Transcription
Oracle Fusion MiddlewareOracle Identity Governance Bundle Patch Readme12c (12.2.1.3.180413)E96128-01May 2018Oracle Identity Governance Bundle PatchReadmeThis document is intended for users of Oracle Identity Management 12c(12.2.1.3.180413). It contains the following sections: Understanding Bundle Patches Bundle Patch Requirements Prerequisites of Applying the Bundle Patch Applying the Bundle Patch to an Existing Instance Removing the Bundle Patch Applying the Bundle Patch to a New Instance Configuring Oracle Identity Governance-Oracle Access Manager Integration(Optional) Changes in Track Request Functionality IP Filter Related Updates Resolved Issues Known Issues and Workarounds Related Documents Documentation AccessibilityUnderstanding Bundle PatchesThis section describes bundle patches and explains differences between bundlepatches, patch set exceptions (also known as one-offs), and patch sets. Bundle Patch Patch Set Exception Patch Set1
Bundle PatchA bundle patch is an official Oracle patch for an Oracle product. In a bundle patchrelease string, the fifth digit indicated the bundle patch number. Effective November2015, the version numbering format has changed. The new format replaces thenumeric fifth digit of the bundle version with a release date in the form "YYMMDD"where: YY is the last 2 digits of the year MM is the numeric month (2 digits) DD is the numeric day of the month (2 digits)Each bundle patch includes the libraries and files that have been rebuilt to implementone or more fixes. All of the fixes in the bundle patch have been tested and arecertified to work with one another. Regression testing has also been performed toensure backward compatibility with all Oracle Mobile Security Suite components in thebundle patch.Patch Set ExceptionIn contrast to a bundle patch, a patch set exception addressed only one issue for asingle component. Although each patch set exception was an official Oracle patch, itwas not a complete product distribution and did not include packages for everycomponent. A patch set exception included only the libraries and files that had beenrebuilt to implement a specific fix for a specific component.Patch SetA patch set is a mechanism for delivering fully tested and integrated product fixes. Apatch set can include new functionality. Each patch set includes the libraries and filesthat have been rebuilt to implement bug fixes (and new functions, if any). However, apatch set might not be a complete software distribution and might not includepackages for every component on every platform. All of the fixes in a patch set aretested and certified to work with one another on the specified platforms.Bundle Patch RequirementsYou must satisfy the following requirements before applying this bundle patch: Confirm you are applying this bundle patch to an Oracle Identity Governance12.2.1.3.0 installation.2
Note:When installing OPatch, you might find that interim or one off patcheshave already been installed. Download the latest version of OPatch. The OPatch version for this bundle patchis 12.2.1.3.0. However, Oracle recommends using the latest version of OPatch toall customers. To learn more about OPatch and how to download the latestversion, refer to the following:You can access My Oracle Support at https://support.oracle.com. Verify the OUI Inventory. To apply patches, OPatch requires access to a valid OUIInventory. To verify the OUI Inventory, ensure that ORACLE HOME/OPatchappears in your PATH for example:export PATH ORACLE HOME/OPatch: PATHThen run the following command in OPatch inventoryopatch lsinventoryIf the command returns an error or you cannot verify the OUI Inventory, contactOracle Support. You must confirm the OUI Inventory is valid before applying thisbundle patch. Confirm the opatch and unzip executables exist and appear in your system PATH,as both are needed to apply this bundle patch. Execute the following commands:which opatchwhich unzipBoth executables must appear in the PATH before applying this bundle patch. Ensure that there are no pending JMS messages in Oracle Identity Governanceserver. You can monitor JMS messages with WebLogic console.Prerequisites of Applying the Bundle PatchBefore applying the bundle