Skip to Main Content

Security Software

Announcement

For appeals, questions and feedback, please email oracle-forums_moderators_us@oracle.com

OIM User's org change - directly in DB

Peter FelsoApr 11 2023

Hello,
do you know where from (in OIM DB) is taken the info about user organization membership during the provisioning process? I have defined a prepopulate adapter with a source value definition as "Organization Definition -> GenericID" in the OIM Design console and I would like to know from what table in OIM DB is the organization reference used from. Based on my experiments this info is not calculated based on ACT nor ORG_USER_MEMBERSHIPS tables - and this is quite suprising for me.

What have I tried:
Recently I created a user within an organization Org1. I have changed his organization in the OIM database to Org2:

UPDATE USR SET ACT_KEY = <org2ActKey> WHERE USR_KEY = <userKey>;
INSERT into DYN_EVAL_CHANGELOG (ENTITY_ID, RELATION_TYP) VALUES (org1ActKey,'ORG_USER');
INSERT into DYN_EVAL_CHANGELOG (ENTITY_ID, RELATION_TYP) VALUES (org2ActKey,'ORG_USER');
<run job Refresh Organization Memberships>

After this "org change" I have provisioned an account for the user - but the new account was created with GenericID taken from Org1 instead of Org2!

Do you know why OIM behaves this way? What another db table has to be updated in order to force OIM to use the value from Org2?

Peter

Comments
Post Details
Added on Apr 11 2023
0 comments
294 views