Work With Users

Java API

  1. tcUserOperationsIntf
  2. UserManager


  1. com.thortech.xl.ejb.beansimpl.tcUserOperationsBean


Find user with login "xelsysadm" using tcUserOperationsIntf service:

tcUserOperationsIntf service = oimClient.getService(tcUserOperationsIntf.class);
Map criteria = new HashMap();
criteria.put("Users.User ID", "xelsysadm");
tcResultSet resultSet = service.findAllUsers(criteria);

Users.Password Warning Date=2011-08-29
Users.Middle Name=
Users.Disable User=0
Users.Update Date=2011-05-08
Users.Display Name=System Administrator
Users.Lock User=0
Users.End Date=
Users.Deprovisioned Date=
Users.Deprovisioning Date=
Users.Creation Date=2011-05-08
Users.Xellerate Type=End-User Administrator
Users.Change Password At Next Logon=
Users.Password Expiration Date=2011-09-05
Users.Password Cannot Change=
Users.Provisioned Date=
Users.Start Date=
Users.Last Name=Administrator
Users.First Name=System
Users.Manager Key=
Users.Manager Login=
Users.Manager First Name=
Users.Manager Last Name=
Users.Password Expired=
Users.Password Warned=
Users.Updated By=1
Organizations.Organization Name=Xellerate Users
Users.Password Never Expires=
Users.Password Must Change=
Users.Provisioning Date=

Advanced search for same user by DB key with oracle.iam.identity.usermgmt.api.UserManager (on server only).

UserManager service = Platform.getService(UserManager.class);
SearchCriteria criteria = new SearchCriteria("usr_key", 1L, SearchCriteria.Operator.EQUAL);
try {
  List<User> result =, null, null);
} catch (UserSearchException e) {
} catch (AccessDeniedException e) {

{FA Territory=null, usr_pwd_warn_date=Mon Aug 29 00:22:58 MSD 2011, Employee Number=null, usr_locale=null, Middle Name=null, Manually Locked=null, usr_disabled=0, usr_update=Sun May 08 00:22:58 MSD 2011, Date Format=null, Display Name=System Administrator, Mobile=null, usr_timezone=null, usr_locked=0, LDAP Organization=null, usr_pwd_reset_attempts_ctr=0, Currency=null, End Date=null, usr_deprovisioned_date=null, Pager=null, Time Format=null, usr_created=Sun May 08 00:22:58 MSD 2011, usr_deprovisioning_date=null, Color Contrast=null, PO Box=null, usr_create=Sun May 08 00:22:58 MSD 2011, LDAP GUID=null, Full Name=null, Accessibility Mode=null, Country=null, Xellerate Type=End-User Administrator, usr_change_pwd_at_next_logon=null, usr_pwd_expire_date=Mon Sep 05 00:22:58 MSD 2011, usr_pwd_cant_change=null, Email=null, usr_provisioned_date=null, Common Name=null, Automatically Delete On=null, Locked On=null, Start Date=null, Last Name=Administrator, usr_login_attempts_ctr=0, First Name=System, Locality Name=null, usr_manager_key=null, Number Format=null, usr_policy_update=null, Street=null, Embedded Help=null, usr_pwd_expired=null, Department Number=null, Hire Date=null, usr_createby=1, usr_pwd_warned=null, Home Postal Address=null, Telephone Number=null, Font Size=null, usr_updateby=1, Description=null, Home Phone=null, LDAP Organization Unit=null, usr_pwd_min_age_date=null, Fax=null, Postal Code=null, act_key=1, usr_key=1, User Login=XELSYSADM, Title=null, Status=Active, Generation Qualifier=null, Postal Address=null, State=null, usr_pwd_never_expires=null, Initials=null, usr_pwd_must_change=null, Role=Full-Time, LDAP DN=null, Password Generated=null, FA Language=null, usr_provisioning_date=null}

You may use wildcards to match entries, for example, to search users with logins beginning with "XEL", use the following search criteria:

