LDIF to CSV Converter

If we export the data from Active Directory then its exported in ldif format so below utility will convert ldif data to csv format.

How to convert from ldif to csv?

LDIF to CSV Converter:

1) Download the Software Converter utility "LDIFtoCSV-win32-v1.0.zip". Copy this utility in any      drive (Ex- D drive)

2) Put the Input file (testInput.ldif) in below software converter utility folder:

                 D:\LDIFtoCSV-win32-v1.0

3) Go to the" D:\LDIFtoCSV-win32-v1.0" utility folder path on cmd and run below command for converting the LDIF file to CSV.

                Command:
                LDIFtoCSV.exe -o <filetowriteoutput> -l <fileforlogging> <Inputfile.ldif>

                filetowriteoutput -->Output will be copied in this file in CSV format.
fileforlogging --> Log file will be generated in this file.
Inputfile.ldif --> This id the LDIF input file which data need to be converted in CSV.

               Example:
               LDIFtoCSV.exe -o TestOutput.csv -l TestOutput.log ranile.ldif
               
   
      

Retrofit Access Policy

Retrofit Access Policy

If you select Retrofit Access Policy, then the access policy is applied to all existing roles that you select during access policy creation. It means if existing user have the selected Roles then access policy will apply for those users also.

These evaluations do not happen immediately after the action. Instead, they happen during the next run of the Evaluate User Policies schedule task.

The evaluations can happen in the following scenarios:

Policy definition is updated so that the retrofit flag is set to ON. Policies are evaluated for all applicable users.

A role is added or removed from the policy definition. Policies are evaluated only for roles that is added or removed.

A resource is added, removed, or the Revoke If No Longer Applies flag value is changed for the resource.

In earlier releases of Oracle Identity Manager, when the Revoke if no longer applies option is selected in an access policy and the policy is no longer applicable, both the account and entitlements (child records) associated with the access policy are revoked. However, when the flag is not selected and the policy is no longer applicable, the account remains and the entitlements are revoked. Therefore, entitlements are revoked irrespective of the value of theRevoke if no longer applies option set for the policy when policy ceases to apply.

In Oracle Identity Manager 11g Release 1 (11.1.1), the Revoke if no longer applies option works not only at the account level, but also at the entitlements level so that the entitlements are not revoked if the option is not selected. For this enhancement to work, you must set the value of the "XL.AccessPolicyRevokeIfNoLongerAppliesEnhancement" system property to true.

When the value of the "XL.AccessPolicyRevokeIfNoLongerAppliesEnhancement"  system property is true, then the Revoke if no longer applies option is changed to Revoke resource and entitlements if no longer applies. When the value of this system property is false, then the Revoke if no longer applies option remains the same. By default, both the options are selected. For more information about this system property, see "Administering System Properties" in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Manager.

When policy data is updated or deleted. This includes both parent and child form data. Policies are evaluated for all applicable users.

For more details follow the Oracle website-

http://docs.oracle.com/cd/E25054_01/doc.1111/e14316/accesspolicies.htm

Fetch User Profile Attribute value from OIM

Below code will fetch user profile attribute value from OIM
======================================================================
For Client Code below JAR need to be added in Eclipse or JDeveloper.

1) commons-logging.jar
2) jrf-api.jar
3) oimclient.jar
4) spring.jar
5) wlfullclient.jar
===========================================================

===========================================================
import java.util.HashMap;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import javax.security.auth.login.LoginException;
import Thor.API.tcResultSet;
import Thor.API.Exceptions.tcAPIException;
import Thor.API.Operations.tcUserOperationsIntf;
import oracle.iam.identity.exception.NoSuchUserException;
import oracle.iam.identity.exception.UserLookupException;
import oracle.iam.platform.OIMClient;
import oracle.iam.platform.authz.exception.AccessDeniedException;
import oracle.iam.provisioning.api.ProvisioningService;
import oracle.iam.provisioning.vo.Account;


public class ProfileAttributeValue {

    public static OIMClient oimClient;
    public  void OIMConnection(){

System.out.println("Trying to established oim client");
System.out.println("inside OIM Connection");
String oimInitialContextFactory = "weblogic.jndi.WLInitialContextFactory";
// set up the environment for making the OIM API invocation
java.util.Hashtable<String, String> env = new java.util.Hashtable<String, String>();
env.put(oracle.iam.platform.OIMClient.JAVA_NAMING_FACTORY_INITIAL,oimInitialContextFactory);
env.put(oracle.iam.platform.OIMClient.JAVA_NAMING_PROVIDER_URL, "t3://localhost:14000");

