1/24
Contents
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
Part I Business Administrator's Guide
1
Oracle Identity Analytics Identity Warehouse
1.1
Overview
1.2
Working With Resources
1.2.1
To Create or Modify Resources
1.2.2
To Delete Resources
1.3
Working With Applications
1.3.1
To Create Applications
1.3.2
To Schedule a Job for Assigning Users to Applications
1.4
Understanding How Risk Summaries are Calculated
1.4.1
Understanding Item Risk and Risk-Factor Mappings
1.4.1.1
Understanding Item Risk
1.4.1.2
Understanding Risk-Level Mappings (Risk Factors)
1.4.2
Understanding Risk Aggregation and Risk Summaries
1.4.3
Understanding How Changing Risk Configuration Values Impacts the System
1.4.4
Understanding the Risk-Aggregation Job
1.4.4.1
To Enable the Risk-Aggregation Job
1.4.4.2
To Control How Often the Risk Aggregation Job Runs
1.5
Working With Extended User Custom Properties
1.5.1
To Enable Extended User Custom Properties
1.6
Working With Orphan Accounts
1.6.1
To Assign an Orphan Account to a User
1.7
Creating Business Structure Rules
1.7.1
To Create Business Structure Rules
1.7.2
To Preview Results Of A Business Structure Rules Job
1.7.3
To Run Business Structure Rules Job
1.7.4
To Edit Business Structure Rules
2
Oracle Identity Analytics Importing
2.1
Overview
2.2
Understanding the Import Process
2.2.1
Importing Users
2.2.1.1
Understanding the Schema File for Users
2.2.1.2
Understanding the Input File for Users
2.2.1.3
Global-User Schema File Reference
2.2.1.4
To Import Users
2.2.2
Importing Accounts
2.2.2.1
Understanding the Schema File for Accounts
2.2.2.2
Understanding the Input File for Accounts
2.2.2.3
Accounts Schema File Reference
2.2.2.4
To Import Accounts
2.2.3
Importing Roles
2.2.3.1
Understanding the Schema File for Roles
2.2.3.2
Understanding the Input File for Roles
2.2.3.3
Roles Schema File Reference
2.2.3.4
To Import Roles
2.2.4
Importing Policies
2.2.4.1
Understanding the Schema File for Policies
2.2.4.2
Understanding the Input File for Policies
2.2.4.3
Policies Schema File Reference
2.2.4.4
To Import Policies
2.2.5
Importing Business Structures
2.2.5.1
Understanding the Schema File for Business Structures
2.2.5.2
Understanding the Input File for Business Structures
2.2.5.3
Business Structures Schema File Reference
2.2.5.4
To Import Business Structures
2.2.6
Importing Glossary Names
2.2.6.1
Understanding the Schema File for Glossary Names
2.2.6.2
Understanding the Input File for Glossary Names
2.2.6.3
Glossary Schema File Reference
2.2.6.4
To Import Glossary Definitions
2.2.7
Scheduling Import and Export Jobs
2.3
Configuring the Import Process
2.4
Verifying Imports
2.4.1
To Verify Success of Imports From the Front-End
2.4.2
To Verify Success of Import From the Back-End
3
Oracle Identity Analytics ETL Process
3.1
Overview
3.2
Introduction
3.2.1
Transformation Process
3.2.2
Transformation Graphs
3.2.2.1
Metadata Element
3.2.2.2
Node
3.2.2.3
Edge
3.2.2.4
Phase
3.2.3
Oracle Identity Analytics CloverETL Extensions
3.2.3.1
Transformation Configuration
3.3
Oracle Identity Analytics ETL Reference
3.3.1
DelimitedDataReader and DelimitedDataWriter
3.3.2
ExcelDataReader
3.4
Transformation Examples
3.4.1
Merge
3.4.2
Filter
3.4.3
