R2/Oracle_IDM1/common/tools/configureSecurityStore.py -d /scratch/zlixin/PS1_R2/user_projects/domains/oesrc3_domain -t DB_ORACLE -j cn=jpsroot -f oes_domain -m join -p -s opss-DBDS -k /tmp/key -w
persist to output:
/scratch/zlixin/PS1_R2/user_projects/domains/oesrc3_domain/config/fmwconfig – done
Error: Failed to join security store, unable to locate diagnostics data.
Error: Join operation has failed.
The workaround for this issue is as follows:

Invoke configureSecurityStore.py script with -m join parameter.

Invoke configureSecurityStore.py script with -m validate_fix parameter.

Invoke configureSecurityStore.py script with -m join parameter.

3.1.1.21 Provision And Target Reconciliation in Oracle Identity Manager 11.1.2 Fails After Upgrading Microsoft Active Directory User Management Connector 9.x to Microsoft Active Directory User Management Connector 11.1.1.5.0

In Oracle Identity Manager 11.1.2 server, if you upgrade Oracle Identity Manager connector of Microsoft Active Directory User Management from 9.x to 11.1.1.5.0, provision and target reconciliation fails.

Provisioning failed with Cannot deactivate transaction synchronization – not active.

After upgrading Active Directory User Management Connector 9.1.1.5 to Active Directory User Management Connector 11.1.1.5.0, the column length of the field UD_ADUSER_OBJECTGUID is 45 in design console, but in the Oracle Identity Manager database, the column length is 32.

The workaround for this issue is as follows:

Modify column of UD_ADUSER_OBJECTGUID length to 45 in the database table UD_ADUSER.

Target Reconciliation fails to link user between Oracle Identity Manager server and Active Directory server.

After upgrading Active Directory User Management Connector 9.1.1.5 to Active Directory User Management Connector 11.1.1.5.0, the data in column tos.tos_instance_src_field is corrupted. It has a value null.UD_ADUSER.UD_ADUSER_UID which should be UD_ADUSER.UD_ADUSER_UID.

There is no workaround for this issue.

Leave a Reply

Your email address will not be published. Required fields are marked *