Sunday, April 25, 2010

OIM-Builds

Description

All the OIM Patches Details as Below.

Bundle Patch Number: 9.1.0.2. BP01
Bundle Patch Number: 9.1.0.2. BP02
Bundle Patch Number: 9.1.0.2. BP03 (re-released)
Bundle Patch Number: 9.1.0.2. BP04
Bundle Patch Number: 9.1.0.2. BP05
Bundle Patch Number: 9.1.0.2. BP06
Bundle Patch Number: 9.1.0.2. BP07

Description


Purpose of this document is to provide up-to-date information about Oracle Identity Manager Bundle Patches for version 9.1.0.2 along with list of bugs fixed in respective Bundle Patches(BP).

Note: Oracle WebLogic Server (WLS) 10.3.1 or later patchsets (incl. 10.3.2) is now certified with OIM 9.1.0.2 and its bundle patches.


These Bundle Patches are cumulative in nature. For example, "assume" latest BP for 9.1.0.2 is BP02 and you have currently applied 9.1.0.2 BP01. Now if you apply 9.1.0.2
. BP02, you will get fixes for 9.1.0.2 BP01.

The base OIM 9.1.0.2 (Build number 1865.28) can be downloaded using Patch 8484010. You can upgrade to release 9.1.0.2 if any one of the following conditions is true:


You are running Oracle Identity Manager release 9.1.0 on Oracle Application Server and the patch set for Arabic language support has been installed.

Date values returned from a stored procedure adapter were truncated to 7 characters.


An approval workflow with the Depends On feature could not disable or enable a resource.

Bundle Patch Number : 9.1.0.2. BP03 (re-released)
OIM Build Number : 1866.10
Metalink/My Oracle Support Patch Number : Patch 9082856

The Design Console did not support creation of e-mail in multiple languages.

In the display of attestation request results, users were listed in sorted order on each page. The expected outcome was that the entire list of users (across multiple pages) would be sorted and displayed.

Assignment rules created for approval workflows did not work.


XML import of an object definition into Oracle Identity Manager failed if the name of the object contained more than 78 characters.

After initial reconciliation, the status of the AD User resource changed from Provisioned to Enabled during the next reconciliation run. The status did not change back to Provisioned in any of the subsequent runs.

Data types of process form fields did not match data types of resource object reconciliation attributes.


During reconciliation, a UDF of the OIM User was not updated by the update user API in the task adapter.

The OST_KEY was incorrectly mapped when target resource reconciliation was run for the second time for the same account.
  1. The out-of-memory error was encountered when a generic technology connector containing the CSV Reconciliation Format Provider was used to run trusted source reconciliation for a million records.
  2. E-mail notification was not sent to the process owner when an attestation request was declined by the reviewer.

  3. Bundle Patch Number : 9.1.0.2. BP04
    OIM Build Number : 1866.14

    Metalink/My Oracle Support Patch Number :
    Patch 9070428


    BUG FIXED Are as Below
    When a resource was revoked, pending tasks of the revoking request got the request key of the original provisioning request.

    While running the attestation process with Manager as the scope and the Recursive option enabled, the ORA-01795 error was encountered if the manager had more than 1000 subordinates.

    The "Column OIU_KEY Not found" error was encountered when a request was submitted.

    The Attestation Declined e-mail notification and the declined task were not sent to the process owner group.
    If Oracle Identity Manager was using Microsoft SQL Server and the XL.ApplyNoLockHintInQuery property was set to true, then for some specific query patterns the WITH (NOLOCK) tip was appended to the end of the SQL statement.
    Bundle Patch Number : 9.1.0.2. BP05
    OIM Build Number : 1866.19
    Metalink/My Oracle Support Patch Number :
    Patch 9236586



