Load users with FlatFileActiveSync adapter
[164 byte] By [G_identitya] at [2007-11-26 14:02:56] 
Hi all: Is this conceptually right?Loading users from .csv file using FlatFlileActiveSync adapter into IDM?Thanks for your help.G
«« display different SWING elements depending on choosen graphical object.
»» Passing mapped value to SAP
»» Passing mapped value to SAP
# 1
Hi,
You can create the Identity Manager user account by processing a CSV file with the necessary information contained within. This is documented in the IdM docs, take a look. You can load directly from the file or process the file using the FlatFileActiveSync RA.
Cheers,
Paul Walker
PaulWalker999a at 2007-7-8 1:45:50 >
# 2
Thanks.
From Alltasks tab, the status says finished and when I looked at the accounts page, I dont see any new accounts that I created in .csv file.
When I modified the firstname and lastname of user and ran active sync process, I got this error 'Action failed because feature 'account.UPDATE' is not supported by resource '
Can you please help me what should I be looking at?
G
G_identitya at 2007-7-8 1:45:50 >
# 3
Take a look at the following page from our documentation , this should help explain the various user data loading techniques http://docs.sun.com/source/819-6123/IDM_admin_data_sync.html
Here's an example of a CSV file contents taken directly from that link above, you should be able to use "Load Users From File"
firstname,middleinitial,lastname,accountId,asciipassword,EmployeeID,Depart ment,Phone
John,Q,Example,E1234,E1234,1234,Operations,555-222-1111
Jane,B,Doe,E1111,E1111,1111,,555-222-4444
HTH
PaulWalker999a at 2007-7-8 1:45:50 >
# 4
This means we cannot schedule to load users directly from a .csv file using FlatFileActiveSync adapter and however, can load users using 1. load from file 2.load from resource 3.bulk load.
From the documentation, it says that reconciliation is the best way to syn the IDM accounts and the external resource.
I loaded users using load from resource, added few more accounts to the .csv file and started reconciliation and the status shows that
"The adapter must support iterating accounts in order to reconcile accounts on resource FFSYNC"
Do you know what could be wrong in my process.
G
G_identitya at 2007-7-8 1:45:50 >
# 5
I'm not sure that reconciliation is the best way to load users directly from a csv file. If you want to schedule a load then the flatfileactivesync resource adapter is probably the best route. You can set a schedule to start the sync process or just keep it running and drop a new file in place of the old one and it will be picked up automatically.
- Paul
PaulWalker999a at 2007-7-8 1:45:50 >
# 6
I did follow this route-scheduling FlatFileSyncAdapter resource to load users. The Active Sync status shows succeded, but I could not find the new user accounts on accounts page.Am I missing anything here?GG_identitya at 2007-7-8 1:45:50 >
# 7
Hi G,
Did you check the status of the Active Sync log file? If you set the log status to level 4 and then take a look at the log file after processing you'll see if there where any errors. Typically folk get stuck with Password and AccountId Policies, either no password was set or the password doesn't comply with the policy in force.
Cheers,
Paul
PaulWalker999a at 2007-7-8 1:45:50 >
# 8
Thank You for the response.
The log file shows everything right. It created all the users according to the workflow, but failed at this point and threw me this error:
com.waveset.util.WSAuthorizationException: Create access denied to Subject Configurator on User:
Can anybody give me some hints about who the subject configurator.
G
G_identitya at 2007-7-8 1:45:50 >
# 9
Check to see that the ProxyAdministrator is valid and is NOT "Configurator", you don't want the TabbedUserForm to be evaluated (which is the default for Configurator), create a user called "proxy admin" and assign this user an "Empty Form", a UserForm with no fields. Then assign this proxyadmin to the activesync policy. Also ensure that waveset.organization you're using in the activeSync form actually exists, this can cause the error.
HTH,
Paul
PaulWalker999a at 2007-7-8 1:45:50 >
# 10
I followed the steps. Used existing flatfile active sync form(existed). I put the entire stack trace below.
2007-01-23T14:42:10.427-0500: result from submit (blank means no errors):
2007-01-23T14:42:10.428-0500: Create access denied to Subject proxyAdmin on User: GANDHIS.
2007-01-23T14:42:10.430-0500: <?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE WavesetResult PUBLIC 'waveset.dtd' 'waveset.dtd'>
<WavesetResult>
<ResultItem type='error' status='error'>
<ResultError throwable='com.waveset.util.WSAuthorizationException'>
<Message id='SES_SUBJECT_ACCESS_DENIED_1'>
<String>Create</String>
<String>proxyAdmin</String>
<String>User</String>
<String>GANDHIS</String>
</Message>
<StackTrace>com.waveset.util.WSAuthorizationException: Create access denied to Subject proxyAdmin on User: GANDHIS.
at com.waveset.util.WavesetException.checkBreakpoint(WavesetException.java:366)
at com.waveset.util.WavesetExcep
tion.<init>(WavesetException.java:85)
at com.waveset.util.WSAuthorizationException.<init>(WSAuthorization
Exception.java:61)
at com.waveset.security.authz.AccessPolicy.throwAuthorizationException(AccessPolic y.java:2993)

