Monday, September 10, 2012

OIM 11G R2 Lab 1: Provisioning User to AD

In this lab I am going to how to do User Provisioning to AD.

To create connector and ITResource to AD follow steps provided in below link.

1) Create Organization OU in AD in which you want to create user, Right on base DN and select New -> Object

 2) Select OrgnizationalUnit
 3) Provide Organization Name
 4) To import newly created Organization go to Scheduler
 5) Select Active Directory Organization Lookup Recon and click Run now
 6) Click refresh
 7) Verify if recon is successful
 8) Create Sandbox and Activate it. It is required to create Form.
 9) Create Application Instance.
 10) Provide all Details and click on Create to create Form and click Refresh for selecting form and submit.

11) Publish Sandbox. 

Note: Run Catalog Synchronization Job  in Scheduler for getting Application Instances getting displayed in Catalog

12) Go to Identity Console.

 13) Verify Catalog and see if your Application instance is available or not. Close Catalog tab after view.

 14) Go to User and select Create for creating new user.

15) Provide user Details and click submit.

16) Go to particular user account and click on request accounts.
 17) It will open Catalog window, search Catalog as shown below.
 18) Click Add to Cart.
 19) Click Checkout
 20) Provide required details. First click Ready to Submit followed by Submit.
 21) Following message should be displayed.

This particular user should be created in AD, if not go to Open Tasks in Identity and verify the problem.

Thanks !!! 


  1. hi, 20) why not details ? I can modify the details, then users Provisioning to DB. Otherwise I can't .thanks

  2. Hi,

    I have followed step by step, but when I search on the catalog it doesn't show any available application, can you help me please?

  3. Hi,

    Please run catalog synchronization job in Scheduler job and try..



  4. hi , on the step 20 i am trying to give organizationname before i click ready to submit it is throwing an error

  5. Hi,

    What what the error you are getting??

  6. i have tried almost 10 times but same error, i deleted the whole conecctor default directory and unzip the folder again ...
    i tried alternate directory .. and this is windows server.
    Thanks for your response

  7. HI, very good explaination. I'm having problem at step 7. After running recon it fails and gives following error :
    java.lang.IllegalArgumentException: Class ''ActiveDirectoryConfiguration'' does not have a property ''AccountObjectClasses''.

  8. Hi , I have recently migrated to OIM 11gR2 from R1. However , while trying to search or request for Roles, the catalog returns none.
    Then i realised that i have to run the Catalog Synchronisation job .
    However am unable to find this job under Scheduler jobs? Did this got missed out somehow ?

  9. Akhil,

    You should be able to see them and did you check version and opatch details after upgrade?



Other Posts