Quick Tip: Purging Recon Exceptions in Oracle Identity Manager

OIM ships with an out of the box capability to purge Recon events. Starting with R2 PS2, this feature is available via a scheduled job called OIM Data Purge Task. Recently we experienced a strange issue where not all eligible recon events were getting purged. Specifically, the reconciliation purge retention period was set to 7 days, yet we found that there were thousands of reconciliation events not getting purged even though they were several weeks (or months) old.


The problem:

After digging into the Recon Purge Stored Procedure, it was discovered that entries in recon_events with a corresponding entry in recon_exceptions would never be purged. The Recon Exceptions feature is controlled via the XL.EnableExceptionReports and in this case, it was enabled. Note that this feature must be enabled to populate the UPA_UD_FORMS and UPA_UD_FORMFIELDS tables, so it is not always possible to simply disable it. Therefore, we wanted to find a way to keep this feature enabled while maintaining the reconciliation purge.


The solution:

In order to purge these records, one can simply delete the data from the recon_exceptions table. Of course, you can do this on a regular basis (for example via a custom scheduled job in OIM) assuming the data is not necessary to meet any of your business requirements. After removing the records from the recon_exceptions table, the corresponding recon_event entries will then be eligible for purge the next time the OIM Data Purge job runs.


Questions, comments or concerns? Feel free to reach out to us below, or email us at IDMWORKS to learn more about how you can protect your organization and customers.