Provisioning of EBS HR Person

Hi everyone,

I'm working on a requirement where we need to create HR person records in Oracle EBS. The system setup requires a user account to be linked to an employee in order to access various screens. As part of this process, we need to:

  1. Create the HR person.
  2. Create the user account.
  3. Link both in EBS.

Since direct inserts into the table HR.PER_ALL_PEOPLE_F are not allowed, we are using the predefined package APPS.HR_EMPLOYEE_API. Specifically, the CREATE_EMPLOYEE function is being utilized.

I already followed this discussion (https://connect.oneidentity.com/products/identity-manager/f/forum/1722/is-there-a-reason-why-we-do-not-have-provisioning-of-ebs-crm-hr-oim-out-of-the-box)

The user has been granted permissions to use the package. I have also created a schema extension to define the insert method, and it looks as follows:

<?xml version="1.0" encoding="utf-8"?>
<EBSF12>
<ObjectNames>
<Object SchemaName="ORA-HRPersonTest" ParentSchemaName="" DisplayPattern="%HR.PER_ALL_PEOPLE_F.PERSON_ID%" IsReadOnly="false" UseDistinct="false">
<ObjectKey>
<Key Column="HR.PER_ALL_PEOPLE_F.PERSON_ID" IsDNColumn="true" X500Abbreviation="PE" />
</ObjectKey>
<Tables>
<Table Name="PER_ALL_PEOPLE_F" Schema="HR" APK="" USN="HR.PER_ALL_PEOPLE_F.LAST_UPDATE_DATE" WhereClause="" JoinParentTable="" JoinParentColumn="" JoinChildColumn="">
<PK Column="HR.PER_ALL_PEOPLE_F.PERSON_ID" />
</Table>
</Tables>
<Functions>
<Insert>
<Function Name="APPS.HR_EMPLOYEE_API.CREATE_EMPLOYEE" OrderNumber="1">
<Parameter Name="P_LAST_NAME" PropertyName="HR.PER_ALL_PEOPLE_F.LAST_NAME" PropertyType="VARCHAR" Mandatory="true" />
<Parameter Name="P_EMAIL_ADDRESS" PropertyName="HR.PER_ALL_PEOPLE_F.EMAIL_ADDRESS" PropertyType="VARCHAR" Mandatory="true" />
<Parameter Name="P_FIRST_NAME" PropertyName="HR.PER_ALL_PEOPLE_F.FIRST_NAME" PropertyType="VARCHAR" Mandatory="true" />

....

The schema definition appears to be correct, and the package function is referenced as required.

However, when attempting to browse the connector and perform the insert on the browse windows (click on +), I’m still unable to complete the operation because parameters are still in read-only. It seems like the schema is accepted, but I cannot perform the insert yet.

My questions are:

  1. Is there any additional configuration needed after defining the schema to enable the insert operation through the connector?
  2. Could there be a missing permission or setup step required in the EBS side to allow this integration to work as expected?

I’d appreciate any help or insights on what might be missing or how to proceed further.

Thanks in advance.

Regards,

Elena

  • Hi Elena,

    as long as the schema extension just have a "INSERT" function only, the properties will be declared as "ReadAndInsertOnly" (schema, access constraint). So this should enable the write operation on new objects only. If you want to have the properties editable you should add an "Update" function. Please have a look at schema browser in Synchronization editor tool what property "AccessConstraint" is showing in your case.

    Regards,

      Tino

  • Hi Tino,

    Thank you for your response. After checking the schema browser in the Synchronization editor, I can confirm that all properties are listed as "ReadOnly" instead of "ReadAndInsertOnly," as expected.

    Could this be the cause of the issue preventing the insert operation from working? If so, do you think there's an additional configuration or setting that needs to be addressed to ensure the properties are marked as "ReadAndInsertOnly"?

    Looking forward to your insights.

    Best regards,
    Elena

  • Hi Elena,

    what version of OneIM are you using exactly?

    Regards,

      Tino

  • Hi Tino,

    I'm using OneIM 9.1.
    And now I tried to use the 'APPS' user but I still have the same issue.

    Regards.

  • Hi Elena,

    you should contact One Identity support and open a case. This looks like a bug in schema creation.

    Regards,

       Tino

  • Hi Elena,

    just another idea: please try at parameter definition the "Mandatory" value in upper case notation and add the "Direction" tag having the value "inout" for all parameters the function is returning with a value. Example:

    <Parameter Name="p_applicant_number" PropertyName="HR.PER_ALL_PEOPLE_F.p_applicant_number" PropertyType="CHAR" Mandatory="TRUE" Direction="inout" VariableType="VARCHAR2(64)" />

    Regards,

     Tino

  • Hi Tino,

    some update here:

    I logged in with the APPS user and I'm using the package APPS.HR_EMPLOYEE_API and the CREATE_EMPLOYEE function. The procedure I tested on the database works fine and successfully creates the employee.

    I generated the XML based on the fields specified in the procedure, also adding the "in", "out", or "inout" parameters as you suggested. In the browser, I can see the schema I created (ORA-HRPersonTest), and I can view the editable fields.

    However, when I try to insert after populating the fields the same way I do in the database, I get an error:
    "[1777007] Error committing 1 system objects.
    [2604004] Object not committed or checked (Error object has been correctly committed. The existence check failed because of a missing key feature).

    Do you have any ideas? I’m considering reaching out to support, I think this could be a bug, as the XML looks correct to me.

    Regards,
    Elena


  • Hi Elena,

    nice to read the "ReadOnly" issue has gone. The message you got is thrown after completing an Insert operation. I assume the test "(Error object has been correctly committed. The existence check failed because of a missing key feature)." comes from called ORA function. To find out more detailed where in the  Insert process the message has been generate you should set the log level of One IM to "TRACE" (globallog.config, nlog section, tag "<variable name="logFileLevel" value="Info" />" ). This should generate more trace and Debug messages to find the root cause.

    Regards,

       Tino