• We can not login to Api Server with active directory


    We can login Api Server with an identity , on the other hands we have been trying to login Api Server with acitve directory , but we couldn't. We have an active directory releated identity. We don't think that there is a problem fot active directory…

  • How to do version upgrade from 8.2 to 9.1?

    Hi Team,

    As part of our upgrade activity, we are planning to migrate One Identity from version 8.2 to 9.1 very soon.

    I was looking for any resource available which outlines the steps for performing the One Identity version upgrade activity.

    Any documental…

  • AAD Sync Project - Error on starting Initial Sync

    Hello everyone!

    I am using OIM v9.0 LTS. I transported a working Azure AD Project and adapted the connection variables according to the new environment. Browsing into the Targetsystem is possible so I assume that Application ID, Domain and Key are correct…

  • ADS_ADSDomain_Maintain_OtherSID frozen "Write permission denied for value Canonical Name"

    Hi all,

    We installed an OIM environment with multiple AD-Domains.

    three of these Domains are connected using an AppServer for SQL Connection and one is configured to connect to the Database directly.

    The sync with the "local" domain (direct Database…

  • SFtpComponent - Put

    Hello Experts,

    I'm trying to get a process orchestration in place to SFTP a file. I'm having issues and don't see much on documentation.

    When I ssh to the SFTP server I get the fingerprint and use that for the config parameter. Although when…

  • Oracle Database Connector error


    I'm using OneIdentity Manager version 9.1. I'm trying to connect an Oracle Database Enterprise Edition but I get this error:

    "[Oracle.ManagedDataAccess.Client.OracleException] ORA-01017: invalid username/password; logon denied…

  • Webportal login with 2FA


    Has someone set up one identity web portal login with 2FA? Please give me some sources to set this up. Thank you.

  • how to show maintenance mode message in web portal

    Hi Team,

    I have planned a scheduled change in One Identity Manger v.8.2 and I want to display a maintenance window message in the web portal to users if anyone tries to use web portal during the change window. 

    Trying to display only a blank page with…

  • Unable to update person(Employee) data after modifying LDAP user account

    I am unable to update person data after modifying LDAP user account. 


    I have configured LDAP connector on my local virtual machine, installed version is 8.2.  I am able to create and link the LDAP user account to Employee record, but after creation…

  • How: Allow a manager to create identities just for their department

    The default configuration allows for employees to be created without restricting the department, but by security reasons we need that the web portal allows each department manager to create new identities only for his department and not for other departments…

  • Change language context for executetemplates

    Hi together,

    I have a script wich creates a personwantsorg object with all its attributes, this is all fine. There is an attribute which is called "DisplayObjectKeyAssignment" this one references the connected objects of the order request. Those connected…

  • SAP - Write permission denied for value "Role"


    we are testing a change of the SAP CUA to a new client. Thereby the following error still occurs in the log of the sync in the step "userinCUARole" with the new CUA:

    [810025] SAP user accounts: assignments to role: Write permission denied…

  • Manual Enable Override not working.

    Per Design, Account remains active for 10 days unless Source System or HR System passes a new contract end date before the 10 days but right after the sync, the account turns back being disabled.

    Can someone help how to fix this issue? Thanks in advance…

  • Create Trigger to record changes - Incorrect syntax


    we are testing with version 9.1.1 to plan the update next year. We are now facing the following problem.

    In the DBQueue remains the DBQueueTask "Create Trigger to record changes" (UID_Task=QBM-K-CommonMakeWatchtrigger) with BaseTree as…

  • Prevent process form work on subidentities of ONEIM system user

    I am new to One Identity Manager and I got  a task to prevent a specific process from being run on subidentities of ONEIM system user , but I am not sure how to identify users as ONEIM system users? can you help me with that also if you can suggest me…

  • CSV export in a custom process


    I want to create a custom process based on a daily schedule. This process is based on a SQL Query, i want the results of the SQL Query exported in a CSV file and then send by mail. 

    My question is : should i creat a script that generate a CSV file…

  • Session Expired error with new Angular Web Portal via Load Balancer

    Hello, we are experiencing some issues with the new Angular Web Portal. We are testing the load balancer configuration with sticky session based on the persistency of the cookie ss-pid. When we try to connect to the Web Portal (/ApiServer/html/qer-app…

  • How to create ADSContainers and invalid characters when sending emails

    I would appreciate your help with:
    1. Is there a way to create a container based on Department for a specific domain and assign a user? I tried using Synchronization Editor but only what it removed existing containers
    2. When creating a user, a mail…

  • SMTP email configuration with O365 via Modern/OAuth Authentication

    Hello All,

    We are trying to use O365 SMTP for mail notification in One IM 9.1.1. When setting up O365 smtp configuration it fails with error "Basic Authentication is not enabled"

    : "Authentication Unsucessful, Basic Authentication is disabled…

  • How to replace the default ITShop Requests report for a customized one?

    We are trying to make a quatitative reports of how many requests were approved by department?

  • Can't process out parameter in process steps

    Hi all,

    I have created a process with some "PowershellComponentNet4 - ExecuteScript" components, in the version 9.1 of the product.
    One of these steps, returns 2 informations that I have concatenated for passing it to the next steps. For e.g…

  • Setting up web server that is running on AKS - oneidentity/oneim-web


    I set up servers on ACR and AKS

    When I try to login to web server with the viadmin or user that I created during the DB initialization, I get error wrong password or user. When I try to create a new one from the portal I get:

    An error occurred…
  • New Identity approval

    Hi everyone!

    I am working on creating identities through the Manager/Admin Web portal Identity manager account Responsibilities>My Responsibilities>Identities>Add a new Identity (customized the VI_Employee_edit to CCC_Employee_edit as per requirement…

  • Processing step 'QER ContentInitial (fill initial content for insert)' failed. 6 - DataFile command failed. The database connection was broken. Object reference not set to an instance of an object.


    I am installing one identity manager 9.0 LTS version when I get to schema creation I get the following error.

    Processing step 'QER ContentInitial (fill initial content for insert)' failed.
    6 - DataFile command failed.
    The database connection was…

  • Multiple password policies for same object (ADSAccount)

    Is there a way to apply multiple password policies to the same object, for example, ADSAccount?  Customer wants to implement different password policies for different types of AD accounts defined via group membership.