7 Managing Oracle IRM Rights

This section covers the following topics:

7.1 About Obtaining and Managing Your Rights

After initial connection to Oracle IRM Server, managing your rights is almost completely automatic.

When you attempt to open a sealed document that you have obtained or been sent, the Oracle IRM client software automatically contacts Oracle IRM Server to obtain your rights. If you have sufficient rights, you will be able to use the sealed document.

After you have established a connection to Oracle IRM Server, you may, if you have sufficient rights, be able to create new documents sealed to a context on that server. If you have not already connected to Oracle IRM Server (for example, by opening a document that someone else has sealed to that server), you will have to connect to the server manually (see Section 7.3, "Connecting to Oracle IRM Server Manually").

Note:

Because Oracle IRM Server will store data that allows you to be personally identified, on first contact with the server you will see a dialog asking you to confirm that you have read and accept the privacy policy associated with the sealed document. To use the sealed document, you must accept the privacy policy. You can cancel at this stage, in which case the document will not be shown, and no information about you will be stored on the server. This applies to 11g servers only and differs from previous releases of Oracle IRM.

Depending on how Oracle IRM has been configured, you might be prompted for your Oracle IRM credentials (user name and password).

Having requested your rights for the specific document you wanted to open, the software also sets up periodic rights synchronization. This automatic process means that you typically have all of your rights available to you even if Oracle IRM Server is temporarily unavailable. This enables you to work offline without further preparation. (The length of time that you can work offline is set by the Oracle IRM Server domain administrator on a per role basis.)

Note:

For offline working, you will never be asked for a username and password when accessing a sealed document. This is because authentication for offline working is based on your Windows login.

In some circumstances, you might want to manage your rights manually. For example:

  • If you are about to disconnect from the network and you want to be sure that your cached rights are as up-to-date as possible, you can synchronize manually.

  • If you want to change the computer on which you are using sealed documents (for example, to work on a home PC), you may need to check in your rights to Oracle IRM Server. This is because a right can be used from only one computer at a time, unless Oracle IRM Server has been specifically configured to allow the use of multiple computers. When you check in, any open documents using your rights are closed. Another computer can then synchronize to the server, with the same account, and obtain those rights.

  • If you have finished working at a computer that is shared by other users, you should consider checking in your rights manually.

7.2 Managing Rights on a Shared Computer

Each Oracle IRM Desktop user should log on to the computer using their own Microsoft Windows account.

If you are using a computer that is shared with others:

  • before use, switch the Microsoft Windows account to your own, or log off and log on again as yourself

  • after use, log off of your Microsoft Windows account before allowing anyone else to use the computer

If multiple Oracle IRM Desktop users obtain rights for content while logged on to a single Microsoft Windows account, the rights become merged, and anyone logged on to that account will have access to all users' content. If it is absolutely unavoidable for users to share a Microsoft Windows account, each user must check in their rights manually before allowing someone else to use the computer. See Section 7.5, "Checking In Your Rights Manually".

7.3 Connecting to Oracle IRM Server Manually

The easiest way to connect to Oracle IRM Server is to open a document that has already been sealed to a context on that server. If this is not possible, you will have to connect to the server manually.

Use the following procedure to connect to Oracle IRM Server manually:

  1. From the Windows Start menu, select Programs, then Oracle IRM Desktop, then Options.

    This opens the Oracle IRM Desktop Options dialog.

    Alternatively, you can right-click the Oracle IRM icon in the notification area (system tray) and select Options.

  2. On the Servers tab, select New.

  3. On the Add Server dialog, enter the URL of the server.

    For connection to an 11g server, the URL will be in the form https://servername:port/irm_desktop. You should obtain the exact URL from the administrator of the server. The /irm_desktop extension is required.

    For connection to a 10g server, the URL will be in the form seal://servername:80.

  4. To check that the connection can be made, select Validate.

  5. To connect to the server, select OK.

If the connection details are valid, the server will be added to the list on the Servers tab.

7.4 Synchronizing Your Rights Manually

Note:

By following this procedure, your rights will be synchronized on servers where the Update Rights box is checked on the Servers tab of the Oracle IRM Desktop Options dialog. If there are servers that you do not want to synchronize with, uncheck the box on the Servers tab first.

Use the following procedure to synchronize your rights manually:

  1. From the Windows Start menu, select Programs, then Oracle IRM Desktop, then Synchronization and Check In.

    This opens the Oracle IRM Desktop Options dialog.

  2. On the Update Rights tab, select Synchronize.

Alternatively, you can right-click the Oracle IRM icon in the Windows notification area (system tray) and select Synchronize.

7.5 Checking In Your Rights Manually

Note:

By following this procedure, your rights will be checked in on servers where the Update Rights box is checked on the Servers tab of the Oracle IRM Desktop Options dialog. If there are servers that you do not want to check your rights into, uncheck the box on the Servers tab first.

You may need to check in your rights manually, for example:

  • when you want to move to another computer and continue to use sealed documents

  • after you have finished using sealed documents on a shared computer.

Use the following procedure to check in your rights manually:

  • Right-click the Oracle IRM icon in the Windows notification area (system tray) and select Check In.

    Alternatively, from the Windows Start menu, select Programs, then Oracle IRM Desktop, then Synchronization and Check In. Then, in the Oracle IRM Desktop Options dialog, select the Update Rights tab and select Check In.

    You will be prompted to provide your authentication credentials (user name and password). This information is required to identify whose rights are being checked in: the departing user's credentials must be provided, not those of an arriving user.

7.6 Clearing Your Password

You will need to clear your password if you have more than one user identity on the server and you wish to change from one identity to another (perhaps because the different identities have different document access rights associated with them). This is applicable only if you were asked to select the Remember My Password checkbox on the Oracle IRM Server Credentials dialog and you did so.

Use the following procedure to clear your password:

  1. From the Windows Start menu, select Programs, then Oracle IRM Desktop, then Options.

    This opens the Oracle IRM Desktop Options dialog.

    Alternatively, you can right-click the Oracle IRM icon in the notification area (system tray) and select Options.

  2. On the Servers tab, check the Update Rights box against each server for which you want to clear the password. (The box may already be checked.)

  3. Select Clear Password.

    A message will be displayed to confirm that the stored password has been cleared.

After the password has been cleared, you will be prompted to supply a username and password the next time that you need to contact the server, for example when opening a sealed document.