Skip Navigation Links | |
Exit Print View | |
Oracle Identity Analytics System Integrator's Guide 11g Release 1 |
1. Integrating With Oracle Identity Manager, Preferred Method
Understanding Terminology in Oracle Identity Analytics and Oracle Identity Manager
Step 1: Copy the Required Files From the OIM Server
Step 2: Edit the Oracle Identity Analytics Configuration Files
Step 3: Modify the Oracle Identity Manager Forms Using the Form Designer
Step 4: Configure the Oracle Identity Manager Data Collection Scheduler
Step 5: Configure Oracle Identity Analytics to Connect to Oracle Identity Manager
Step 6: Import the Oracle Identity Manager (OIM) Data Into Oracle Identity Analytics (OIA)
To Import Entitlements, Users, and Accounts
To Verify That Each Import Job Completed Successfully
To Validate That the Parent Attribute for Each Attribute Category is Set
Step 8: Review Oracle Identity Manager Automatic Role Assignment and Role Management Settings
To Migrate From the Deprecated OIM-OIA Integration to the Preferred OIM-OIA Integration
Understanding Closed Loop Compliance
To Configure Resources in Oracle Identity Analytics for Remediation
To Configure Certifications in Oracle Identity Analytics for Remediation
Scheduling Incremental Updates of Users, Accounts, and Entitlements
2. Integrating With Oracle Identity Manager, Deprecated Method
3. Integrating With Oracle Waveset (Sun Identity Manager)
4. Integrating With Other Provisioning Servers
6. Integrating With Intellitactics Security Manager
7. Configuring Oracle Identity Analytics For Web Access Control
Oracle Identity Analytics software and Oracle Identity Manager (OIM) software work together seamlessly when integrated using the Thor-API connection mechanism. When integrated, Oracle Identity Manager serves as the automated provisioning and identity synchronization solution, while Oracle Identity Analytics defines the Role-based Access Control (RBAC) framework, the attestation process, and the approach to Segregation of Duties (SoD) policy enforcement. Rather than assigning individual access entitlements, the RBAC framework allows organizations to assign and unassign roles as a means of controlling user access on various applications.
In a fully-integrated scenario, provisioning and role management works in the following manner:
OIM is the authoritative source for users, accounts, and entitlements. Any update made to the users or their corresponding accounts is done in OIM.
Oracle Identity Analytics is the authoritative source for role management and role membership. Oracle Identity Analytics is also the authoritative source for policy entitlement definitions. (Roles in Oracle Identity Analytics correspond to roles in OIM 11.x, and groups in OIM 9.x. Further, policies in Oracle Identity Analytics correspond to access policies in OIM.)
All roles are defined and created in Oracle Identity Analytics. All entitlements for policies and role-to-user relationships are managed from Oracle Identity Analytics.
Role, Policy, and Role-Membership updates should no longer be made in Oracle Identity Manager.