Authorization for Oracle BI Applications is controlled by security policies (Oracle BI Applications privileges) defined for users using a role-based model.
Every Oracle Applications user is hired by their company to perform a role in the organization, for example, Payroll Manager or Accounts Payable Manager. An Oracle Applications user is granted a role and thus inherits one or more associated privileges that were granted to the role.
It is possible to grant multiple Duty Roles to a User; however Oracle recommends that Enterprise Roles are defined so that a User is provisioned with a single Duty Role.
If you have Oracle BI Enterprise Edition test servers configured against a test LDAP, and the production servers are configured against the corporate LDAP, but the test LDAP is not a fan-out copy of the corporate LDAP directory, then you must refresh the LDAP GUIDs. See Refreshing User GUIDs in Security Guide for Oracle Business Intelligence Enterprise Edition for more information. Note that while LDAP is required for Oracle Fusion Applications environments, it is optional for other source applications.