patch, perform the following prerequisites: This patch process makes changes to Oracle Identity Governance databaseschema (such as adding/modifying data), Oracle Identity Governance Meta DataStore (MDS) database schema (such as adding/modifying data), domainconfiguration changes, and other binary changes in the file system underORACLE HOME on which Oracle Identity Governance is installed. It is mandatoryto create a backup of the following:–Oracle Identity Governance, MDS, and Service-Oriented Architecture (SOA)database schemas. For example, the database schema can be DEV OIM,DEV MDS schemas used by Oracle Identity Governance. Simple export of theschemas is sufficient.–The ORACLE HOME directory on which Oracle Identity Governance isinstalled, for example, /u01/Oracle/Middleware.3
–Oracle Identity Governance WebLogic Domain location, for example, /u01/Oracle/Middleware/user projects/domains/IAMGovernanceDomain/.–The UNIX user applying opatch must have read, write, and executepermissions on both ORACLE HOME as well asWEBLOGIC DOMAIN HOME. You can verify this manually in the file systemfor DOMAIN HOME and ORACLE HOME.If you have customized the event handler file on/EventHandlers.xml in your setup, then perform the following stepsto ensure that the upgrade does not override any customization done to this file:1.Export the on/EventHandlers.xml file from MDS, and create a backup of this file.2.After upgrading and running all the post install steps, export the ition/EventHandlers.xml file,merge your customization to this new file, and import it back to MDS.Note:For more information on MDS Utilities, see MDS Utilities and UserModifiable Metadata Files.Applying the Bundle Patch to an Existing InstanceApplying Oracle Identity Governance Release 12.2.1.3.180413 patch is done in thefollowing stages:Note:Before performing the steps to apply the bundle patch, create a backup ofthe database, as stated in Prerequisites of Applying the Bundle Patch whichwill help you rollback to the previous release. Stage 1: Patching the Oracle Binaries (OPatch Stage) Stage 2: Filling in the patch oim wls.profile File Stage 3: Patching the Oracle Identity Governance Managed Servers(patch oim wls Stage) Understanding the Process Sequence With an ExampleStage 1: Patching the Oracle Binaries (OPatch Stage)This section describes the process of applying the binary changes by copying files tothe ORACLE HOME directory, on which Oracle Identity Governance is installed. This4
step must be executed for each ORACLE HOME in the installation topology nodesirrespective of whether Oracle Identity Governance server is being run in the node ornot.Perform the following steps to apply the bundle patch to an existing Oracle IdentityGovernance instance:1.Stop the Admin Server, all Oracle Identity Governance managed servers, and allSOA managed servers.2.Create a directory for storing the unzipped bundle patch. This document refers tothis directory as PATCH TOP.3.Unzip the patch zip file in to the PATCH TOP directory you created in step 2 byusing the following command:unzip -d PATCH TOP p27861122 122130 Generic.zipNote:On Windows, the unzip command has a limitation of 256 characters inthe path name. If you encounter this issue, use an alternate ZIP utility,for example 7-Zip to unzip the zip file.Run the below command to unzip the file:"c:\Program Files\7-Zip\7z.exe" x p27861122 122130 Generic.zip4.Move to the directory where the patch is located. For example:cd PATCH TOP/278611225.Set the ORACLE HOME directory in your system. For example:setenv ORACLE HOME /u01/Oracle/Middleware6.Apply the bundle patch to the ORACLE HOME using the following command forOracle Identity Governance:opatch applyNote: Ensure the OPatch executables appear in your system PATH. If OPatch fails with error code 104, cannot find a valid oraInst.loc fileto locate Central Inventory, include the -invPtrLoc argument, asfollows:opatch apply -invPtrLoc ORACLE HOME/oraInst.locWhen OPatch starts, it will validate the patch and ensure there are no conflictswith the software already installed in the ORACLE HOME. OPatch categorizestwo types of conflicts:5