Fixed Length Data Reader
3.4.4
Database Input
3.5
Load and Unload Data From the Database
3.5.1
How CloverETL Works With Databases
3.5.2
DBConnection
3.5.2.1
Mapping JDBC Data Types to Clover Types
3.5.2.2
JDBC to CloverETL
3.5.2.3
CloverETL to JDBC
3.5.3
Using the AnalyzeDB Utility
3.5.4
DBInputTable Component
3.5.5
DBOutputTable Component
3.5.6
Executing SQL/DML/DDL Statements against DB
3.5.6.1
DBExecute Component
3.6
CloverETL DataRecord Reference
3.6.1
How Data is Represented Within CloverETL
3.6.2
Supported Data Field Types
3.6.3
Specification of Record Format
3.6.3.1
Naming
3.6.4
Delimiters
3.6.5
Field Formats and Other Features
3.6.5.1
Nullable
3.6.5.2
Format
3.6.5.3
Date and Time Specifiers
3.6.5.4
Date and Time Format Examples
3.6.5.5
Number Specifiers
3.6.5.6
Number Format
3.6.5.7
Locale
3.6.6
Specifying Default Values for Fields
4
Oracle Identity Analytics Data Correlation
4.1
Overview
4.2
Understanding Data Correlation
4.3
Writing Correlation Rules
4.3.1
Example
4.4
Pattern Matching Scenarios
4.5
Manual Correlation
4.5.1
To Correlate an Orphan Account to a User
4.5.2
To Change Ownership of an Account
5
Role Engineering and Management
5.1
Understanding Role Mining, Role Consolidation, and Entitlements Discovery
5.1.1
Role Mining
5.1.2
Role Consolidation
5.1.3
Entitlements Discovery
5.2
Performing Role Mining
5.2.1
Setting Role Mining Attributes
5.2.1.1
To Set Role Mining Attributes
5.2.2
Creating a Role Mining Task
5.2.2.1
To Create a Role Mining Task
5.2.2.2
Using the Role Mining Wizard Display Controls
5.2.2.3
Using the Mining Criteria Page
5.2.2.4
Using the Role Engineering Data Preview Page
5.2.3
Running or Scheduling a Role Mining Task
5.2.3.1
To Run or Schedule a Saved Role Mining Task
5.2.4
Validating and Saving Role Mining Results
5.2.4.1
To Validate and Adjust Role Discovery Results
5.2.4.2
Using the Role Mining Results Page
5.2.4.3
Using the Roles Tab
5.2.4.4
Using the Mining Statistics Tab
5.2.4.5
Using the Classification Rules Tab
5.2.4.6
Using the Users in Roles Tab
5.3
Performing Role Consolidation
5.3.1
To Consolidate Roles
5.4
Performing Entitlements Discovery
5.4.1
To Perform Entitlements Discovery
5.5
Creating and Using Role Provisioning Rules
5.5.1
To Create New Rules
5.5.2
To Approve/Reject Role Provisioning Rules
5.5.3
To Deactivate or Decommission Rules
5.5.4
To Preview Role Provisioning Rules Job
5.5.5
To Run Role Provisioning Rules Job
5.5.6
To Manage Lifecycle of Rules
6
Oracle Identity Analytics Workflows
6.1
Overview
6.2
Understanding Workflows
6.2.1
To View a Workflow
6.2.2
Types of Workflows in Oracle Identity Analytics
6.2.3
Understanding the Edit Workflow Page
6.3
Designing Workflows
6.3.1
To Add a Step in a Workflow
6.3.2
To Delete a Step
6.3.3
To Edit Workflow Action Details
7
Oracle Identity Analytics Identity Certifications
7.1
Overview
7.2
Creating New Certifications
7.2.1
To Create a User Entitlement Certification
7.2.2
To Create a Role Entitlement Certification
7.2.3
To Create a Resource Entitlement Certification
7.2.4
To Create a Data Owner Certification
7.2.5
Understanding the Incremental Certification Option
7.3
Scheduling Certifications
7.3.1
To Schedule a Certification
7.3.2
To Delete a Certification Job