//provide the authwl.conf file path from your local system. Copy the authwl.conf from designconsole\config to your local system
System.setProperty("java.security.auth.login.config", "C:\\Software\\designconsole\\designconsole\\config\\authwl.conf");   //Update path of authwl.conf file according to your environment    
System.out.println("inside OIM Connection22");
System.setProperty("OIM.AppServerType", "wls");        
   System.setProperty("APPSERVER_TYPE", "wls");
    oimClient = new OIMClient(env);
 System.out.println("inside OIM Connection44");

 try {
//Update password of Admin with your environment password
oimClient.login("xelsysadm","Password".toCharArray());
} catch (LoginException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

   System.out.print("Successfully Connected to OIM ");

}
    public void searchUser(String Userid){
    ProvisioningService ps = oimClient.getService(ProvisioningService.class);
         tcUserOperationsIntf userintf = oimClient.getService(tcUserOperationsIntf.class);
         System.out.println("inside getUserDetails method");
         System.out.println("User id --->"+Userid);
       
       
         HashMap userMap = new HashMap();
           try {
          //Fetching the User Profile attribute details
            userMap.put("Users.User ID", Userid);
            tcResultSet moResultSet = userintf.findUsers(userMap);
            String[] CName=moResultSet.getColumnNames();
       
            for(String cname :CName){
             System.out.println(cname+"--->"+moResultSet.getStringValue(cname));
          // System.out.println("Manager login is --->"+moResultSet.getStringValue("USERS.MANAGER LOGIN"));
         
            }

               }
           catch (Exception e) {
            e.printStackTrace();
           }

    }
    public static void main(String[] args) throws NoSuchUserException, UserLookupException, AccessDeniedException {
// TODO Auto-generated method stub
    ProfileAttributeValue findusr=new ProfileAttributeValue();
    findusr.OIMConnection();
    //Provide the User Login
findusr.searchUser("userLogin");

}
 

}

Client Code for Disabling/Enabling/revoking Application Instances in OIM

OIM Client code fro Disabling/Enabling/Revoking the particular resource for OIM11gR2
=====================================================================================
Below query will fetch the mil_key based on requirement (Disable/Enable/Revoke) which can be used in Java code.

------------------------------------------------------------------------
 mil_key Query for Disabling the AD resource-

 select mil_key , mil_name from mil where tos_key in
(select tos_key from tos where pkg_key in (select pkg_key from pkg where pkg_name ='AD User'))  and mil_name ='Disable User';
------------------------------------------------------------------------
 mil_key Query for Enabling the AD resource-

 select mil_key , mil_name from mil where tos_key in
(select tos_key from tos where pkg_key in (select pkg_key from pkg where pkg_name ='AD User'))  and mil_name ='Enable User';
------------------------------------------------------------------------
 mil_key Query for Revoking the AD resource-

 select mil_key , mil_name from mil where tos_key in
(select tos_key from tos where pkg_key in (select pkg_key from pkg where pkg_name ='AD User'))  and mil_name ='Delete User';
------------------------------------------------------------------------
Table Information-

pkg table- Consists of names and system keys of service processes, which consist of a group of services from the TOS table. Defines a Process in Xellerate.
tos table- Holds information about a process
mil- Holds information about tasks of a process
-------------------------------------------------------------------------
Input file name would be Input1.csv. Input file would be like below-

userLogin1,orcKey1
userLogin2,orcKey2
-------------------------------------------------------------------------
Java Code for
===================================================
import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.security.auth.login.LoginException;
import Thor.API.Exceptions.tcAPIException;
import Thor.API.Exceptions.tcTaskNotFoundException;
import Thor.API.Operations.tcProvisioningOperationsIntf;
import oracle.iam.platform.OIMClient;


public class DisableApplication {
public static OIMClient oimClient;
//Pass the mil key fetched from above query as per the requirement
public static String MIL_KEY = "187";
public void OIMConnection(){

String oimInitialContextFactory = "weblogic.jndi.WLInitialContextFactory";
java.util.Hashtable<String, String> env = new java.util.Hashtable<String, String>();
env.put(oracle.iam.platform.OIMClient.JAVA_NAMING_FACTORY_INITIAL,oimInitialContextFactory);
//Provide the OIM t3 URL below
env.put(oracle.iam.platform.OIMClient.JAVA_NAMING_PROVIDER_URL, "t3://localhost:14000");
//provide the authwl.conf file path from your local system. Copy the authwl.conf from designconsole\config to your local system
System.setProperty("java.security.auth.login.config", "C:\\Software\\designconsole\\designconsole\\config\\authwl.conf");
System.setProperty("OIM.AppServerType", "wls");        
   System.setProperty("APPSERVER_TYPE", "wls");
   oimClient = new OIMClient(env);
   try {
//Pass the OIM Admin Username and password
oimClient.login("xelsysadm","Password".toCharArray());
System.out.println("Connected Successfully");
} catch (LoginException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}

public void ReadDataFromFile() throws IOException{
String delimeter=",";
String userLogin;
String orcKey;
HashMap userList=new HashMap();
BufferedReader reader=new BufferedReader(new InputStreamReader(new FileInputStream("C:/CB/input1.csv")));
System.out.println("Data Read success");
for(String userDataLine=reader.readLine(); userDataLine!=null; userDataLine=reader.readLine()){
String[] tokens=userDataLine.split(delimeter, 100000);
userLogin = tokens[0];
orcKey = tokens[1];
userList.put(orcKey,userLogin);
System.out.println("UserList is::::"+userList);
}
AddRevokeTask(userList);
//System.out.println("Adding Task");
}
public void AddRevokeTask(HashMap userListMap){
System.out.println("::::Inside Add Revoke Task Method::::");
String userLogin="";
String orcKey="";
tcProvisioningOperationsIntf provOper=oimClient.getService(tcProvisioningOperationsIntf.class);
Iterator itr=userListMap.entrySet().iterator();
int count=0;
while(itr.hasNext())
{
count++;
Map.Entry e=(Map.Entry) itr.next();
orcKey=(String) e.getKey();
//orcKey is process Instance Key
System.out.println("orcKey is::::"+orcKey);
userLogin=(String) e.getValue();
System.out.println("userLogin is::::"+userLogin);
try {
provOper.addProcessTaskInstance(Long.parseLong(MIL_KEY), Long.parseLong(orcKey));

System.out.println("Task has been added successfully");
} catch (NumberFormatException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (tcAPIException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (tcTaskNotFoundException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
}

}
public static void main(String[] args) throws IOException{
DisableApplication da=new DisableApplication();
da.OIMConnection();
da.ReadDataFromFile();

}
}

Role Operation in OIM

Below code will add role to user, Revoke role from user, Fetch Role from user
======================================================================
For Client Code below JAR need to be added in Eclipse or JDeveloper.

1) commons-logging.jar
2) jrf-api.jar
3) oimclient.jar
4) spring.jar
5) wlfullclient.jar
==============================================================

import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.security.auth.login.LoginException;
import oracle.iam.platform.OIMClient;
import oracle.iam.platform.authz.exception.AccessDeniedException;
import oracle.iam.identity.exception.RoleGrantException;
import oracle.iam.identity.exception.RoleGrantRevokeException;
import oracle.iam.identity.exception.UserMembershipException;
import oracle.iam.identity.exception.ValidationFailedException;
import oracle.iam.identity.rolemgmt.api.RoleManager;
import oracle.iam.identity.rolemgmt.vo.RoleManagerResult;

public class AddRole {
public static OIMClient oimClient;