Conflicts with a patch already applied to the ORACLE HOME. In this case,stop the patch installation and contact Oracle Support. Conflicts with subset patch already applied to the ORACLE HOME. In thiscase, continue the install, as the new patch contains all the fixes from theexisting patch in the ORACLE HOME. The subset patch will automatically berolled back prior to the installation of the new patch.Note:For clustered and multi-node installation of Oracle IdentityGovernance, this step must be run on all the ORACLE HOMEdirectories on which Oracle Identity Governance is installed.Stage 2: Filling in the patch oim wls.profile FileUsing a text editor, edit the file patch oim wls.profile located in the directoryORACLE HOME/server/bin/ directory and change the values in the file to match yourenvironment. The patch oim wls.profile file contains sample values.Table 1-1 lists the information to be entered for the patch oim wls.profile file. This fileis used in next stage of the bundle patch process.Table 1-1Parameters of the patch oim wls.profile FileParameters of the patch oim wls.profile FileParameterDescriptionSample Valueant homeLocation of the ANTinstallation. It is usually underMW HOME.For Linux: MW HOME/oracle /apache-ant-1.9.8/For Windows: %MW HOME%\oracle \apache-ant-1.9.8\java homemw homeoim oracle homeLocation of the JDK/JREinstallation that is being usedto run the Oracle IdentityGovernance domain.For Linux: MW HOME/oracle common/jdk/Location of the middlewarehome location on whichOracle Identity Governance isinstalled.For Linux: /u01/Oracle/MiddlewareFor Windows: %MW HOME%\oracle common\jdk\For Windows: C:\Oracle\MW HOME\Location of the Oracle Identity For Linux: MW HOME/idmGovernance installation.For Windows: %MW HOME%\idm6
Table 1-1(Cont.) Parameters of the patch oim wls.profile FileParameterDescriptionSample Valueoim usernameOracle Identity Governanceusername.System administratorusernameoim passwordOracle Identity Governancepassword. This is optional. Ifthis is commented out, thenyou will be prompted for thepassword when the script isexecuted.N/Aoim serverurlURL to navigate to OracleIdentity Governance.t3://oimhost.example.com:14000soa homeLocation of the SOAinstallation.For Linux: MW HOME/soaDirectory on which WebLogicserver is installed.For Linux: MW HOME/wlserverweblogic.server.dirFor Windows: %MW HOME%\soaFor Windows: %MW HOME%\wlserverweblogic userDomain administrator userweblogicname. Normally it is weblogic,but could be different as well.weblogic passwordDomain admin user'spassword. If this line iscommented out, thenpassword will be prompted.N/Asoa hostListen address of the SOAManaged Server, or thehostname on which the SOAManaged Server is listening.oimhost.example.comNote: If the SOA ManagedServer is configured to use avirtual IP address, then thevirtual host name must besupplied.soa portListen port of the SOA8001Managed Server, or SOAOnly Non-SSL Listen portManaged Server port number. must be provided.operationsDB.userOracle Identity Governancedatabase schema user.OIM.DBPasswordOracle Identity GovernanceN/Adatabase schema password. Ifthis line is commented out,then the password will beprompted when the script isexecuted.operationsDB.hostHost name of the Oracleoimdbhost.example.comIdentity Governance database.DEV OIM7
Table 1-1(Cont.) Parameters of the patch oim wls.profile FileParameterDescriptionSample ValueoperationsDB.serviceNameDatabase service name of the oimdb.example.comOracle Identity Governanceschema/database. This is notthe hostname and it can be adifferent value as well.operationsDB.portDatabase listener port number 1521for the Oracle IdentityGovernance database.mdsDB.userMDS schema usermdsDB.passwordMDS schema password. If this N/Aline is commented out, thenpassword will be prompted.mdsDB.hostMDS database host nameoimdbhost.example.commdsDB.portMDS database/Listen port1521mdsDB.serviceNameMDS database service nameoimdb.example.comwls serverurlURL to navigate to WLSConsolet3://wlshost.example.com:7001DEV MDSNote:Updated the parameter value as per the setup used and then execute thepatch oim wls.sh file.Stage 3: Patching the Oracle Identity Governance ManagedServers (patch oim wls Stage)Patching the Oracle Identity Governance managed servers is the process of copyingthe staged files in the previous steps (stage 1) to the correct