Skip Navigation Links | |
Exit Print View | |
Oracle Identity Analytics Business Administrator's Guide 11g Release 1 |
1. Oracle Identity Analytics Identity Warehouse
2. Oracle Identity Analytics Importing
3. Oracle Identity Analytics ETL Process
4. Oracle Identity Analytics Data Correlation
5. Oracle Identity Analytics Role Engineering and Management
6. Oracle Identity Analytics Workflows
7. Oracle Identity Analytics Identity Certifications
To Create a User Entitlement Certification
To Create a Role Entitlement Certification
To Create a Resource Entitlement Certification
Understanding Closed-Loop Remediation and Remediation Tracking
Configuring Closed-Loop Remediation
To Select Remediation Start Date
8. Oracle Identity Analytics Identity Audit
9. Oracle Identity Analytics Reports
10. Oracle Identity Analytics Scheduling
11. Oracle Identity Analytics Configuration
Four types of certifications can be created in Oracle Identity Analytics.
|
Log in to Role Manger.
Choose Identity Certifications > My Certifications.
Click New Certification.
The Create Certification window opens.
Complete the form as follows, then click Next:
Certification Name - Type a name for the certification.
Type - Select User Entitlement from the drop-down menu.
Incremental - This setting enables certifiers to certify or revoke only changes or inclusions made to a certification. It eliminates the need to review the access of users who have been certified. See To Understand And Work With The Incremental Certification Option for more information.
Select a user selection strategy from the drop-down menu, then click Next:
All business structures - Selects all business structures created in Oracle Identity Analytics.
Selected business structures - Allows you to manually select the business structures. Click Next.
All users - Selects all the users in the system.
Users criteria - Selects all the users that meet the given search condition. For help with search, see Searching for a User. You can preview the results of this selection.
Selected users - Allows you to manually select the users in the system. Click Next.
Complete the Period and Certifier form as follows, then click Next:
Certifier - You can select a Business Structure Manager, a User Manager, or an authorized user as the certifier.
Start Date - Enter the start date. The certification is valid as of the start date.
End Date - Enter the end date. The certification expires after the end date. Managers cannot review certifications after the expiration date.
Configuration Details - Select the check box to change the configuration of the certification you are creating. For detailed instructions on customizing configuration settings, see Identity Certification Configuration.
After clicking Next, the summary page opens. Click Back if you want to modify any selection.
Select one of the following options:
To Run Certification immediately, select Run.
To schedule a certification job, select Later.
Refer to Scheduling Certifications for instructions.
Click Create.
Log in to Role Manger.
Choose Identity Certifications > My Certifications.
Click New Certification.
The Create Certification window opens.
Complete the form as follows, then click Next:
Certification Name - Type a name for the certification.
Type - Select Role Entitlement from the drop-down menu.
Incremental - This setting enables certifiers to certify or revoke only changes or inclusions made to a certification. It eliminates the need to review the role content, which has been certified. See To Understand And Work With The Incremental Certification Option for more information.
Select a role selection strategy from the drop-down menu, then click Next:
All business structures - Selects all business structures created in Oracle Identity Analytics.
Selected business structures - Allows you to manually select the business structures.
All roles - Selects all of the roles in the system.
Roles criteria - Selects all of the roles that meet the given search condition. You can preview the results of this selection.
Selected roles - Allows you to manually select the roles in the system.
Complete the Period and Certifier form as follows, then click Next:
Certifier - You can select the Business Structure Manager, Role Owner, or an authorized user as the certifier.
Start Date - Enter the start date. The certification is valid as of the start date.
End Date - Enter the end date. The certification expires after the end date. Managers cannot review certifications after the expiration date.
Configuration Details - Select the check box to change the configuration of the certification you are creating. For detailed instructions on customizing configuration settings, see Identity Certification Configuration.
After clicking Next, the summary page opens. Click Back if you want to modify any selection.
Select one of the following options:
To Run Certification immediately, select Run.
To schedule a certification job, select Later.
Refer to Scheduling Certifications for instructions.
Click Create.
Log in to Role Manger.
Choose Identity Certifications > My Certifications.
Click New Certification.
The Create Certification window opens.
Complete the form as follows, then click Next:
Certification Name - Type a name for the certification.
Type - Select Resource Entitlement from the drop-down menu.