public void OIMConnection(){

String oimInitialContextFactory = "weblogic.jndi.WLInitialContextFactory";
java.util.Hashtable<String, String> env = new java.util.Hashtable<String, String>();
env.put(oracle.iam.platform.OIMClient.JAVA_NAMING_FACTORY_INITIAL,oimInitialContextFactory);
//Provide the OIM t3 URL below
env.put(oracle.iam.platform.OIMClient.JAVA_NAMING_PROVIDER_URL, "t3://localhost:14000");
//provide the authwl.conf file path from your local system. Copy the authwl.conf from designconsole\config to your local system
System.setProperty("java.security.auth.login.config", "C:\\Software\\designconsole\\designconsole\\config\\authwl.conf");
System.setProperty("OIM.AppServerType", "wls");        
   System.setProperty("APPSERVER_TYPE", "wls");
   oimClient = new OIMClient(env);
   try {
//Provide the OIM admin Username and Password
oimClient.login("xelsysadm","Welcome123".toCharArray());
System.out.println("Connected Successfully");
} catch (LoginException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}

public void addRole(){

//User Key value
Long userKey=(long) 13597;
String ukey=String.valueOf(userKey);//
Set hset=new HashSet();
hset.add(ukey);
RoleManager rolemgr=oimClient.getService(RoleManager.class);
//Role Key value
String roleKey="22";

    List roles=new ArrayList();//For storing the fetched roles

try {
RoleManagerResult rs=null;
//Adding the Role to user
rs=rolemgr.grantRole(roleKey,hset);
   System.out.println("Role has been added");
 //Revoking the Role from user-->Uncomment if want to revoke
//rs=rolemgr.revokeRoleGrant(roleKey, hset);
System.out.println("Role has been revoked");
//fetching the roles-->Uncomment if want to fetch roles details from user
//roles= rolemgr.getUserMemberships(ukey, true);
System.out.println("Role List is:::::"+"\n"+roles);
}  catch (AccessDeniedException | ValidationFailedException | RoleGrantException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}

public static void main(String[] args){
AddRole ar=new AddRole();
ar.OIMConnection();
ar.addRole();
}
}

Update User Profile Attribute Value in OIM

Below code will update the User Profile attribute value.

===============================================================
For Client Code below JAR need to be added in Eclipse or JDeveloper.

1) commons-logging.jar
2) jrf-api.jar
3) oimclient.jar
4) spring.jar
5) wlfullclient.jar

==============================================================
Update User Profile Attribute Code-
==============================================================
import java.util.HashMap;
import java.util.HashSet;
import java.util.Set;
import javax.security.auth.login.LoginException;
import oracle.iam.identity.exception.NoSuchUserException;
import oracle.iam.identity.exception.SearchKeyNotUniqueException;
import oracle.iam.identity.exception.UserModifyException;
import oracle.iam.identity.exception.ValidationFailedException;
import oracle.iam.identity.usermgmt.api.UserManager;
import oracle.iam.identity.usermgmt.vo.User;
import oracle.iam.platform.OIMClient;
import oracle.iam.platform.authz.exception.AccessDeniedException;


public class UpdateProfileAttribute {

public static OIMClient oimClient;

public void OIMConnection(){

String oimInitialContextFactory = "weblogic.jndi.WLInitialContextFactory";
java.util.Hashtable<String, String> env = new java.util.Hashtable<String, String>();
env.put(oracle.iam.platform.OIMClient.JAVA_NAMING_FACTORY_INITIAL,oimInitialContextFactory);
env.put(oracle.iam.platform.OIMClient.JAVA_NAMING_PROVIDER_URL, "t3://10.2.78.11:14000");
System.setProperty("java.security.auth.login.config", "C:\\Software\\designconsole\\designconsole\\config\\authwl.conf");
System.setProperty("OIM.AppServerType", "wls");        
   System.setProperty("APPSERVER_TYPE", "wls");
   oimClient = new OIMClient(env);
   try {
oimClient.login("xelsysadm","Password".toCharArray());
System.out.println("Connected Successfully");
} catch (LoginException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public void updateProfileAttribute() throws ValidationFailedException, UserModifyException, SearchKeyNotUniqueException{
System.out.println("<----Inside Assign Mail Method---->");
UserManager usrmgr=oimClient.getService(UserManager.class);