    BUG FIXED Are as Below

    The ORA-936 error was encountered on trying to provision an account on a database by using the GTC Database Application Tables connector.
    The error condition for a missing active version of the process form was not logged.
    At times, the SSL handshake performed through a generic technology connector failed.
    Resources displayed on the Administrative and User Console were not sorted by default.
    An attestation process that had already started could not be modified.
    The IT Resource lookup form did not show translated values for some entries.
    While using a generic technology connector, tceventnotfoundexception was encountered when you performed full reconciliation using a flat file.
    No error was thrown when there were duplicate entries for child forms

    Bundle Patch Number : 9.1.0.2. BP06
    OIM Build Number : 1866.24
    Metalink/My Oracle Support Patch Number :
    Patch 9310713



    BUG FIXED Are as Below

    The Organization lookup field stopped responding if a large number of organizations were loaded.
    Java heap space errors were encountered when you ran Oracle Identity Manager release 9.1.0.2 on an Oracle Application Server cluster.
    The Bulk Load utility could be run only from the computer on which the Oracle Identity Manager database was installed. You could not run the utility from a remote computer.
    For an Oracle Identity Manager installation running on Microsoft SQL Server, the Diagnostic Dashboard test for JDBC XA procedures did not work correctly.
    Pending resource approval tasks were not displayed to a proxy user.

    If an adapter called a stored procedure, Driver Manager debug messages were recorded in the application server log file. There was no way to disable these debug messages.

    When the Bulk Load utility was run for a large number of users with the default batch size (10000), the ORC key in the ORC table was different from the ORC key in the resource table (UD_XXX) for the same user.

    For an Oracle Identity Manager installation using Microsoft SQL Server, if an access policy with a large number of resources was modified, then CPU usage on the database computer reached 100 percent.

    The WRITE permission is required to assign or unassigned a resource object to or from an organization. However, this permission was not checked before a resource object was assigned to an organization.
    A column could be created in Form Designer with the same name as a system-reserved column.
    The Group Membership report showed incorrect data in the Effective From Date column

    Bundle Patch Number : 9.1.0.2. BP07
    OIM Build Number : 1866.25
    Metalink/My Oracle Support Patch Number :
    Patch 9389436



    BUG FIXED Are as Below

    The tcEmailNotificationUtil API could not parse a multiple e-mail address array.

    An error caught by the tcRequestOperationsBean event handler was not displayed on the console.

    An error was encountered when an approver tried to view an approval request.

Thursday, April 22, 2010

How to UnLock "xelsysadm" User

If you have another user with administrator rights, use it to unlock xelsysadm.
If not, then use sqldeveloper to browse the usr table and change the columns "usr_login_attempts_ctr" and "usr_locked" to 0 for xelsysadm user.

update usr set usr_login_attempts_ctr=0 where usr_login='XELSYSADM';
update usr set usr_locked=0 where usr_login='XELSYSADM';
commit;

Wednesday, April 7, 2010

Oracle JDeveloper 11g keyboard shortcuts

List of shortcut keys

Shortcut

Command

How useful(?)

File Menu

Oracle JDeveloper

ctrl+n

New Gallery

+ –

ctrl+o

Open

+ –

View Menu:

