• Web Designer. How to concatenate text from multiple rows of collection into a single property ShoppingCartItem?


    1IM 8.1.2. 

    I filled custom collection values and I need concatenate text from multiple rows of the collection into a single property ShoppingCartItem.

    For example 

    Custom collection:







  • one identity manager integration with BeyondTrust PAM


    Our client has deployed BeyondTrust PAM.

    We have  implemented One Identity Manager v 8.1.4.

    We want to integrate One identity Manager with Beyond Trust PAM.

    Can anyone suggest the solution?

  • Oracle HR Person Management

    Using the Oracle EBS Module we setup the default Sync Projects. Specifically talking about the Oracle E-Business Suite HR Data sync package - how can we update Oracle HR person records? We would like OneIM to govern our Oracle HR persons. 

    When you try…

  • BULK UPDATE in One Identity of multi valued attribute

    Hi all, Seeking for help! Is there a way to BULK Update a multi valued attribute? For example, there is an additional email addresses attribute in OIM. I want to update them with 1 or more value. And for 100 users. Tried using SQL but it does not work…

  • Fetch Todays System date In Web Designer. By Default.

    Hi Everyone,

    We have a requirement while creating a new contractor manually from the IT shop, Joining Date should be automatically populated as the current date,
    so that users cannot select the previous date, and in the case of leaving date, past dates…

  • System user WebAppService**** and dynamic system user CCC-*****

    Hello dear experts,

    I´m working for a customer and he asked me pretty interessting questions regarding the (dynamic-) system users. He noticed, that there are a few named like WebAppService_**** and CCC-**** created by the One IM system and he wants…

  • Getting error Invalid use of default parameter when we update the account using stored procedure


    We are using version 8.1.3. We have ADO.net connector and written a code to insert/update/delete the user from target system. Insert code is working absolutely fine but sometimes update code throws an error "Invalid use of default parameter". I tried…

  • Custom Approval Procedure for Product Owner gives error when SQL CASE statement is used

    Hi There,

    We have a requirement that, if the product owner is disabled the approval for that product should go to product owner's manager. I have copied the pre-defined approval procedure(OA-Product Owner) and created a new one, in which I am customising…

  • Error deleting Business Roles and Dynamic Roles

    Hello everyone,

    I have a problem deleting business roles and dynamic roles.

    I started deleting dynamic roles but One Identity doesn't give me the possibility (grey icon). Maybe One doesn't appreciate that.

    I also tried deleting business roles…

  • SAPRoles are not getting tagged with ORG

    There are some sap roles(Entitlement's) which are assigned to a System role(Eset), so records in EsetHasEntitlement exists.

    When I assign the system role(Eset) to the business role(Org), records gets inserted in OrgHasEset table, but the Sap roles…

  • 1 user license does not sync properly into AD

    Hi all, I have a sets of user and I added a license on their department all user where to sync properly into AD but among them there is one user who does does not sync into the ad properly when I check the AD it is missing the License. I am currently…

  • INACTIVE account in One identity but still ACTIVE in active directory

    Hi again, I have a problem regarding the deactivating an  Active Directory account. It appears that the account is already INACTIVE in One Identity but still active on ACTIVE DIRECTORY.

  • Attestation Report for Approved Entitlements?

    Hello - We are leveraging OneIM 8.1.3 and currently have an attestation process setup for our ADS Domain administrators.  The managers are able to Approve/Deny the users successfully within the IT Shop Web Portal; however our question is, where can we…

  • How to set up just one CSM connector as Authoritative source?

    Hello all, 

    We have various connectors that use the CSM configuration, some starling connectors (Salesforce and SuccessFactors ECP) and some custom target system connected throguh SCIM. These connectors are not authoritative sources, so the PersonAutoFullSync…

  • How to return a value in ADO.net script


    I am working on version 8.1.3. I am calling stored procedures through ADO.net connector and used the sample template provided in synchronization project to write a script. I am able to create the user in the target but unable to return the UserID…

  • Employee Manager Role for only Active Employees

    Hello Experts,

    I have been trying to figure out a way to assign the Employee Manager role in OneIM to only those who have active persons listed as their direct report.  Currently if a person has an inactive employee listed it still assigns the employee…

  • Silent installation

    HI, I found instruction how to install One Identity Manager from console. What I'm missing is the complete list of modules and their description, the same according to the packages. I've looking on the Knowledge Base but without success.

  • Can the Database Role 'basegroup' be removed after installation?

    We are using OI Manager in Azure SQL Managed Instance. One Security Finding (VA1282) says, that orphan database roles should be removed. The scan identifies the database role 'basegroup' as orphaned.

    The recommendation from Azure is to remove…

  • IdentityManager.PoSh


    I don't see any open topic for IdentityManager.PoSh hence I open this one.

    Can you please show some example how to run a custom event which is having a custom variable in the jobchain's generating condition.

    Basically I have a problem in…

  • Web Portal: Requesting entitlement for a specific account.

    Hi everybody, 

    I'm using One Identity Manager ver. 8.1. 

    I'm trying to manage employees with more than one user Account on the same System (AD domain or SAP Client). I know that when an empoyee requests an entitlement, after approval it is assigned…

  • Exchange user rights


    As we are about to manage Exchange users and all sort of Mailboxes I would like to check how can I get information about different rights users have on the mailbox like:

    • Send on Behalf (this is seen in the system - table EX0MailBoxSendOnBehalfPerm…
  • Convert epoch time in Sync editor


    I would like to get data about Expiry date from AD - parameter msDS-UserPasswordExpiryTimeComputed

    As I checked it is the same forma as AccountExpires parameter.

    Where I do not find solution is how can I create vrt property to transfer this number to…

  • OneIM DB Migration and Restore - Compile DB Error


    We are running OneIM 8.1.3 and are in the process of having to migrate our current production DB to a different server.  We followed the standard guide on how to backup, restore DB, manually replicated the user permissions on new server, etc...and…

  • Access of shared member, constant member, enum member or nested type through an instance


    I'm trying to insert a value on AADUser.OnPremImmutableId and I get this error:

    WARNING: Access of shared member, constant member, enum member or nested type through an instance; qualifying expression will not be evaluated., Script: Tmpl_AADUser_OnPremImmutableId…

  • Employee with 2 account definition - access to IT SHOP

    Good evening to everyone,

    I have a question and I would like to understand if it's possible to do it or not.

    I have multiple employees  with two account definition : ad account and adm ad account,

    I would like to log in IT SHOP with employee credentials…