locations, and runningSQL scripts and importing event handlers and deploying SOA composite. For makingMBean calls, the script automatically starts the Oracle Identity Governance ManagedServer and SOA Managed Server specified in the patch oim wls.profile file.This step is performed by running patch oim wls.sh (on UNIX) and patch oim wls.bat(on Microsoft Windows) script by using the inputs provided in thepatch oim wls.profile file. As prerequisites, the WebLogic Admin Server, SOAManaged Servers, and Oracle Identity Governance Managed Server must be running.To patch Oracle Identity Governance Managed Servers on WebLogic:1.Make sure that the WebLogic Admin Server, SOA Managed Servers, and OracleIdentity Governance Managed Server are running.2.Set the following environment variables:8
For LINUX or Solaris:setenv PATH JAVA HOME/bin: PATHFor Microsoft Windows:set JAVA HOME VALUE OF JAVA HOMEset ANT HOME \PATH TO ANT DIRECTORY\antset ORACLE HOME %MW HOME%\idmNote:Make sure to set the reference to JDK binaries in your PATH beforerunning the patch oim wls.sh (on UNIX) or patch oim wls.bat (onMicrosoft Windows) script. This JAVA HOME must be of the sameversion that is being used to run the WebLogic servers. TheJAVA HOME version from /usr/bin/ or the default is usually old and mustbe avoided. You can verify the version by running the followingcommand:java -version3.Execute patch oim wls.sh (on UNIX) or patch oim wls.bat (on MicrosoftWindows) to apply the configuration changes to the Oracle Identity Governanceserver. On Linux systems, you must run the script in a shell environment using thefollowing command:sh patch oim wls.shNote:For EDG implementations, this script must be run against the mserverdomain directory rather than the server domain directory.4.Delete the following directory in domain home:IAMGovernanceDomain/servers/oim server1/tmp/ WL user/oracle.iam.console.identity.self-service.ear V2.0Here, oim server1 is the weblogic manged server used for OIG.5.To verify that the patch oim wls script has completed successfully, check theORACLE HOME/idm/server/bin/patch oim wls.log log file.9
Note: On running the patch oim wls script, the DOMAIN HOME/servers/MANAGED SERVER/security/boot.properties file might be deleted.If you use a script to start the Managed Server and use theboot.properties file to eliminate the need of entering the password inthe script, then create a new boot.properties file.In an EDG environment, the boot.properties file is inMSERVER HOME/servers/MANAGED SERVER/security. Ignore the following exception traces in the patch oim wls.log file:[java] Aug 11, 2015 3:45:28 AM ] WARNING: Error while registering Oracle JDBCDiagnosability MBean.[java] java.security.AccessControlException: access denied(javax.management.MBeanTrustPermission register)[java] on(AccessControlContext.java:374)6.Stop and start WebLogic Admin Server, SOA Servers, and Oracle IdentityGovernance Servers. Shutting down Oracle Identity Governance server might take a long time if it isdone with force false option. It is recommended that you force shutdownOracle Identity Governance server. The patch oim wls script is re-entrant and can be run again if a failure occurs.Understanding the Process Sequence With an ExampleIf you have ORACLE HOME A and ORACLE HOME B, and ORACLE HOME A isrunning WebLogic Admin Server, oim server1, and soa server1, andORACLE HOME B is running oim server2 and soa server2, then the following is theprocess sequence to apply the bundle patch to the Oracle Identity Governanceinstance:1.Shutdown the Oracle Identity Governance, and ensure that the WebLogic AdminServer and SOA managed servers are running.2.Run 'Opatch apply' on ORACLE HOME A. See Stage 1: Patching the OracleBinaries (OPatch Stage) for more information.3.Run 'Opatch apply' on ORACLE HOME B. See Stage 1: Patching the OracleBinaries (OPatch Stage) for more information.4.Fill-in the patch oim wls.profile file and run patch oim wls onORACLE HOME A or ORACLE HOME B.See Stage 2: Filling in the patch oim wls.profile File for information on filling in thepatch oim wls.profile.10
