Skip to main content

Self Service Capability- OIM PS3

This is a New feature in OIM PS3 which lets you control the user self service capability based on the user attribute,role, Organization.
You can restrict a user’s self-service capabilities in Oracle Identity Manager by defining policies and rules, based on user attributes. You can also set user attributes as denied attributes to the user who satisfies the rule. For this practice, if the user is a Contractor, the Telephone Number and Email fields are denied attributes for this user. As a result, the user cannot modify the values in these fields.

 Below are all the capabilities which can be provided/denied to the user:

To create these rules login to Admin console and click on Self Service Capabilities. Here if we want to give all the capabilities then create a if condition which is always true (like 1==1) and add all the capabilities. But if we want to give capabilities on condition then add this condition in If and add capabilities in Else section.


User attributes can also be denied based on this condition. One example could be that if user.Role=contractor then don't show the SSN attribute.



Comments

Post a Comment

Popular posts from this blog

OIM Tuning

Application Module tuning is a critical setting which will affect the UI performance. Following are the recommended application module settings for OIM and these are already set out-of-box (OOB) in later releases of OIM 11g R2. Ensure that these settings are implemented as recommended in your environment. -Djbo.ampool.doampooling=true -Djbo.ampool.minavailablesize=1 -Djbo.ampool.maxavailablesize=120 -Djbo.recyclethreshold=60 - Djbo.ampool.timetolive=-1 -Djbo.load.components.lazily=true - Djbo.doconnectionpooling=true -Djbo.txn.disconnect_level=1 - Djbo.connectfailover=false -Djbo.max.cursors=5 - Doracle.jdbc.implicitStatementCacheSize=5 - Doracle.jdbc.maxCachedBufferSize=19 open DOMAIN_HOME/bin/setDomainEnv.sh file for the WebLogic Server instance.find these lines: JAVA_OPTIONS="${JAVA_OPTIONS}" export JAVA_OPTIONS and change it to: JAVA_OPTIONS="-Djbo.ampool.doampooling=true -Djbo.ampool.minavailablesize=1 -Djbo.ampool.maxavailablesize=120 -D...
Post a Comment
Read more

Oracle Traffic Director (OTD) configuration

Download the OTD software and install it on a server by running runInstaller command from <Binaries>/Disk1. Preferred is to configure the OTD as root user because when the administration server is configured as root, then Oracle Traffic Director starts the keepalived daemon automatically when you start instances that are part of a failover group, and stops the daemon when you stop the instances. Set Oracle_Home as the new Installed OTD Home. Run below command to configure the Admin server: <OTD_HOME>/otd/bin/tadm configure-server --port=8989 --user=admin --server-user=root --instance- home= <OTD_HOME> /otd/instance_name/otd_instance1 This command will ask for admin password and will create the admin server. Run Below command to start the admin server: <OTD_HOME> /otd/instance_name/otd_instance1/admin-server/bin/startserv Login to the OTD console on http://<host>:8989 as admin user.  Click New configuration: Click Next and create ne...
Post a Comment
Read more

Creating Role through OIM API - 11gR2

package com.oim.utilities; import java.util.HashMap; import oracle.iam.identity.rolemgmt.api.RoleManager; import oracle.iam.identity.rolemgmt.api.RoleManagerConstants; import oracle.iam.identity.rolemgmt.vo.Role; import oracle.iam.platform.OIMClient; public class RoleManagement  { static RoleManager roleManager=null; static OIMClient client=null; @SuppressWarnings("null") public static void createRole(String roleName){ System.out.println("RoleManagement :: createRole :: role name is "+roleName); try  { if (roleName!=null) { HashMap<String, Object> mapAttrs = new HashMap<String, Object>();; mapAttrs.put(RoleManagerConstants.ROLE_NAME, roleName); mapAttrs.put(RoleManagerConstants.ROLE_DISPLAY_NAME,roleName); mapAttrs.put(RoleManagerConstants.ROLE_DESCRIPTION, roleName); Role role = new Role(mapAttrs); // Initialising the OIM Connection client=ClientOIM.initialise(); System.out.println("RoleManagemen...
1 comment
Read more