Oracle JDeveloper

ctrl+shft+a

Applications Navigator

+ –

ctrl+shft+c

Constraints

+ –

ctrl+shft+d

Data Control Palette

+ –

ctrl+shft+h

hierarchy

+ –

ctrl+shft+i

Property Inspector

+ –

ctrl+shft+l

Log Window

+ –

ctrl+shft+n

System Navigator

+ –

ctrl+shft+o

Connection Navigator

+ –

ctrl+shft+p

Component Palette

+ –

ctrl+shft+s

Structure Pane

+ –


Find/Replace Menu

Oracle JDeveloper

ctrl+f

Find

+ –

ctrl+shft+f

Find in Files

+ –


Navigate menu

Oracle JDeveloper

alt+left

back

+ –

ctrl-shft+backspace

goto last edit

+ –

ctrl+equals

Goto Recent Files

+ –

ctrl+minus

Browse Symbol

+ –

alt+f8

Goto Next Message

+ –

alt+f7

Goto Previous Message

+ –


Run Menu

Oracle JDeveloper

f11

Run Project

+ –

ctrl+f9

Make Project

+ –

alt+f9

Rebuild Project

+ –


Debug Menu

Oracle JDeveloper

shft+f9

Debug Project

+ –


Refactor Menu

Oracle JDeveloper

ctrl+alt+r

Rename

+ –

ctrl+alt+F

Introduce Field

+ –

ctrl+alt+V

Introduce Variable

+ –

ctrl+alt+P

Introduce Parameter

+ –

Ctrl+alt+C

Introduce Constant

+ –


Miscellaneous

Oracle JDeveloper

shft+f10

Context Menu (right-click)

+ –

Tuesday, April 6, 2010

Introduction to Single Sign-On - Refrence - "Open Group" - "Oracle ESSO"- PENDING

BASIC CONCEPT- "ESSO"

Enterprise single sign-on (E-SSO) systems are designed to minimize the number of times that a user must type their ID and password to sign into multiple applications. The E-SSO solution automatically logs users in, and acts as a password filler where automatic login is not possible.

Default Sign on in the Windows Interwork

Each enterprise application often has different security requirements and, as a consequence, users in many organizations are forced to remember multiple different passwords for various applications.In many organizations, users are often forced to remember more than six different passwords for various enterprise resources. As a result, there is a need to enable a simple and secure way for enterprise users to access heterogeneous applications (e.g. Microsoft Windows, Java, Mainframe applications etc) by signing on just once to their windows desktop. This should not only circumvent the need to remember credentials for individual applications but also
enhance user productivity by eliminating helpdesk calls associated with forgotten passwords.

The Oracle Enterprise Single Sign-on (Oracle ESSO) Suite facilitates a way for desktop users to access enterprise applications by signing on just once to their desktops using a single set of credentials.


As IT systems proliferate to support business processes, users and system administrators are faced with an increasingly complicated interface to accomplish their job functions. Users typically have to sign-on to multiple systems, necessitating an equivalent number of sign-on dialogues, each of which may involve different usernames and authentication information. System administrators are faced with managing user accounts within each of the multiple systems to be accessed in a co-ordinated manner in order to maintain the integrity of security policy enforcement. This legacy approach to user sign-on to multiple systems is illustrated below:



Historically a distributed system has been assembled from components that act as independent security domains. These components comprise individual platforms with associated operating system and applications.

These components act as independent domains in the sense that an end-user has to identify and authenticate himself independently to each of the domains with which he wishes to interact. This scenario is illustrated above. The end user interacts initially with a Primary Domain to establish a session with that primary domain. This is termed the Primary Domain Sign-On in the above diagram and requires the end user to supply a set of user credentials applicable to the primary domain, for example a username and password. The primary domain session is typically represented by an operating system session shell executed on the end user's workstation within an environment representative of the end user (e.g., process atrributes, environment variables and home directory). From this primary domain session shell the user is able to invoke the services of the other domains, such as platforms or applications.

To invoke the services of a secondary domain an end user is required to perform a Secondary Domain Sign-on. This requires the end user to supply a further set of user credentials applicable to that secondary domain. An end user has to conduct a separate sign-on dialogue with each secondary domain that the end user requires to use. The secondary domain session is typically represented by an operating system shell or an application shell, again within an environment representative of the end user. From the management perspective the legacy approach requires independent management of each domain and the use of multiple user account management interfaces. Considerations of both usability and security give rise to a need to co-ordinate and where possible integrate user sign-on functions and user account management functions for the multitude of different domains now found within an enterprise. A service that provides such co-ordination and integration can provide real cost benefits to an enterprise through:

reduction in the time taken by users in sign-on operations to individual domains, including reducing the possibility of such sign-on operations failing

improved security through the reduced need for a user to handle and remember multiple sets of authentication information.

reduction in the time taken, and improved response, by system administrators in adding and removing users to the system or modifying their access rights.

improved security through the enhanced ability of system administrators to maintain the integrity of user account configuration including the ability to inhibit or remove an individual user's access to all system resources in a co-ordinated and consistent manner.





