Bulk Disable Users in OIM

Question

I have a list of users who are past their expiration date in OIM 11g r2 PS2. I am looking for a way to bulk disable these users in oim, thus trigerring the disabling of their AD and Exchange accounts. There are many and i don't want to disable them one after the other. I need a way to either

1. Invoke a task that will find every expired user using their expected end date and other criteria i specify and then disable them

OR

2. Invoke a task that will call a csv file with the usr_key or usr_login and then disable the accounts. I can create a powershell ecript to take care of the AD part but i really want a process to do this in oim without having to write an sql query to do it from the back end.

Thanks

Answer 1

As far as I know, there is no OOTB task to take care of that. You can write a short app to read your list of users, connect to OIM using OIM Client library, and use UserManager API do BulkDisable those users.

Here is a short snippet

final UserManager um = oimclient.getService(UserManager.class);

final ArrayList<String> lstUsers = 
    new ArrayList<>(Arrays.asList("LOGIN1", "LOGIN2", "LOGIN3"));
um.disable(lstUsers, true);    //true means the list contains logins, not user keys

Answer 2

There's a scheduler in OIM "Disable/Delete User After End Date",this should take care of your scenario of disabling users whose end-date had passed. This scheduled task disables user accounts for which the end date had passed the current date at the time when the task is run.
And once the user is disabled in OIM,than automatically the AD/Exchange gets disabled.