Professional Documents
Culture Documents
Erf Do-070 Security User Guide
Erf Do-070 Security User Guide
Erf Do-070 Security User Guide
Version: 1.0
DO.070 User Guide Doc Ref: ERF_Security_D0.070
1 DOCUMENT CONTROL
1.2 Reviewers
Name Position
2 PREFACE
This user guide includes the information you need to work with Oracle Fusion Security and
Adminstration Functions effectively.
Manage Users
Oracle Identity Manager
Role Provisioning Rules
Customizing Job Roles
Managinf Duty Roles
2.1.1 AUDIENCE
This guide contains the information you need to understand and use
Oracle Fusion General Ledger. This preface explains how this user guide is
organized and introduces other sources of information that can help you.
This guide contains the following process:
Process 3 explains the role provisioning rules and how to assign roles to
users automatically.
Process 4 includes the core steps of how to create a new job role “External
Roles”.
Process 5 explains how to add duty roles to newly created / customized job
roles.
Egabi Solutions
25 Asmaa Fahmy Street, Helioplis
(+202) 2690 9675-8 Email: Mariam.motazbellah@egabi.com
Contents
1 Document Control.................................................................................................... ii
1.1 Change Record........................................................................................................... ii
1.2 Reviewers.................................................................................................................... ii
2 Preface....................................................................................................................... 1
2.1 How the Manual Is Organized.....................................................................................1
1.1.1 PROCEDURES
Scope
The objective of this script is to walk you through the steps required to create users. There
are two ways to create users; OIM and “Manage Users”. It is recommended to define users
by “manage users” in order to be able to put them in the approval process and assign them
to assets. However, if defined from OIM, users will not be able to proceed with the
mentioned tasks.
.
2.1.1 PROCEDURES
Scope
OIM controls Password security, if user authentication is managed by the database then
security administrators should develop a password security policy to maintain database
access security. Also OIM make unauthorized database access reduced.
- Click on Adminstration
- Type User Name and search on specified user
- When user populates, you can reset password by clicking on “Reset Password”
- Either you enter a password manually or allow the system to auto generate a password.
- Lock Account: when clicking on this icon, you obligate this user to reset password as soon as he
logins.
- Disable user: user will be unable to login to his user account again.
- Delete User: Delete user and unable to track this user again on the application.
Note: if created a user from the OIM, this user will not be able to use the system or be appeared in
the “manage users” page. So it is recommended to define users from the HCM “Manage Users”
page.
3.1.1 PROCEDURES
Scope
In Oracle Fusion HCM, when someone joins an organization, depending upon their
grade, position, jobs & reporting line etc we should be able to auto assign them certain
roles. For example someone with a Job named “IT Project Manager” should
automatically get Manager Role. Likewise someone with Position Chief FInancial
Officer should automatically get role named Executive. All of these requirements can be
very easily implemented in Oracle Fusion HCM using the steps outlined in this chapter.
- Once you click on this task, Manage Role Mapping page appears. Click on create button.
-
- In Create Role Mapping UI, provide Mapping Name, From Date.
- In Conditions section provide Assignment Type as Employee and Assignment Status as Active.
- In Associated Roles section click Add button and add Employee role from dropdown.
- Click on Apply Autoprovisioning button in Top.
- This will ensure all existing user gets Employee role if they have Active Assignment with them.
- Now click on Save and Close.
4.1 PROCEDURES
Scope
Roles play a pivotal role in Oracle Identity Governance. They are used to define theaccess
rights that an entity may have. A role may be associated with one or more access rights to
Oracle Identity Manager Functions. For example, a single role enables a user to create other
Oracle Identity Manager User accounts and manage a specific organization. Roles determine
the links and menus that are available to users when they log in to the console.
When customizing job roles like the previous example, you will need to add duty roles in order
to complete the customization process of the newly created external role.
5.1.1 PROCEDURES
Scope
This role defines a set of tasks. It is the most granular form of a role. The job and abstract roles
inherit duty roles. The data security policies are specified to duty roles to control actions on all
respective objects
- Click On “Map” in order to add duty roles to the job role you have previously chosen.
- Choose the duty role from the list
- Click on the wanted duty role and then click on “Map Roles”
- Now you have successfully created a duty role. Now you can go assign this role to a user
from the OIM.