oracle.iam.connectors.icfcommon.prov.ICProvisioningManager : createObject : Error while creating user java.lang.IllegalArgumentException: Password configuration property is empty.

Getting this Exception while trying to provision/Create an user on the target in OIM.

<ORACLE.IAM.CONNECTORS.ICFCOMMON.PROV.ICPROVISIONINGMANAGER> <BEA-000000> <oracle.iam.connectors.icfcommon.prov.ICProvisioningManager : createObject : Error while creating user

java.lang.IllegalArgumentException: Password configuration property is empty.

Main Cause:

If password to establish a connection to the target, blank/missed in the IT Resource.
Before performing any CRUD operations on target, OIM uses connection details from IT Resource to establish a connection. But before connection firstly check whether all the required details are present or not. If missed to provide password above exception will occur.

Solution:

Provide target service account password which is required to establish connection.

                                                           Hope this will help!!!

oracle.iam.connectors.icfcommon.prov.ICProvisioningManager : createObject : Error while creating user java.lang.IndexOutOfBoundsException: Invalid attribute name (PASSWORD)

Getting this Exception while trying to provision/Create user on the target using Database Application Table (DBAT) Connector in OIM.

<Error> <ORACLE.IAM.CONNECTORS.ICFCOMMON.PROV.ICPROVISIONINGMANAGER> <BEA-000000> <oracle.iam.connectors.icfcommon.prov.ICProvisioningManager : createObject : Error while creating user

java.lang.IndexOutOfBoundsException: Invalid attribute name (PASSWORD)

Check oim_server1-digaonistic.log, under oim_server1/logs to find the cause of create operation failure using DBAT connector.

Main Cause:

If password flowing from OIM to DB Application Table target while provisioning/creating user and value of passwordColumn attribute provided in IT Resource(that value would be the name of DB application table column which is holding password).
Suppose column namely PASSWORD for holding password in DB Application Table, then passwordColumn  attribute value would been PASSWORD in IT Resource as in given below screenshot.

Solution:

There are some special attributes in OIM ICF based connector's Provisioning and Reconciliation Lookup, which are prefixed and suffixed by __ [underscore] like __NAME__, __UID__, __PASSWORD__ and ICF framework understand them by these name only. These all are attributes hold sensible information.

Similarly in DBAT connector, if password flowing from OIM to DB Application table and target password column name provided in IT Resource. Then please make sure in Provisioning and Reconciliation lookup, decode value for password field should be  __PASSWORD__ instead of only PASSWORD. Please see below screenshot for more details.

                                                Hope this will help !!!