Such a service has been termed Single Sign-On after the end-user perception of the impact of this service. However, both the end-user and management aspects of the service are equally important. This approach is illustrated in the diagram above. In the single sign-on approach the system is required to collect from the user as, part of the primary sign-on, all the identification and user credential information necessary to support the authentication of the user to each of the secondary domains that the user may potentially require to interact with. The information supplied by the user is then used by Single Sign-On Services within the primary domain to support the authentication of the end user to each of the secondary domains with which the user actually requests to interact.

The information supplied by the end-user as part of the Primary Domain Sign-On procedure may be used in support of secondary domain sign-on in several ways:

Directly, the information supplied by the user is passed to a secondary domain as part of a secondary sign-on.

Indirectly, the information supplied by the user is used to retrieve other user identification and user credential information stored within the a single sign-on management information base. The retrieved information is then used as the basis for a secondary domain sign-on operation.

Immediately, to establish a session with a secondary domain as part of the initial session establishment. This implies that application clients are automatically invoked and communications established at the time of the primary sign-on operation.

Temorarily stored or cached and used at the time a request for the secondary domain services is made by the end-user.

From a management perspective the single sign-on model provides a single user account management interface through which all the component domains may be managed in a coordinated and synchronised manner.

Significant security aspects of the Single Sign-On model are:

the secondary domains have to trust the primary domain to:
  • correctly assert the identity and authentication credentials of the end user,
  • protect the authentication credentials used to verify the end user identity to the secondary domain from unauthorised use.

    The authentication credentials have to be protected when transfered between the primary and secondary domains against threats arising from interception or eavsdropping leading to possible masquerade attacks.

General requirements for E-SSO
  • The solution needs to be highly available.
  • The solution needs to provide interfaces for backup, 24x7 monitoring and operations, etc.
    The solution needs to be able to scale to many thousands of users accessing enterprise software.
  • The solution should be able to support the company-internal standards defined for efficient operations and integration without problems (e.g., directory server standards, authentication standards, etc.).
  • The solution should be able to easily integrate in related IT solutions, for example existing identity management solutions, security event management solutions, application management solutions, or desktop software distribution solutions.

Oracle ESSO enabled application logon include

User requests access to an enterprise application, which can be a Windows®, mainframe, web or Java-based application.

The Oracle ESSO Logon Manager Agent intercepts the user request on his desktop.

The Oracle ESSO Logon Manager retrieves the user record and then fills in the appropriate credentials for the Oracle ESSO enabled application. The application-specific username and password are then sent to the application.

User is granted access to the application.

component of Oracle-ESSO

Oracle Enterprise Single Sign-On Anywhere

- Simplifies Oracle Enterprise Single Sign-On Sign-On deployments to client desktops thereby facilitating faster deployment, reduces overall deployment costs and automates updates and rollbacks and version control on the client deployment packages

Oracle Enterprise Single Sign-On Logon Manager

- Strengthen security and improve user productivity by enabling individuals to securely use a single login credential to all web-based, client-server and legacy applications;

Oracle Enterprise Single Sign-On Password Reset

- Reduce helpdesk costs and improve user experience by enabling strong password management for Microsoft Windows through secure, flexible, self-service interfaces;

Oracle Enterprise Single Sign-On Authentication Manager

- Enforce security policies and ensure regulatory compliance by allowing organizations to use a combination of tokens, smart cards, biometrics and passwords for strong authentication throughout the enterprise;

Oracle Enterprise Single Sign-On Provisioning Gateway

- Improve operational efficiencies by enabling organizations to directly distribute single log-in credentials to Oracle Enterprise Single Sign-On Sign-On Manager based on provisioning instructions from Oracle Identity Manager; and

Oracle Enterprise Single Sign-On Kiosk Manager

- Enhance user productivity and strengthen enterprise security by allowing users to securely access enterprise applications even at multi-user kiosks and distributed workstations.

