6 Known Issues and Workarounds

These are the known issues, workarounds, and FAQs associated with this release of the connector.

• Connector Issues

• Oracle Identity Manager Issues

• Target System Issues

• FAQs

6.1 Connector Issues

The following are issues and workarounds associated with the connector:

• Enabling SSO on Siebel

• Clearing a Non-Mandatory Field

6.1.1 Enabling SSO on Siebel

If single sign-on (SSO) is enabled on Siebel, then the connector operations may fail.

Workaround:

1. Open SIEBEL IT Resource Definition.
2. Update the Trusted Token field name to trustedToken and save it.
3. Ensure that all Siebel IT resources now contain trustedToken parameter rather than "Trusted Token" parameter.
4. Enter a dummy password in the password parameter of Siebel IT resource as it is a mandatory field in the OOTB connector.
5. Run the PurgeCache.bat All or PurgeCache.sh All command.
6. Restart Oracle Identity Manager.

6.1.2 Clearing a Non-Mandatory Field

If you clear a non-mandatory field for a provisioned user, the connector does not clear the value on the target system, but only in the process form in Oracle Identity Manager. In addition, the corresponding task is completed.

Workaround: This issue has been fixed and customers can request for a one-off patch for Bug 16700762 on top of this connector release.

6.2 Oracle Identity Manager Issues

The following are issues and workarounds associated with Oracle Identity Manager:

• Updating Responsibility or Position on the Process Form

• Delete Reconciliation Revokes Accounts from All Siebel Target Systems

6.2.1 Updating Responsibility or Position on the Process Form

In Oracle Identity Manager release 11.1.2 BP04 (11.1.2.0.4), child table (both Responsibility and Position child forms) update does not function correctly. However, add and remove operations function correctly.

This issue has been fixed in Oracle Identity Manager release 11g R2 PS1.

6.2.2 Delete Reconciliation Revokes Accounts from All Siebel Target Systems

If a single OIM User has accounts provisioned in multiple Siebel target systems and if you delete an account from only one target system and run the delete reconciliation scheduled job, it is observed that the user accounts from all the target system are revoked.

For example, suppose you have configured two Siebel IT resources, called Siebel US and Siebel Global, and have provisioned a user "jdoe" to both. If jdoe's Siebel US account is deleted and perform delete reconciliation, it is expected that the status of jdoe's Siebel US account in Oracle Identity Manager is Revoked.However, it is observed that jdoe's account is set to Revoked status for both Siebel US and Siebel Global accounts.

This issue has been fixed in Oracle Identity Manager release 11g R2.

6.3 Target System Issues

The following are issues and workarounds associated with the target system:

• Setting Secondary and Primary Responsibility

• Deleting Position or Responsibility Assigned to a User

• Incremental Reconciliation Might Fail With Siebel Target System Version 20.x

6.3.1 Setting Secondary and Primary Responsibility

During provisioning, if you set a secondary responsibility but do not select a value from the PrimaryResponsibility lookup field, then the secondary responsibility becomes the primary responsibility on the target system.

There is no workaround available for this issue.

6.3.2 Deleting Position or Responsibility Assigned to a User

On the target system, if you delete a position or responsibility assigned to a user, then this change is not fetched into Oracle Identity Manager during the next incremental reconciliation run.

This is because the time stamp of the user record is not updated in response to these events. There is no workaround available for this issue.

6.3.3 Incremental Reconciliation Might Fail With Siebel Target System Version 20.x

If you are using Siebel target system version 20.x, incremental reconciliation may fail with the following error message:

    SEVERE: <com.siebel.om.sisnapi.RequestException>
    <Error><ErrorCode>7667856</ErrorCode> 
    <ErrMsg>Could not find `Business Object named `Get Users Data¿. 
    This object is inactive or nonexistent.(SBL-DAT-00144)</ErrMsg></Error>
    </com.siebel.om.sisnapi.RequestException>
    org.identityconnectors.framework.common.exceptions.ConnectorException:
    <com.siebel.om.sisnapi.RequestException>       

As a workaround, perform the following steps on Web Tools or Siebel Tools in the Siebel target system:

1. Create a Dev Workspace and activate a Business Object.
2. Get User Data and Business Component.
3. Get User Data and submit Dev Workspace for delivery.
4. Deliver Dev Workspace to the Integration branch (Main).

6.4 FAQs

The following is a frequently asked question (FAQ) associated with this connector:

Question: Does this connector support the Lock/Unlock functions?

Answer: No, because the target system does not support the Lock/Unlock.

Question:Does this connector support the Disable/Enable functions?

Answer: Yes, since the target system support the Disable/Enable.