;at com.waveset.security.authz.AccessPolicy.throwAuthorizationException(AccessPolic y.java:3004)
at com.waveset.s
erver.AuthCache.checkPermission(AuthCache.java:256)
at com.waveset.server.InternalSession.checkPermission(InternalSes
sion.java:1884)
at com.waveset.object.LighthouseContextWrapper.checkPermission(LighthouseContextWr apper.java:235)

;at com.waveset.view.AbstractViewHandler.checkAuthorization(AbstractViewHandler.jav a:364)
at com.waveset.view.Us
erViewer.checkinView(UserViewer.java:1063)
at com.waveset.object.ViewMaster.checkinView(ViewMaster.java:722)
	
;at com.waveset.sync.IAPIUserImpl.submitCreate(IAPIUserImpl.java:559)
at com.waveset.sync.IAPIUserImpl.submit(IAPIUse
rImpl.java:657)
at com.waveset.adapter.FlatFileActiveSyncAdapter.processLine(FlatFileActiveSyncAda pter.java:381)
at com.waveset.adapter.FlatFileActiveSyncAdapter.processFlatFile(FlatFileActiveSyn cAdapter.java:327)
at com.wave
set.adapter.FlatFileActiveSyncAdapter.poll(FlatFileActiveSyncAdapter.java:285)
at com.waveset.adapter.SARunner.doReal
Work(SARunner.java:268)
at com.waveset.task.Executor.execute(Executor.java:159)
at com.waveset.task.TaskThre
ad.run(TaskThread.java:119)
</StackTrace>
</ResultError>
</ResultItem>
</WavesetResult>
Just got lost in this error.
There is also a Custom TabbedUser create user workflow. Should I be using this as my process rule? for this active sync load.
G
G_identitya at 2007-7-8 1:45:50 >
Web & Directory Servers New Topic
Web & Directory Servers Hot Topic
- AMStoreConnection does not find some classes. Please help!!!
- Correlation rule to match accountID of IDM with EmployeeID of AD
- Problem configuring Sun ASP with oracle client
- SQL Server ODBC errors
- cannot reach the /portal page
- URGENT - ACTIVESYNC - Create access denied to Subject XYZ
- SNMP subagent start at machine startup
- SJSWS 7.x Official Release Date?
Web & Directory Servers
All Classified
- Archived Forums
- Enterprise & Remote Computing
- Java Essentials
- Desktop
- Core
- Solaris Operating System
- Security
- Database Connectivity
- Java Mobility Forums
- Web & Directory Servers
- Development Tools
- Application & Integration Servers
- Java HotSpot Virtual Machine
- Other Topics
- E-Mail, Calendar, & Collaboration
- Developer Tools
- General
- Administration Tools
- Sun Hardware
- Storage Forums
- Java Enterprise System
- StarOffice
- Open Source Technologies
- BigAdmin
- Real-Time
- Java Coding