Monday, April 5, 2010

OIM Tables Descriptions

Note: Custom Tables are created for user defined Object / Process Forms.

TABLE NAME IN OIM

DESCRIPTION OF TABLE

AAD

List To Define The Administrators For Each Organization And Their Delegated Admin Privileges

AAP

Table for storing Resource - Organization level parameter Values

ACP

ACP - Link Table That Holds Reference To ACT And PKG Tables, Table That Defines The Objects (Resources) Allowed For A Particular Organization

ACS

Link Table for Account Table(ACT) and Server Table(SVR)

ACT

Defines information about all organizations created through Xellerate

ADJ

Contains the Java API information for the constructor with parameters and method name with parameters chosen for an adapter task of type JAVA, UTILITY, TAME,REMOTE, or XLAPI.

ADL

Contains the all of the necessary parameters for an adapter task of type IF, ELSE IF,FOR, WHILE, SET, and VARIABLE tasks. These type of tasks are known as LOGICTASKS

ADM

Data mapping between parameters input/output parameters and source/sink

ADP

Defines an adapter created through the Adapter Factory

ADS

Database,schema and procedure name selections which define a stored procedure adaptertask

ADT

Defines a task attached to an adapter

ADU

Contains the web service and method chosen for a task of the Adapter Factory

ADV

Adapter variable table contains variables that have been created for specific adapters.

AFM

Links an adapter with a form

AGS

Holds the definition of organization/contact groups

AOA

Contains the OpenAdapter property file for OpenAdapter

APA

To store attestation process administrators

APD

To store attestation Process definition

APT

To store the attestation tasks

ARS

Contains custom response codes for 'Process Task' Adapters only

ATD

To store entitlement details for each attestation task

ATP

Defines input and output parameters for the constructor and method of an adapter taskof type JAVA, UTILITY, TAME, REMOTE, and XLAPI

ATR

To store attestation requests

ATS

Stores which services or can be ordered by which organizations and which rates apply

AUD

Define the Auditors

AUD_JMS

 

CRT

Trusted Certificate Information

DAV

Stores the runtime data mappings for 'Entity' & 'Rule Generator' adapters. The data source being an Xellerate form or child table,or a user defined process form.

DEP

Dependencies among Tasks Within A Workflow Process

DOB

Data Resource definition consisting of the fully qualified class name of the dataobject

DVT

Defines the one to many relationship between Data Resources and Event Handlers (this includes adapters)

EIF

Export Import Files. Each row contains one single file used in export/import operation. For export there is only one file

EIH

Export Import History. Each row represents one Data Deployment Management session.

EIL

DB Based lock for export operation. Used to make sure only one user can import at atime. This is currently not managed through data objects

EIO

Export Import Objects. Each row represents one object exported/imported

EIS

Substitutions used during import process

EMD

Core --Email Definition Information Table That Holds The Email Template Definitions

ERR

Error codes

ESD

Encrypted columns not within the bounds of the SDK

EVT

Defines event handlers by providing a process and class name. In addition the scheduling time of when the event handler can execute is set to pre (insert, update, delete) or post (insert, update, delete)

FUG

List to define the administrators for each user defined object in the 'StructureUtility' form or for each user defined field in the 'User Defined FieldDefinition' form

GPG

List to define the (nested) group members of User Group in the 'User Group' form.

GPP

List to define the Administrators and their delegated admin rights over a User Group

GPY

Joins Properties (PTY) and Groups (UGP).

IEI

Table where all the imports and exports are defined

LAY

Table where the layouts are defined for the various imports and exports

LIT

Import/export table.