Incremental - This setting enables certifiers to certify or revoke only changes or inclusions made to a certification. It eliminates the need to review the access of users who have been certified. See To Understand And Work With The Incremental Certification Option for more information.
Select a user selection strategy from the drop-down menu, then click Next:
All business structures - Selects all business structures created in Oracle Identity Analytics.
Selected business structures - Allows you to manually select the business structures.
All users - Selects all the users in the system.
Users criteria - Selects all the users that meet the given search condition.
For help with search, see Searching for a User. You can preview the results of this selection.
Selected users - Allows you to manually select the users in the system.
Click Add Resource.
The Select Resource(s) window opens.
Select the desired resource and click OK.
Click Next.
Complete the Period and Certifier form as follows, then click Next:
Certifier - Select the Business Structure Manager, User Manager, or an authorized user as the certifier.
Start Date - Enter the start date. The certification is valid as of the start date.
End Date - Enter the end date. The certification expires after the end date. Managers cannot review certifications after the expiration date.
Configuration Details - Select the check box to change the configuration of the certification you are creating. For detailed instructions on customizing configuration settings, see Identity Certification Configuration.
After clicking Next, the summary page opens. Click Back if you want to modify any selection.
Select one of the following options:
To Run Certification immediately, select Run.
To schedule a certification job, select Later.
Refer to Scheduling Certifications for instructions.
Click Create.
Log in to Role Manger.
Choose Identity Certifications > My Certifications.
Click New Certification.
The Create Certification window opens.
Complete the form as follows, then click Next:
Certification Name - Type a name for the certification.
Type - Select Resource Entitlement from the drop-down menu.
Incremental - This setting enables certifiers to certify or revoke only changes or inclusions made to a certification. It eliminates the need to review the access of users who have been certified. See To Understand And Work With The Incremental Certification Option for more information.
Select a selection strategy from the drop-down menu, then click Next:
By Data Owner - Creates a certification for the attribute values for which the selected user is designated as the data owner.
Click Add Data Owner, select the user, and click OK.
For help using search, see Searching for a User.
By Attribute - Creates a certification for data owners of the selected attribute values.
Click the Add Attributes button.
The Attribute Selection table appears.
Select the resource type, resource, and attributes, and click OK.
Click Next.
Complete the Period and Certifier form as follows, then click Next:
Certifier - Select the data owner or an authorized user as the certifier.
Start Date - Enter the start date. The certification is valid as of the start date.
End Date - Enter the end date. The certification expires after the end date. Managers cannot review certifications after the expiration date.
Configuration Details - Select the check box to change the configuration of the certification you are creating. For detailed instructions on customizing configuration settings, see Identity Certification Configuration.
After clicking Next, the summary page opens. Click Back if you want to modify any selection.
Select one of the following options:
To Run Certification immediately, select Run.
To schedule a certification job, select Later.
Refer to Scheduling Certifications for instructions.
Click Create.
Incremental certification is a setting that allows managers to certify only those changes that are new since the last certification was created. This option is available if the certifier and certification type have not changed since the last certification. Enabling this setting saves time during the certification process.
The following options are available when the incremental certification option is selected:
Since Last Base - Specifies that Oracle Identity Analytics treat the previous non-incremental certification as the base. Managers then review user access and either certify or revoke those changes that have taken place after the base. Events that are considered to be changes include the addition of new users, new accounts, or new roles.
For example, a certification in Q1 has two users. In Q2 a third user is added and the certifier must certify the access of the new user as part of an incremental certification. In Q3 a fourth user is added and another account access is given to the third user. The Q3 certification displays only the fourth user and the third user's new access.
Since Last date - Specifies that Oracle Identity Analytics return only those certification changes made after the date provided. Access certifications that were certified before the given date have to be re-certified.
For example, in January a certification is created with two users. In March, a third user is added and a certification is completed. In August, a fourth user is added. If you create an August certification and choose February 2nd as your base, the certification will return the user added in August, as well as any users certified before February 2nd (that is, the two users in January).
Show Previous Values - Specifies that Oracle Identity Analytics return the previous certified values during the certification process. A certifier can change these values, if required.
Note - Incremental certification requires that the certifier and certification type remain the same. Also, incremental certification is valid only for completed certifications. Incremental certification does not apply for expired or incomplete certifications.