Oracle Identity Manager is an advanced, flexible provisioning system for automatically granting and revoking access to enterprise applications and managed systems. You use Oracle Identity Manager to provide access to enterprise resources to staff and partners, and to enforce access policies that are associated with these resources.
Oracle Identity Manager enables you to do the following:
- View your Oracle Identity Manager user account
(group memberships, e-mail address, and so on). - Modify your profile.
- Review the resources that you have permission
to access. - View requests that you made and requests made
for you. - Make requests for additional resources for
yourself. - Change your password.
- View and modify login challenge question and
answer (Q&A). - Set up your user proxy.
- View and manage your pending requests, if you
are the authorized approver.
Overview of
Resource Model
Approval
Process
Provisioning
Process
Creating an
Oracle Identity Manager Account
Changing
your account Password
Oracle Identity Manager allows resources to be requested and provisioned to enterprise users. The resource can be an application, access to a database, rights to a directory structure on a network, or other entities to which access is vital. The manner in which access to the resource is granted and the permissions that you are given on that resource are governed by a provisioning processes that an Oracle Identity Manager Administrator defines. Access to a resource may be provisioned uniformly for all users. Or, Access may be provisioned in a unique fashion, based on variables such as the following:
- Your role, for example, administrator,
accountant - Your location
- Your employment status, for example, full time,
consultant - Your group or department designation
- Other criteria that are deemed relevant by the
resource-specific and Oracle Identity Manager administrators
Approval Process
An approval process determines if a resource is to be approved or not for provisioning to one or more users or organizations for whom it was requested. Approval processes consist of a series of tasks that require responses from the users responsible for approving the provisioning of the resource. Because these responses are manually provided, these are assigned to an approver or a group of approvers. Approvers can act upon all tasks in an approval process that are assigned to them. If an approver is assigned to a task in a request, he or she can view all tasks in the request. If you are an approver for a request, the request ID appears when you click the Pending Approvals link under To-Do List.
Provisioning Process
A provisioning process is the process used to actually provision the resource to one or more users or organizations for whom it was requested. Provisioning processes consist of a series of automated tasks that perform the steps necessary to grant access to a given resource. The provisioning process cannot be initiated until the approval process is complete, except in cases where an approval process has not been defined for the resource. The provisioning process can also use a special form to prompt users for, and capture, data required to grant access to a resource.
Oracle Identity Manager’s exception capabilities allow you to handle problems that may occur during the provisioning process. For example, you can add business logic to a provisioning process that prevents the transaction from stopping or failing if a resource is unavailable. Oracle Identity Manager also includes a state engine that allows the system to roll back to the last known consistent state in the event that a provisioning transaction fails. The state engine also rolls back the system to its original state if a provisioning request is rejected.
Creating an Oracle Identity Manager Account
If you do not already have account in Oracle Identity Manager, you need to create one. A user ID cannot include the following characters
: ; # / % = | +, \ “<>
Depending on how your system is configured, you may need to contact your manager to have them create an account for you. Also, depending on how your system is configured, requests for self-registration may require approvals. If approvals are not required, your account is created and available for use as soon as Oracle Identity Manager has processed your self-registration request.
If your system administrator has set Oracle Identity Manager to require approvals for self-registration requests, you can track the status of that request. When the required approvals are obtained, your account is ready for use.
To create an account for yourself:
Access your corporate portal link to Oracle Identity Manager. The Oracle Identity Manager landing page appears.
From the landing page for Oracle Identity Manager, find the Self-Register label in the left navigation pane and click Create Request. The User Self-Registration page appears.
Enter your data.
Required information is marked with an asterisk (*). Be sure to select and specify answers to password challenge questions if your system requires them. Depending on how your system administrator configured Oracle Identity Manager, you may be required to specify answers to a number of challenge questions to reset your password when you forget it.
Click Submit Request. Oracle Identity Manager informs you that the request has been submitted and displays the numeric ID of the request so that you can track it. Write down the Request ID after submitting your request. You need the request ID to track the status of your request. A link to the request appears.
If your request requires an approval, on the Oracle Identity Manager landing page, click the Track Request option under Self-Register in the left navigation pane. The Track Self-Registration request page appears. You can check the status of your request on this page by entering the numeric ID of the request.
Changing
your account Password
You can change your
Oracle Identity Manager password. Depending on local system settings, you may
be required to periodically change your password to maintain system security.
To change your password: In the left navigation pane, click My Account. The My Account menu expands.
Click Change Password. The Change Password page appears.
Enter your current password in the Old Password field, then enter your new password and confirm that password.
Click Save. If your password satisfies system-defined criteria, your password is changed.