LKU

Lookup definition entries

LKV

Lookup values

LOB

Import/export table.

LOC

Holds information about locations

MAP

XML MapSchema Information

MAV

Stores the runtime data mappings for 'Process Task' adapters. The data source being a process form, Location, User, Organization, Process, IT Resource, orLiteral data.

MEV

E-mail notification events

MIL

Holds information about tasks of a process

MSG

Defines the user groups that have permission to set the status of a process task.

MST

Task Status And Object Status Information. Holds All The Task Status To Object Status Mappings

OBA

Object Authorizer Information

OBD

Object Dependencies

OBI

Object Instance Information

OBJ

Resource Object definition information.

ODF

Holds Object To Process Form Data Flow Mappings.

ODV

Object Events/Adapters Information

OIO

Object Instance Request Target Organization Information.

OIU

Object Instance Request Target User Information.

OOD

Object Instance Request Target Organization Dependency Information.

ORC

This Entity Holds The Detail On Each Order. This Could Be Considered The Items Section Of An Invoice. This Entity Is The Instance Of A Particular Process

ORD

Holds information that is necessary to complete an order regardless of a processbeing ordered

ORF

Resource Reconciliation Fields

ORR

Object Reconciliation Action Rules

OSH

Task Instance Assignment History

OSI

Holds information about tasks that are created for an order

OST

Object Status Information

OUD

Object Instance Request Target User Dependency Information. Holds The Dependency Between Different Resource Instances Provisioned To A User.

OUG

List to define the administrators for each Resource

PCQ

Holds the challenging questions and answers for a user

PDF

Package data flow table holds the data flow relationships between packages

PHO

Holds all communication addresses for this contact -- e.g., contact telephone numbers,fax numbers, e-mail, etc.

PKD

Package dependency table holds the dependency relationships between child packages of a parent package

PKG

Consists of names and system keys of service processes, which consist of a group ofservices from the TOS table. Defines a Process in Xellerate.

PKH

Package Hierarchy Table Holds The Parent-child Relationships Between Processes

POC

Stores values for the child tables of the Object/Process form of a resource being provisioned by an access policy

POF

Policy field table holds the field value pairs that constitute the definition of apolicy

POG

Join table between Policy and User Groups, Specifies the groups to whom an access policy will apply.

POL

Policy Table Holds A Policy, Defines An Access Policy In The System

POP

Policy Package Join Table Holds The Packages That A Particular Policy Orders For User, Defines Which Resources Will Be Provisioned Or Denied For A Particular Access Policy.

PRF

Process Reconciliation Field Mappings

PRO

Defines a process name, scheduling frequency, and priority. A process is made up of oneor more tasks

PTY

Client Properties Table

PUG

List to define The Administrators And Their Delegated Admin Rights For Each Process.

PWR

Table forPassword Rule Policies

PXD

Table that holds the list of all Proxies Defined

QUE

Administrative queues definition

QUM

Administrative queue members

RAV

Stores the runtime data mappings for 'Pre-populate' adapters. The data source being an Xellerate form or child table, or a user defined form

RCA

Reconciliation Event Organizations Matched

RCB

Reconciliation Event Invalid Data

RCD

Reconciliation Event Data

RCE

Reconciliation Events

RCH

Reconciliation Event Action History

RCM

Reconciliation Event Multi-Valued Attribute Data

RCP

Reconciliation Event Processes Matched

RCU

Reconciliation Event Users Matched

REP

Table that contains all information about reports in the system

REQ

This table holds request information

RES

This table is used to stored adapter resources entered by the user.

RGM

Table for Response Code Generated Milestones

RGP

Rules To Apply To A User Group, Defines The Auto-group Membership Rules Attached To AParticular Group.

RGS

Defines all known registries. These are used by Web Service tasks in an Adapter to communicate with a web service

RIO

Request Organizations Resolved Object Instances

RIU

Request Users Resolved Object Instances

RLO

This table contains directory URLs which are referenced by Adapter Factoryjar/class files.

