Pages

Monday, January 23, 2017

How to Delegate Admin User Privileges OIM 11g R1


I would like to delegate the user administration privileges  various departments. I need to setup the following configuration to delegate the user privileges for various departments. In my example department name is celorg. They are

1. Create the Admin User

     It is a two step process:

     1.1 Login to the oim using the admin user xelsysadm  and Admin User Password.
     1.2 Create user id cel_admin and last name is College of Extended Learning, and Password using the create user interface.

2. Create the Role

   
     It is a three step process to create a role:

     2.1 Login to the oim using the admin user xelsysadm  and Admin User Password.
     2.2 Create role name is cel_admin create role user interface.
     2.3 Assign the role to the user using the role member user interface.

   

3. Create the Organization

     It is a three step process to create a Organization:
     3.1 Login to the oim using the admin user xelsysadm  and Admin User Password.
     3.2 Create a Organization Name is celorg and Type is Department using Create Organization user interface.
     3.3  Click Administrative Roles ==> Assign ==> Select Role (cel_admin) and Assign Check Box and Click Assign button and It will assign the role.  

4. Create Authorization Policy

 
     4.1 Login to the oim using the admin user xelsysadm  and Admin User Password.
     4.2 Click Authorization Policy and perform the following tasks to create the authorization policy:
         

            4.2.1 Create Authorization Policy

                     Policy Name: College Of Extended Learning Admin Policy
                     Entity Name: User Management
                      Click Next Button

            4.2.2  Select Permissions

                      Create User
                      Change Password
                      Modify User Profile
                      Search User
                      View User Details
                      Change User Password
                      Modify User Status
                      Click Next Button

           4.2.3  Select Data Constraint

                     Add User Organization celorg
                     Select Hierarchy Aware Check Box
                     Click Next Button

           4.2.4 Select Policy Assignment

                    Add User role is cel_admin
                    Click Next Button and Finish Button and It will create the authorization policy.
                   
   

5. Testing

          Login to the oim using the admin user cel_admin  and Admin User Password.
          Create the user using create user Link and Enter Last Name, Select Organization from the
          Lookup celorg, User Id , User Type is Temp and Password. Click Save Button and It will
          Create the user in celorg organization department.



1 comment: