Sunday, November 20, 2016

SQL query to get all the users having account on particular resource in OIM

Query to get users list having active/enabled account:

SELECT USR.USR_LOGIN
FROM OBJ,OBI,OIU,OST,USR
WHERE OBJ.OBJ_KEY=OBI.OBJ_KEY
AND OBI.OBI_KEY=OIU.OBI_KEY
AND OIU.USR_KEY=USR.USR_KEY
AND OIU.OST_KEY=OST.OST_KEY
AND OST.OBJ_KEY=OBJ.OBJ_KEY
AND OBJ.OBJ_NAME=' [Insert Resource Name here]'
AND OST.OST_STATUS IN ('Enabled','Provisioned');

Example: To get the users having active/enabled account on AD User resource:
SELECT USR.USR_LOGIN
FROM OBJ,OBI,OIU,OST,USR
WHERE OBJ.OBJ_KEY=OBI.OBJ_KEY
AND OBI.OBI_KEY=OIU.OBI_KEY
AND OIU.USR_KEY=USR.USR_KEY
AND OIU.OST_KEY=OST.OST_KEY
AND OST.OBJ_KEY=OBJ.OBJ_KEY
AND OBJ.OBJ_NAME='AD User'
AND OST.OST_STATUS IN ('Enabled','Provisioned');

Query to get users list having disabled account:

SELECT USR.USR_LOGIN
FROM OBJ,OBI,OIU,OST,USR
WHERE OBJ.OBJ_KEY=OBI.OBJ_KEY
AND OBI.OBI_KEY=OIU.OBI_KEY
AND OIU.USR_KEY=USR.USR_KEY
AND OIU.OST_KEY=OST.OST_KEY
AND OST.OBJ_KEY=OBJ.OBJ_KEY
AND OBJ.OBJ_NAME=' [Insert Resource Name here]'
AND OST.OST_STATUS IN ('Disabled');

Example: To get the users having disabled account on AD User resource:
SELECT USR.USR_LOGIN
FROM OBJ,OBI,OIU,OST,USR
WHERE OBJ.OBJ_KEY=OBI.OBJ_KEY
AND OBI.OBI_KEY=OIU.OBI_KEY
AND OIU.USR_KEY=USR.USR_KEY
AND OIU.OST_KEY=OST.OST_KEY
AND OST.OBJ_KEY=OBJ.OBJ_KEY
AND OBJ.OBJ_NAME='AD User'
AND OST.OST_STATUS IN ('Disabled');

Query to get users list having revoked account:

SELECT USR.USR_LOGIN
FROM OBJ,OBI,OIU,OST,USR
WHERE OBJ.OBJ_KEY=OBI.OBJ_KEY
AND OBI.OBI_KEY=OIU.OBI_KEY
AND OIU.USR_KEY=USR.USR_KEY
AND OIU.OST_KEY=OST.OST_KEY
AND OST.OBJ_KEY=OBJ.OBJ_KEY
AND OBJ.OBJ_NAME=' [Insert Resource Name here]'
AND OST.OST_STATUS IN ('Revoked');

Example: To get the users having revoked account on AD User resource:
SELECT USR.USR_LOGIN
FROM OBJ,OBI,OIU,OST,USR
WHERE OBJ.OBJ_KEY=OBI.OBJ_KEY
AND OBI.OBI_KEY=OIU.OBI_KEY
AND OIU.USR_KEY=USR.USR_KEY
AND OIU.OST_KEY=OST.OST_KEY
AND OST.OBJ_KEY=OBJ.OBJ_KEY
AND OBJ.OBJ_NAME='AD User'
AND OST.OST_STATUS IN ('Revoked');

Posted by at

3 comments:

  1. AnonymousFebruary 21, 2018 at 10:29 AM

    I am having Multiple status for the same user and same account in OIM. Example
    ABC123 is an user ID and this user is having Multiple AD accounts with different status
    1. Provisioned
    2.Revoked
    3.Disable
    So I need to find a query for all the users with there status.
    I am getting only the current status of the user not the other status.

    ReplyDelete
    Replies
    1. AnonymousSeptember 5, 2018 at 11:36 PM

      Add last line as
      AND OST.OST_STATUS IN ('Revoked',Provisioned,Disabled);

      Delete
  2. AnonymousSeptember 24, 2024 at 9:29 AM

    Cool and I have a swell supply: What Renovations Can You Claim On Tax small home additions

    ReplyDelete

Subscribe to: Post Comments (Atom)