RML

Rules To Apply To Task, Defines The Task Assignment Rules Attached To A Process Task.

ROP

Rules To Apply To An Object-process Pair, Defines The Process Determination Rules Attached To A Resource Object.

RPC

Reconciliation Event Process Child Table Matches

RPG

Link table between Group table and Report Table. Specifies which group has accessto which reports

RPP

Parameters passed to report.

RPT

Stores information related to the creation of reports

RPW

Rules To Apply To A Password Policy, Defines The Policy Determination Rules Attached To A Password Policy.

RQA

Request target organization information.

RQC

Request comment information

RQD

Contains self-registration request data for web admin.

RQE

Request administrative queues

RQH

Requeststatus history

RQO

Request object information.

RQU

Request object target user information

RQY

Request Organizations Requiring Resolution

RQZ

Request Users Requiring Resolution

RRE

Reconciliation User Matching Rule Elements

RRL

Reconciliation User Matching Rules

RRT

Reconciliation User Matching Rule Element Properties

RSC

Defines the All The Possible Response Code For A Process Task.

RUE

Defines the Elements In A Rule Definition.

RUG

List to define the administrators for each Request

RUL

Rule definitions

RVM

Holds Recovery Milestones

SCH

Holds specific information about an instance of a ask such as its status orscheduled dates

SDC

Column metadata.

SDH

Meta-Table Hierarchy.

SDK

User define data object meta data definition

SDL

SDK version labels

SDP

User defined column properties

SEL

Data Object Permissions For Groups On A Specified Data object

SIT

The SIT table contains information about sites. Sites are subsets of locations.

SPD

IT Resource parameter definition

SRE

Defines Which Pre-populate Rule Generator Will Run For A Field Of User Defined DataObject.

SRP

Should be replaced by the rate table from a billing system. Here it holdspecific rates for specific services.

SRS

IT Resource - IT Resource join

STA

Status Codes

SUG

 

SVD

IT Resource type definition

SVP

IT Resource property definition

SVR

IT Resource instance definition

SVS

IT Resource - Site Join

TAP

Holds parameter values for a task, which is an instantiation of Valid Task,i.e. value for parameter Company Name, etc.

TAS

Holds instances of Valid Task. Examples of Valid Tasks would be reports, imports, etc. Valid TaskParameters indicate what parameters can be assassigned to an instance of a task, i.e

TDV

Used by event manager/data objects, joins data objects, types of service, and events

TLG

Keeps logof SQL transactions.

TMP

Indicates which tasks are in a process. Tasks are defined in table; this way, one task can be in many processes.

TOD

To do list settings table.

TOS

Holds information about a process

TSA

Stores initialization params (name/value pairs) forscheduler tasks

TSK

Scheduler task definition information

UDP

User-defined field table

UGP

Defines a group of users

UHD

User Policy Profile History Details table

ULN

This table hold UHD allow / deny list

UNM

"UnDoMilestone" Feature

UPA

 

UPA_FIELDS

Stores changes only for user profile audit history in de-normalized format

UPA_GRP_MEMBERSHIP

Stores groups membership history in de-normalized format

UPA_RESOURCE

Stores user profile resource history in de-normalized format

UPA_USR

Stores user profile history in de-normalized format

UPD

User Policy Profile Details table

UPH

User Policy Profile History table

UPL

User-defined field table

UPP

User Policy Profile table

UPT

User-defined field table

UPY

Joins Properties (PTY) and User (USR) tables.

USG

This table stores which users are in which groups.

USR

Stores all information regarding a user.

UWP

Window sequence, nesting in CarrierBase explorer for each user group.

VTK

Defines automation task types such as reports, imports, and exports.

VTP

Valid Task Parameters. Indicates which parameters can be defined for an instance of a task.

WIN

Windows table: Windows keys, descriptions, and class names.

XSD

This table holds Xellerate System Data