• SCIM: The request contains invalid parameters or values


    I am trying to connect to a Target System using oAuth authentication method via SCIM. We are using the version 9.0 LTS.

    We populate all the correct values and when we try to test the connection we get the below error message:

    Error returned:…

  • Caches management of Angular Web Portal

    Hello everyone,

    We are making a custom app for one of our solution from the Angular codebase v92. We are building using npm run build. But we see there is a caches that is not getting cleared when we have deployed the custom app. Can anyone of you please…

  • web service

    "Hello, we want to pull individuals from our service desk platform(website) into the identity manager. I'm considering doing this via a web service, but I'm unsure of how to proceed. Could you help me?

  • Virtual schema property

    We want to use in the mapping of the Person and AD schemas, the 3rd schema (Locality table), because the Person schema which we are using in the mapping contains only UID of the location, but not the name. We want to bring the name of Location from another…

  • ADS_ADSDomain_Maintain_OtherSID frozen "Write permission denied for value Canonical Name"

    Hi all,

    We installed an OIM environment with multiple AD-Domains.

    three of these Domains are connected using an AppServer for SQL Connection and one is configured to connect to the Database directly.

    The sync with the "local" domain (direct Database…

  • SFtpComponent - Put

    Hello Experts,

    I'm trying to get a process orchestration in place to SFTP a file. I'm having issues and don't see much on documentation.

    When I ssh to the SFTP server I get the fingerprint and use that for the config parameter. Although when…

  • Add CentralAccount from PersonOrdered to PersonWantsOrg table

    Hello, I performed a Schema extension on the PersonWantsOrg table with the intention of introducing PersonOrdered's CentralAccount, I'm trying to get the value but I can't, I tried the following code:

    If Not String.IsNullOrEmpty($UID_PersonOrdered…

  • How to create a custom scheduled task

    How to create a custom scheduled task such as daily maintenance or how to modify it, to define a verification task, for example the last login, this for when a person or user on a specific custom target system is more than XY days without signing in,…

  • Identity Manager 9.2 and SCIM-connector

    Hi guys!

    Just a headsup, but I think the SCIM-connector in 9.2 is broken.

    After upgrading, three DPR_Shell_Migrate-processes got frozen (we have three SCIM target systems). When I tried to open the connectors in the sync editor and pasting the Base64…

  • cURL vulnerability


    Is Identity Manager (any version) affected by the recent cURL vulnerability?

    More specifically: 


  • How to create an attestation policy to attest whether the user belongs to that role?

    I would like to certify that users obtain a role, and thus send managers an email confirming that the user actually has that role.
  • How to replace the default ITShop Requests report for a customized one?

    We are trying to make a quatitative reports of how many requests were approved by department?

  • Insert DepartmentHasADSGroup via process chain results in a "Violation of PRIMARY KEY constraint ... Cannot insert duplicate key in object" - Error

    This error does not occur when i assign the same assignment in the manager.

    And this is my expected behavior.

    Before the assignment, i have an indirect assignment and after the assignment i want to have a direct, indirect assignment (Xorigin = 3).


  • Exchange online connector with existing ADConnet


    Two years ago, we had One Identity manager 8.1.

    We have a sync project to Azure AD tenant.

    We had done a project to migrate users from Exchange OnPremise to Exchange Online.

    We did not use One Identity manager for that. We used ADConnect.


  • 401 Unauthorized response through API

    Hi everyone,

    This is my Powershell script to login:



    $authJson = ConvertTo-Json $bi -Depth 2

    $LoginRequest2 = Invoke…

  • Any queries or some type of way to get the system roles and entitlements associated with all employees

    Looking for a query or some type of way to get the system roles and entitlements associated with all employees, any ideas that can help would be greatly appreciated it

  • Any ideas or queries on how to pull all the system Roles and entitlements associated with employees?

    Need to pull employee entitlements and system roles

  • I am taking input of a particular attribute in from OneIdentity manager and want to insert in the same table if it's empty.I want to insert "CCC_Context_UUIDPARAM" value in SQL table, please guide the process of writing the value in SQL. Than

    Dim f As ISqlFormatter = Connection.SqlFormatter
    Dim collectionUsers As IColDbObject = Connection.CreateCol("CCC_Context_Identifier_Def")

    collectionUsers.Prototype.WhereClause = (f.Comparison("CCC_Context_UUID","ContextUUIDParam", ValType.String…

  • Policy Violation Without Condition

    What is the purpose of a no-conditional policy?

  • Retain account definition assignment if permanently disabled

    Hi all,

    I created an Account definition and forgot to uncheck 'Retain account definition assignment if permanently disabled'. Is there a way to removed that check box? It is greyed out. I have 1000 people with the assignment and cannot recreate it because…

  • Sync from Azure AD (standard and delta)


    1. When running the regular sync from Azure a lot of groups get NULL as GroupTypes even though they're labeled as Dynamic in Azure.

    2. When running the delta sync from Azure a lot of groups get "System.String[]" as GroupTypes.


  • One Identity Manager 9. Database in maintenance mode due "Triggers disabled"

    Hi all!

    After deploying a transport package, the database entered into maintenance mode due "Triggers disabled". The error message looks like 

    "A system maintenance is running. Contact your system administrator. Reason: Triggers disabled"…

  • Numerous User accounts which were disabled more than 63 days ago are still left in Active Directory

    Hello ,

    I have a requirements to remove users were disabled more than 63 days ago in Active Directory . The service account that I am using have a right privelege to remove users in One Identity Manager . However users that has 1 admin count can't be…

  • One session for user on web portal

    Hi everyone,

    Is there a way to set only one session for a user? Nowadays, users can open different sessions on web portal with different Web Browser.

    If possible, I want that when a user is logged in on the web portal, if the same user tries to log in…

  • How to check an event in the process generating condition


    I need to check in a process generating condition if the event is an insert or it is an update.

    Can you help?

    Thank you,
