• BAPI interface installation at SAP application side to connect OneIM SAP R/3 connector

    Do we need to install 'SAPRole.zp' transport package as well along with 'SAPRepository.zip','SAPTable.zip' and 'SAPTRANSPORT_70.ZIP' to set up BAPI integration at SAP application side?

    What should be correct sequence if…

  • One Identity Manager Automation - Job Server / One Identity Service

    Hello.  I'm just starting out learning OIM and I've been experimenting with automating the deployment so I can spool up test environments easily.  I've got some as far as automating the workstation deployment (InstallManager-CLI) and creating a…

  • DialogParameters in 8.2 - how does validation works


    I have 2 questions regarding new feature in 8.2 meaning DialogParameters. There are fields for validation scripts - do you have any examples of such scripts? What's the expected output and how can we refer to current value?

    Second thing - how…

  • Database error 515: Cannot insert the value NULL into column 'Queue', table 'OneIMProdDatabase.dbo.JobQueue'; column does not allow nulls. INSERT fails.

    Hi All,

    After migrating from 8.1.1 to 8.1.4 we are facing below error while configuring the job server. Please suggest.

    Error during execution of statement: insert into QBMServerHasDeployTarget (UID_QBMDeployTarget, UID_QBMServer, xdateinserted, xuserinserted…

  • [813020] Component cannot be executed because required parameter 'ConnectionString, ConnectionProvider' are missing.

    Hi All,

    In DEVELOPMENT environment we are not able to see parameters for many of the OOTB processes and seems like none of the OOTB processes are working.

    All process steps are red in color.

    OOTB process steps with script components are missing the values…

  • deferred deletion of ADS containers stalled


    I'm trying to provision a hierarchical structure of OUs to AD. One of the problems I have is that in OIM I've created, at the same hierarchical level, multiple OUs with the same name. This seems to be allowed in OIM, but not allowed in AD; and…

  • In portal, using "pending attestations": When switching from one attestation policy to an other, the displayed attestation cases do not get refreshed

    Hello Experts,

    did anybody came across the issue in the portal where the attestation cases are not getting refreshed when switching attestation policies?

    Step 1: Click on "Pending Attestations"
    Step 2: Click on "Switch policy view"

  • OneIdentity onDemand - Delete custom field from UNSRootB table


    I'm trying to delete a custom column created in the UNSRootB table. I opened the SchemaExtension tool to try to delete the column, but through this tool I'm not able to do this operation. The icon for deletion is disabled. 

    Do you have any…

  • Change AD group (security group) master as AD and not OIM

    Hi All,

    Is it possible to change manage level of an AD group. Instead OIM managing it we want the AD as the master which can modify any changes in a certain AD group. And we don't want OIM making any changes to it. Can this be achieve?

    Thank you!

  • Prevent role request/assignment to sub-identity

    Hi all,

    we want to prevent a role request / assignment to a specific sub-identity.

    Some user do have two different Accounts in AD (therefor one additional sub-identity) and we want to block the role assignment to the sub-identity.

    Initially, we wanted to…

  • Separate creating unique values for multiple objects simultaneously

    Hi. I have a script that creates unique values when adding new object in UNSAccountB. This script is used in process that starts on the Insert event. Process takes UID processed object and send UID to script (process is generated for each single object…

  • Import a set of system roles to assign it to an user

    Hi everyone, 

    I'm new in OIM and I'm working in a group were we're try to make a migration of IAM solution to OIM 8.2.

    One problem we're facing, is import system roles of an user (which are listed in the csv file) and map them to the same user…

  • CPU Addition to SQL Server


    I'm going to add some additional CPU's to my database server and got word I need to run something to get One Identity Manager to recognize it.

    What process steps do I need to take to get v8.1.3 to see the additional CPU's? I also plan to…

  • Possible to customize colors of my statistic?


    Today, I set up a statistic which is nicely visible in the Manager. I used the guide: https://support.oneidentity.com/technical-documents/identity-manager/8.1.2/configuration-guide/33

    I'm showing a pie chart. The pie chart looks good so far, but is…

  • limit access to active users

    Hi Team,

    I have set-up birth right AD group at root location so all users who are on-boarded getting added to that group but while applying the setting AD group was added to all inactive users as well.

    How can we limit this to only active users?

  • Portal Service Item Object Dependent References, active timing?


    Adding new Object Dependent references seem to require almost a whole day or Release compile, to become active in the portal...

    How do we expedite the service item "seeing" the object dependent reference, without needing to wait or manually initiate…

  • WhereClause validation issue when creating Dynamic Role with process step "HandleObjectComponent - Insert"

    Dear all,

    I am currently working on a custom process where I would like to create a new Dynamic Role in a process step.

    Therefore, I added a proccess step of type "HandleObjectComponent - Insert" with the following parameter definitions


  • I am not able to compile the database

    I am not able to compile the database in One Identity Maneger 8.1.4 installation, I am using SQL server 2017 as database.
    I received the following error message:
    "Processing step 'QBM ContentWaitForProcessing (wait for processing initial content)' failed…

  • [OIM 8.2] Oracle database versions supported


    a qiuck question, as I didn't manage to find this information:

    do you know if the Identity Manager 8.2 connector supports the oracle database version 11 ?

    Thanks in advance !

    Best regards,

  • How to reindexing large tables?


    we are preparing the update of our environments to version 8.1.5. In the development environment we have noticed that within the daily maintenance work not all table indexes are
    being rebuilt. A look into the Relase Notes explained us why this…

  • What does XOrigin value -1 mean?


    We still have version 8.0.5 in use.

    We have noticed entries in the SAPUserInSAPRole table with XOrigin value of "-1".

    However, according to the documentation, this value does not exist.

    --> https://support.oneidentity.com/technical-documents…

  • Clicking on Advanced Search in IT-shop takes 15 minutes before simple filter dialog is shown

    In the IT-shop I'm going to Request History. When I click on the link 'Advanced Search' it takes about 15 minutes to show a simple dialog. In the dialog its possible to set search filters. For example the 'Requests submitted by me for others' is a very…

  • Hidden field in the web portal product details

    Hi everyone,

    I've configured the web portal to show the description of an item when you are on the catalogue. I've added the column and inserted the query to get the data from the product but it has a strange behavior, the field is not shown when…

  • Active Directory Group management. Version 8.1.4

    Hi everybody,

    I am trying to configure Identity Manager in order to make some employees able to manage Active Directory Groups. I am using 8.1.4 version.

    If I assign "Active Directory" application role to an employee, he will be able to see all the list…

  • Attestation. Remove Person from Dynamic Business role


    1IM 8.1 SP2. 

    I turned on parameter "QER\Attestation\AutoRemovalScope\RoleMembership\RemoveDynamicRole". But Person not remove from Dynamic role membership in Business role when Attestation deny. If Person have direct assignment to the Business…