See Stage 3: Patching the Oracle Identity Governance Managed Servers(patch oim wls Stage) for information about running patch oim wls.5.Restart the managed servers on all the nodes.Removing the Bundle PatchIf you must remove the bundle patch after it is applied, then perform the followingsteps:Note:For clustered installations, perform steps 1 through 3 on all nodes in thecluster.1.Perform the same verification steps and requirement checks that you made beforeapplying the bundle patch. For example, backup the XML files and import them toa different location, verify the OUI Inventory and stop all services running from theORACLE HOME.2.Move to the directory where the bundle patch was unzipped. For example:cd PATCH TOP/278611223.Run OPatch as follows to remove the bundle patch:opatch rollback -id 278611224.Restore ORACLE HOME, the WebLogic domain home from the backup createdbefore applying the patch.5.Restore the Oracle Identity Governance database using the backup you created inStep 1 of Applying the Bundle Patch to an Existing Instance.Applying the Bundle Patch to a New InstancePerform the following steps to apply the bundle patch to a new instance: Installing a New Oracle Identity Governance Instance with Bundle Patch12.2.1.3.180413 Postinstallation Configuration Updating Oracle Identity Governance Web ApplicationsInstalling a New Oracle Identity Governance Instance with BundlePatch 12.2.1.3.18041311
Perform the following steps to apply the bundle patch to a new Oracle IdentityGovernance instance. You can perform the same steps for clustered deployments.Note:For clustered deployments, perform the steps provided in this section oneach node in the cluster.1.Install Oracle WebLogic Server. See Installing and Configuring Oracle Identity andAccess Management at the following ite/INOAM/toc.htm2.Create the Oracle Identity Governance database schema. See Installing andConfiguring Oracle Identity and Access Management.3.Install SOA and Oracle Identity Governance. See Installing and Configuring OracleIdentity and Access Management.4.Apply patch using Opatch, as described in Stage 1: Patching the Oracle Binaries(OPatch Stage).Note:If you are creating a new environment, then it is recommended that thisstep is performed before creating or extending the domain with OracleIdentity Governance.5.Create domain by launching configuration wizard as specified in the Installing andConfiguring Oracle Identity and Access Management.6.Start the WebLogic Admin Server and SOA Server.Before starting the WebLogic Admin Server and SOA Server on MicrosoftWindows, edit the startWeblogic.cmd file, and replace:call "%COMMON ORACLE HOME%\bin\wlst.cmd"%COMMON ORACLE HOME%\tools\configureSecurityStore.py -d%DOMAIN HOME% -m validateWith the following:call "FULL PATH TO WLST SCRIPT\wlst.cmd"%COMMON ORACLE HOME%\tools\configureSecurityStore.py -d%DOMAIN HOME% -m validateHere, an example for FULL PATH TO WLST SCRIPT can be MW HOME\oracle common\common\bin\.7.Use Oracle Universal Installer to configure Oracle Identity Governance by runningconfig.sh.8.Stop and restart the WebLogic Admin Server and SOA Server.12
9.Fill in the patch oim wls.profile file by referring to Stage 2: Filling in thepatch oim wls.profile File.10. Run patch oim wls.sh (on UNIX) and patch oim wls.bat (on Microsoft Windows)to complete patching the domain. This step must be run on the ORACLE HOMEdirectory of the Oracle Identity Governance Managed Server. For moreinformation, see Stage 3: Patching the Oracle Identity Governance ManagedServers (patch oim wls Stage).Note:Before running the patch oim wls script, make sure that WebLogicAdmin server and SOA servers are in running state.11. Stop and restart the WebLogic Admin Server, SOA Server, and Oracle IdentityGovernance server.Postinstallation ConfigurationAfter installing a new Oracle Identity Governance instance with Bundle Patch12.2.1.3.180413, perform the following post installation configuration steps: In Oracle Identity Governance deployment that is integrated with Oracle AccessManager (OAM), during user password change, the password changeconfirmation popup message is not displayed.If you want to display this popup so that it is consistent with rest of the UI, then adda new system property with OIM.PasswordRedirectEnabled as the keyword byusing the System Management, System Properties section of the AdvancedAdministration