Set<String> resAttr=new HashSet<String>();
try {
HashMap<String, Object> userAttributeValueMap = new HashMap<String, Object>();
userAttributeValueMap.put("Email", "test@gmail.com");
System.out.println("User Attribute Map is"+userAttributeValueMap);
//Provide the user key for user which attribute need to be updated
String ukey="369";
User user = new User(ukey, userAttributeValueMap);
System.out.println("User  Map is"+user);
try {
usrmgr.modify(user);
System.out.println("User Modified Successfully");
} catch (NoSuchUserException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

   
} catch (AccessDeniedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}


}

public static void main(String args[]) throws ValidationFailedException, UserModifyException, SearchKeyNotUniqueException{
UpdateProfileAttribute upa=new UpdateProfileAttribute();
upa.OIMConnection();  //Calling the method for OIM Connection
upa.updateProfileAttribute();  //Calling the update method

}

}

Fetch Application Instances, ORC Key, Resource Status

Below code will Fetch the assigned Application Instances (Resources), Resource Status and ORC Key from user
==============================================================
For Client Code below JAR need to be added in Eclipse or JDeveloper.

1) commons-logging.jar
2) jrf-api.jar
3) oimclient.jar
4) spring.jar
5) wlfullclient.jar
==============================================================

import java.util.ArrayList;
import java.util.List;

import javax.security.auth.login.LoginException;

import oracle.iam.identity.exception.NoSuchUserException;
import oracle.iam.identity.exception.UserLookupException;
import oracle.iam.platform.OIMClient;
import oracle.iam.platform.authz.exception.AccessDeniedException;
import oracle.iam.provisioning.api.ProvisioningService;
import oracle.iam.provisioning.exception.GenericProvisioningException;
import oracle.iam.provisioning.exception.UserNotFoundException;
import oracle.iam.provisioning.vo.Account;
import oracle.iam.provisioning.vo.ApplicationInstance;


public class FetchAppInstance {

public static OIMClient oimClient;


public void OIMConnection(){

String oimInitialContextFactory = "weblogic.jndi.WLInitialContextFactory";
java.util.Hashtable<String, String> env = new java.util.Hashtable<String, String>();
env.put(oracle.iam.platform.OIMClient.JAVA_NAMING_FACTORY_INITIAL,oimInitialContextFactory);
//Provide the OIM t3 URL below
env.put(oracle.iam.platform.OIMClient.JAVA_NAMING_PROVIDER_URL, "t3://localhost:14000");
//provide the authwl.conf file path from your local system. Copy the authwl.conf from designconsole\config to your local system
System.setProperty("java.security.auth.login.config", "C:\\Software\\designconsole\\designconsole\\config\\authwl.conf");
System.setProperty("OIM.AppServerType", "wls");        
   System.setProperty("APPSERVER_TYPE", "wls");
   oimClient = new OIMClient(env);
   try {
//Pass the OIM Admin Username and password
oimClient.login("xelsysadm","Password".toCharArray());
System.out.println("Connected Successfully");
} catch (LoginException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}

public void fetchAppInst(Long userKey){
String ukey=String.valueOf(userKey);
ProvisioningService ps = oimClient.getService(ProvisioningService.class);
List<Account> userAccount;
try {
userAccount = ps.getAccountsProvisionedToUser(ukey);
System.out.println("size of list--->" + userAccount.size());
       System.out.println(userAccount);
       for (Account account : userAccount)
                {
                System.out.println("Application instance is --->"+account.getAppInstance()+"<-----Resource Status--->"+account.getAccountStatus()+"<---Process Instance Key(orckey)-->"+account.getProcessInstanceKey());
                //System.out.println("Application instance is --->"+account.getAccountStatus());
                }
} catch (UserNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (GenericProvisioningException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

     
}
public static void main(String[] args)  {
FetchAppInstance fo=new FetchAppInstance();
fo.OIMConnection();
//Pass the user key here
fo.fetchAppInst(144L);

}

}

OIM Create User Client Code

For Client Code below JAR need to be added in Eclipse or JDeveloper.