SearchCriteria criteria = new SearchCriteria("User Login", "XEL*", SearchCriteria.Operator.EQUAL);


tcUserOperationsIntf service = oimClient.getService(tcUserOperationsIntf.class);
Map<String, String> attributes = Maps.newHashMap();
// Required attributes
attributes.put("Organizations.Key", 1L); // "Xellerate Users" key
attributes.put("Users.Xellerate Type", "End-User");
attributes.put("Users.Role", "Full-Time");
attributes.put("Users.Password", "Secret123");
// Optional attributes
attributes.put("Users.First Name", "Иван");
attributes.put("Users.Last Name", "Иванов");
attributes.put("Users.Middle Name", "Иванович");
attributes.put("Users.User ID", "IvanovII");
long key = service.createUser(attributes);

Note: if you send an empty attributes map to the createUser() call, the method will return 0 without throwing any exception :-(


Locate the user with the login "SOMEUSER" and change her start date attribute to the current date:

Map criteria = new HashMap();
criteria.put("Users.User ID", "SOMEUSER");
tcUserOperationsIntf service = getUserServices();
tcResultSet resultSet = service.findAllUsers(criteria);
Map<String, Object> attributes = new HashMap<String, Object>();
attributes.put("Users.Start Date", new Date());
service.updateUser(resultSet, attributes);


Delete the user with key 79110

tcUserOperationsIntf service = oimClient.getService(tcUserOperationsIntf.class);

Note: in OIM deleting user just means changing its Users.Status attribute from "Active" to "Deleted". To completely wipe out all user info, you will have to delete a DB record in the USR table and all references in other tables.


Attribute DB Column Required
Organizations.Key ACT_KEY Yes
Users.AD Reference USR_UPDATE_AD
Users.Created By USR_CREATEBY
Users.Creation Date USR_CREATE
Users.Deprovisioned Date USR_DEPROVISIONED_DATE
Users.Deprovisioning Date USR_DEPROVISIONING_DATE
Users.Disable User USR_DISABLED
Users.Disabled By Parent USR_DISABLED_BY_PARENT
Users.End Date USR_END_DATE
Users.First Name USR_FIRST_NAME
Users.Identity USR_FSS
Users.Key USR_KEY
Users.Last Name USR_LAST_NAME
Users.Manager Key USR_MANAGER_KEY
Users.Manager Login USERMANAGER
Users.Middle Name USR_MIDDLE_NAME
Users.Note (no more supported by entity manager in 11G!) USR_NOTE
Users.Password USR_PASSWORD Yes
Users.Password Cannot Change USR_PWD_CANT_CHANGE
Users.Password Challenge Question.Answer PCQ_ANSWER
Users.Password Challenge Question.Created By PCQ_CREATEBY
Users.Password Challenge Question.Creation Date PCQ_CREATE
Users.Password Challenge Question.Key PCQ_KEY
Users.Password Challenge Question.Note PCQ_NOTE
Users.Password Challenge Question.Question PCQ_QUESTION
Users.Password Challenge Question.Row Version PCQ_ROWVER
Users.Password Challenge Question.System Level PCQ_DATA_LEVEL
Users.Password Challenge Question.Update Date PCQ_UPDATE
Users.Password Challenge Question.Updated By PCQ_UPDATEBY
Users.Password Expiration Date USR_PWD_EXPIRE_DATE
Users.Password Must Change USR_PWD_MUST_CHANGE
Users.Password Never Expires USR_PWD_NEVER_EXPIRES
Users.Password Warning Date USR_PWD_WARN_DATE
Users.Provisioned Date USR_PROVISIONED_DATE
Users.Provisioning Date USR_PROVISIONING_DATE
Users.Role USR_EMP_TYPE Yes
Users.Row Version USR_ROWVER
Users.Start Date USR_START_DATE
Users.Status USR_STATUS
Users.System Level USR_DATA_LEVEL
Users.Update Date USR_UPDATE
Users.Updated By USR_UPDATEBY
Users.User ID USR_LOGIN Yes
Users.Xellerate Type USR_TYPE Yes

See also

  1. Open A Client Connection To Oim Server
  2. Print tcResultSet
  3. Work with organizations
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License