Console, and set its value to FALSE.If this property is not present, then the value is defaulted to TRUE. If the value isTRUE, then the user is redirected to the Tasks page after the change passwordoperation. Perform the following steps to seed the event handler for Application Onboarding:1.Go to, MW HOME/idm/server/apps/oim.ear/APP-INF/lib/.2.Locate BootStrapListener.jar. Copy the BootStrapListener.jar file to atemporary folder, for example temp AoB. Extract the jar files and locateaob adapters.xml file in the BootStrapListener.jar/scripts/ folder.Note:The jar file can be extracted using compression tool such as Zip,7–Zip or by using jar command jar -xvf .3.Copy the aob adapters.xml file to a local folder.13
4.Using the Import option in Identity System Administration interface, import theaob adapters.xml file into Oracle Identity Governance.For detailed steps for importing objects into Oracle Identity Governance, seeImporting Deployments in Administering Oracle Identity Governance.5.Remove the temporary folder temp AoB.Updating Oracle Identity Governance Web ApplicationsThe procedure described in this section is applicable only when installing bundlepatches for Oracle Identity Governance and not for installing patch set updates.For updating your web applications on Oracle WebLogic Server:1.Stop Oracle Identity Governance Managed Server.2.Login to WebLogic Administrative Console.3.Click Lock & Edit.4.Go to Deployments.5.Select the oracle.iam.ui.view and oracle.iam.ui.model app, and click Update.Complete the steps of the wizard by clicking Next. Do not change anything.6.Click Apply Changes.7.Start Oracle Identity Governance Managed Server.Configuring Oracle Identity Governance-Oracle AccessManager Integration (Optional)This bundle patch release supports integration of Oracle Identity Governance (OIG)and Oracle Access Manager (OAM) using Connectors. For more information see,Integrating Oracle Identity Governance and Oracle Access Manager Using LDAPConnectors in Integration Guide for Oracle Identity Management Suite.Changes in Track Request FunctionalityTrack Request functionality will change after this Bundle Patch is applied.When a user performs a search in Self Service tab, Track Requests page, and in thesearch result table, applies Show list option as For Reportees, all the requests raisedby or for the logged in user and user's direct and indirect reportee are displayed.In the search result table, user has to select a Show list option and click Search.Oracle Identity Governance will not trigger a search action until user clicks on Search.IP Filter Related Updates14
IP Filter (IPF) related updates are not part of the Oracle Identity Governance bundlepatch release. For instructions on how to download and applying the IPF one-offbundle patch, see My Oracle Support document ID 2383246.1.Resolved IssuesThe following section lists the issues resolved in Release 12.2.1.3.180413: Resolved Issues in Release 12.2.1.3.180413 Resolved Issues in Release 12.2.1.3.180109Resolved Issues in Release 12.2.1.3.180413Applying this bundle patch resolves the issues listed in Table 1-2:Table 1-2Resolved Issues in Release 12.2.1.3.180413Resolved Issues in Release 12.2.1.3.180413Bug NumberDescription25323654AOB: TEST CONNECTION IS SUCCESSEVEN IF INVALID VALUES IN ONS BEING LOGGED WHENACCESSING WORKFLOW15
Table 1-2(Cont.) Resolved Issues in Release 12.2.1.3.180413Bug NumberDescription26165573EXTENSION TO THE FOLLOWING BUG25727240 (REFRESH MATERIALIZED VIEW)Note:Formanualsteps onhow toapplychangesdone forBug Fix26165573, see MyOracleSupportdocument ID2383245.1.26186971Fix for Bug 2618697126188366Fix for Bug 2618836626288324THE ENTITLEMENT GETPROVISIONEDEVEN IF GRANT END DATE IS PASSED ATAPPROVE TIME26427097DELETING APP INSTANCE RESULTS 3AOB: PROVIDE FEATURE TO ADD NEWCONFIGURATION PROPERTIES INADVANCED SETTINGS26500524AOB: SAP AC UM AND UME FORM FIELDSARE UPDATED BLANK AFTER RUN USERRECON26522972AOB: REVOKE ACCOUNT IS NOTWORKING IN SAP AC UM & UME26616250TARGET USER RECON IS FAILING FOR CIBASED INSTALLATION26681376PUBLISH IN TOP AND SUBORGANIZATIONS BY OIM API IS TAKINGLONG TIME16