1) commons-logging.jar
2) jrf-api.jar
3) oimclient.jar
4) spring.jar
5) wlfullclient.jar

Create User Code-

===========================================


import java.util.HashMap;
import java.util.Map;
import javax.security.auth.login.LoginException;
import Thor.API.tcResultSet;
import Thor.API.Operations.tcUserOperationsIntf;
import oracle.iam.identity.exception.UserAlreadyExistsException;
import oracle.iam.identity.exception.UserCreateException;
import oracle.iam.identity.exception.ValidationFailedException;
import oracle.iam.identity.usermgmt.api.UserManager;
import oracle.iam.identity.usermgmt.vo.User;
import oracle.iam.identity.usermgmt.vo.UserManagerResult;
import oracle.iam.platform.OIMClient;
import oracle.iam.platform.authz.exception.AccessDeniedException;

public class UserOperation {
public static OIMClient oimClient;
//Function to Connection to OIM
public  void OIMConnection(){
System.out.println("Trying to established oim client");
System.out.println("inside OIM Connection");
String oimInitialContextFactory = "weblogic.jndi.WLInitialContextFactory";
// set up the environment for making the OIM API invocation
java.util.Hashtable<String, String> env = new java.util.Hashtable<String, String>();
env.put(oracle.iam.platform.OIMClient.JAVA_NAMING_FACTORY_INITIAL,oimInitialContextFactory);
env.put(oracle.iam.platform.OIMClient.JAVA_NAMING_PROVIDER_URL, "t3://localhost:14000");

System.out.println("inside OIM Connection11");
System.setProperty("java.security.auth.login.config", "C:\\Software\\designconsole\\designconsole\\config\\authwl.conf");   //Update path of authwl.conf file according to your environment    
System.out.println("inside OIM Connection22");
System.setProperty("OIM.AppServerType", "wls");        
   System.setProperty("APPSERVER_TYPE", "wls");
   System.out.println("inside OIM Connection33");
    oimClient = new OIMClient(env);
 System.out.println("inside OIM Connection44");

 try {
oimClient.login("xelsysadm","Welcome123".toCharArray());
} catch (LoginException e) {
e.printStackTrace();
}

   System.out.print("Successfully Connected to OIM ");

}
public void createUser(){
System.out.println("Inside Create User Method");
UserManager usermgr = oimClient.getService(UserManager.class);
   HashMap<String, Object> userAttributeValueMap = new HashMap<String, Object>();
UserManagerResult userResult = null;
String userKey = null;
userAttributeValueMap.put("act_key", new Long(22));
userAttributeValueMap.put("First Name", "CBS");
userAttributeValueMap.put("Last Name", "Test4");
userAttributeValueMap.put("Email", "cbs@gmail.com");
userAttributeValueMap.put("usr_password", "Welcome@123");
userAttributeValueMap.put("Role", "EMP");
userAttributeValueMap.put("Xellerate Type", "End-User");
userAttributeValueMap.put("usr_manager_key", new Long(13543));
userAttributeValueMap.put("Mobile", "2223334445");
User user = new User("Test", userAttributeValueMap);
try {
userResult=usermgr.create(user);

} catch (ValidationFailedException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (UserAlreadyExistsException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (UserCreateException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (AccessDeniedException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}

userKey = userResult.getEntityId();

System.out.println("\nUser got created...."+userKey);
        //Searching the User Login through User Key
tcUserOperationsIntf service = oimClient.getService(tcUserOperationsIntf.class);
Map<String, String> criteria = new HashMap<String, String>();
     criteria.put("Users.Key",userKey);
       try {
   
          System.out.println("====================SEARCHING BY ONLY ONE CRITERIA-==============");
          tcResultSet userresultSet = service.findAllUsers(criteria);
          for(int i=0;i<userresultSet.getRowCount();i++)
            {
                userresultSet.goToRow(i);              
               System.out.println(userresultSet.getStringValue("Users.User ID"));  
             
            }
            System.out.println("==================================================================================");
        } catch (AccessDeniedException e) {
          e.printStackTrace();
        }
 catch (Exception e) {
   System.out.print("Login Exception" + e);
                   }
         }

public static void main(String[] arg) {
UserOperation usinfo=new UserOperation();
usinfo.OIMConnection(); //calling method for connecting to OIM
usinfo.createUser(); //Calling method to create the user in OIM
}
}