oracle security stack of product |
- User Identity Administration : Oracle Identity Manager [OIM]
- Access Management
- Oracle Access Manager [OAM]
- Oracle Identity Federation [OIF]
- Oracle Enterprise Single Sign On [eSSO]
- Oracle Adaptive Access Manager [OAAM] *
- Governance : Oracle Identity Analytics [OIA]
- Directory Services
- Oracle Internet Directory [OID]
- Oracle Virtual Directory [OVD]
OIM SELF service and administration console |
Start 11g Database, Weblogic Server and then OIM Managed Server, login to OIM console at http://oim-hostname:14000/oim with xelsysadm and password.
The post login screen includes self service, administration and advanced tabs.
Self Service : Welcome Screen
Self Service : Tasks -> Approvals / Provisioning / Attestation
Self Service : Requests -> Search and Create Requests (requests for logged in user or other users) , this is done using selecting a Request Template such as Create User, Delete User etc ..
Updating profile information (Attributes) such as first name, last name, time zone etc.
user can also edit his/her roles and request for new roles.
Answer questions related to user security in case of forgot password.
Administration : allows creation of Organization, Role , Users and Policies
Administration : Creation of Authorization Policy
In the Advanced Administration one can Search and create Requests.
create access policies, user configuration, manage resources , create connectors,
One can also create User Notifications under various conditions such as user creation or user self registration or user deletion in the OIM system.
create oim organization, users, workflow approvals |
Usecase : lets create a simple org hierarchy, James Smith Inc, below that have 2 sub org units James Smith IT, and James Smith Sales, Create user Mike Kelleher under James Smith IT, logout as xelsysadm and login as Mike, change some of his user attributes like time zone, this sets up workflow task which needs to be approved by xelsysadm after which this timezone data of Mike becomes available.
create sub org unit James Smith IT
view the Org Tree
View the Roles that have been assigned to James Smith Inc by default, one can change them
create user Mike Kelleher by selecting create user link from the welcome screen when logged in as xelsysadm.
logout and login as mike_jsi the username provided during registration ,
post login user will be forced to change password to meet the required password standards like a mix of capital and small letters in the password.
User Mike decides to change some of his attributes like timezone and language settings in Locale , these are essentially user attributes, changing them enforces a workflow process
xelsysadm logs in and views his approval tasks, approves Mike’s request.
view details and approves.
Under Const. |
Under Const.