Table 1-2(Cont.) Resolved Issues in Release 12.2.1.3.180413Bug ETURNVALUEROW WHILE EDITWORKFLOW RULES IN OIM CLUSTER26932665DEPENDENT REQUEST DETAILS NOTVISIBLE DUE TO SCROLLBAR MISSING26967104AOB: DISPLAY NAME OPTION NOTCOMING WHILE ADDING NEW ADVANCEDCONFIG ATTRIBUTE26967178AOB: OPTION NOT COMING TO ADD ADVCONFIG ATTRIBUTE IF NO ATT EXISTS INTEMPLATE26982896MANAGER INFORMATION SHOWINGBLANK IN USER CERTIFICATION ON THEUI27025473LIGHT WEIGHT AUDIT PUREGE - REMOVEAUDIT LOG ENTRIES JOB IS RUNNINGTOO LONG27026427KSS NOT UPDATED FROM DEFAULTKEYSTORE.JKS BREAKS JWT27113693UPGRADE ASSISTANT READINESS CHECKFAILED DUE TO OIM 11.1.1.3.0 TEMPLATE27119830RECONFIG DOMAIN DOESN'T TAKE OIM11.1.1.X VERSION APPS INTOCONSIDERATION27145500ERROR DUE TO CHANGES IN"SOAOIMLOOKUPDB" DATASOURCE IN12CPS327166581RESOURCE HISTORY SHOWS INCORRECTENTITLEMENT NAME AFTER BP 26858666(OCT-17)27168000LIBRARY ORACLE.IDM.IPF WASTARGETED TO OIM AND SOA CLUSTERINSTEAD OF ADMINSERVE27200817SEARCH SELECTIONS DO NOT WORK FORCREATE/MANAGE USER IF CLICK BACKTO USERS LIST27279346AOB: APPLICATION CREATION FAILINGWITH USER NOT HAVING SYSTEM ADMINPERMISSION27384225AFTER APPLYING OCTOBER BP POLICYVIOLATIONS IS NOT DETECTING ANYVIOLATIONS27510030POLICY VIOLATION NOT THROWN FORDISABLED ACCOUNT17
Table 1-2(Cont.) Resolved Issues in Release 12.2.1.3.180413Bug NumberDescription27564429AOB: SAP UM USER DELETE RECON ISNOT WORKING IN 12C WITH LATEST BP27567130CONFIGURELDAPCONNECTOR.SH FAILSResolved Issues in Release 12.2.1.3.180109Applying this bundle patch resolves the issues listed in Table 1-3.Table 1-3Resolved Issues in Release 12.2.1.3.180109Resolved Issues in Release 12.2.1.3.180109Bug NumberDescription23110063IMPLEMENTATION OF BULK ATTRIBUTESUPDATE FOR AN ACCOUNT IMPACTSOTHER ACCOUNTS23337308CERTIFICATION COLUMN NAME"CREATED BY" AND "UPDATED BY"DISPLAYS USR KEY25540355PS3PARITY:"USER TYPE" VALUE DOESN'TGET SELECTED ON FIRST ATTEMPT26164709LOG4J.JAR NOT UPDATED IN SETENV.BAT26434476WAITING ON ENTITLEMENT STATUS,PATCH 2529287426592805USERS SHOULD NOT BE ABLE TOREVOKE ENT THAT IS PART OF ROLEFROM THEIR MY ACCESS26615293SEARCH ON CERTIFICATION DEFINITIONCONTENT SELECTION PAGE RETURNSONLY 28 ROLES26625354CERTIF ROLE POLICY TAB CATALOG INFOENTITLEMENT URL SHOW NOENTITLEMENT DETIALS26639196REPLACE EXISTING SEARCH IN CERT.DEF FLOW RESULTS IN ERROR PAGE ANDNPE26732357CERTIFCATION RESET STATUS CAUSINGNPE26808282DATASOURCE CONNECTION LEAK AFTERBUG 2029387426811926LIBRARIES FOR MANAGED BEANS ANDTASK FLOWS ARE MISSING IN 12C18
Table 1-3(Cont.) Resolved Issues in Release 12.2.1.3.180109Bug NumberDescription26863966SEARCH RETURNS REQUESTS FORREPORTEES AND NON-REPORTEES FORR2PS226895672OAM OIM OVD OID UPG: USERCREATION IS FAILED27025966THIS IS THE TRACKER BUG FOR EPICOIM-1138027037128Fix for Bug 2703712827110896BE CONSISTENT WITH SPECIFYINGPARAMETERS IN OAM/OIM INTEGRATION27112593ERROR WHEN GETTING CONNECTORSERVER DETAILS BY NON SYSTEMADMINISTRATOR27119849NLS : ISSUE WHILE SETTING CHALLENGEQUESTIONS WHEN FIRST LOGIN27133948OIM-OAM-OUD: ADMIN FAILED TO UNLOCKA SELF LOCKED ACCOUNT27139528Fix for Bug 2713952827175826OIM-OAM-AD:CONFIGURELDAPCONNECTOR FAILEDCONNECTOR PACKAGE IS NOTAVAILABLE27203691OIM-OAM-OUD: SSO GROUP MEMBERSHIPINCREMENTAL RECONCILIATION DO NOTWORK27298564REPLACE EXISTING SEARCH IN CERT DEFFLOW RESULTING CERT IS NOT GETTINGGENERATED27300245OIM-OAM-OID: USER SESSION IS NOTTERMINATED WHEN IT IS DELETED BYADMIN2731384312C BP01: USER SESSION IS NOTTERMINATED WHEN IT IS LOCKED ORDISABLED BY ADMINKnown Issues and WorkaroundsKnown issues and their workarounds in Oracle Identity Governance Release 12.2.1.3are described in the Oracle Identity Governance chapter of the Release Notes forOracle Identity Management document. You can access the Release Notes documentin the Oracle Identity Management Documentation library at the following ite/IDMRN/toc.htm19
Note:Some known issues listed in the Release Notes for Oracle IdentityManagement may have been resolved by this Bundle Pa
ORACLE_HOME on which Oracle Identity Governance is installed. It is mandatory to create a backup of the following: - Oracle Identity Governance, MDS, and Service-Oriented Architecture (SOA) database schemas. For example, the database schema can be DEV_OIM, DEV_MDS schemas used by Oracle Identity Governance. Simple export of the schemas is .