7.4
Understanding Closed-Loop Remediation and Remediation Tracking
7.4.1
Configuring Closed-Loop Remediation
7.4.1.1
To Select Provisioning Mode
7.4.1.2
To Select Remediation Start Date
7.4.2
To Track Remediation
8
Oracle Identity Analytics Identity Audit
8.1
Overview
8.2
Working With Audit Rules
8.2.1
Impact of Rule Condition Modifications
8.2.2
Impact of Adding / Removing Rules in a Policy
8.2.3
To Create Audit Rules
8.2.4
To Edit / Change the State of an Audit Rule
8.3
Working With Audit Policies
8.3.1
To Create Audit Policies
8.3.2
To Edit / Change the State of an Audit Policy
8.3.3
To Preview Audit Policy Scan Results
8.3.4
To Run An Audit Policy
9
Oracle Identity Analytics Reports
9.1
Overview
9.2
Working With Custom Reports
9.2.1
To Upload a Custom Report Template in Oracle Identity Analytics
9.2.2
To Run a Custom Report
10
Oracle Identity Analytics Scheduling
10.1
Scheduling Import and Export Jobs in Oracle Identity Analytics
10.1.1
To Schedule an Import and Export Job Using the User Interface
10.2
Scheduling a Job by Editing the Configuration Files
10.2.1
To Enable a Job by Editing the Configuration Files
10.2.2
To Schedule a Job by Editing the Configuration Files
10.2.3
Sample Cron Expressions
10.3
Scheduling Other Job Types
11
Oracle Identity Analytics Configuration and Settings
11.1
Configuration Pages
11.1.1
System Configuration
11.1.1.1
Proxy Assignment Notification
11.1.1.2
Mail Server Settings
11.1.1.3
OIA Server Settings
11.1.2
Risk Mapping
11.1.2.1
External Provisioning (Provisioning Scenarios)
11.1.2.2
System Defaults
11.1.3
Resource Types Configuration
11.1.3.1
To Create or Delete a Resource Type
11.1.3.2
Understanding Resource Type Attributes and Attribute Categories
11.1.3.3
To Create, Rename, and Delete an Attribute Category
11.1.3.4
Configuring Resource Type Attributes
11.1.3.5
To Create, Rename, Edit, and Delete an Attribute
11.1.4
Provisioning Servers Configuration
11.1.4.1
To Create a New Provisioning Server Connection
11.1.5
E-mail Templates Configuration (Configuring E-mail Notification)
11.1.5.1
To Create and Configure E-mail Notifications
11.1.5.2
E-mail Parameter Definitions
11.1.6
Import/Export
11.1.7
Workflows Configuration
11.1.8
Event Listeners Configuration
11.1.8.1
To Create a New Event Listener
11.2
Settings Pages
11.2.1
Identity Certification Configuration
11.2.1.1
To Configure Identity Certification
11.2.1.2
Help on Completing the Identity Certification Configuration Options
11.2.2
Role Management Configuration
11.2.2.1
To Configure Mining
11.2.2.2
To Configure Roles
11.2.3
Identity Audit Configuration
11.2.3.1
To Configure the Identity Audit Module
11.2.3.2
To Prevent Self-Remediation of Audit Violations
11.2.3.3
To Configure E-mails for Violation Reminder and Escalation
11.2.3.4
To Configure E-mails For Violation Lifecycle Event Notifications
11.2.4
Reports Configuration
11.2.4.1
To Configure Report Reminder E-mails
11.2.5
Identity Warehouse Configuration
12
Oracle Identity Analytics Access Control
12.1
Overview
12.2
System Privileges
12.3
Business Privileges
12.4
Working With Oracle Identity Analytics Users And Roles
12.4.1
To Create, Update, and Delete an Oracle Identity Analytics User
12.4.2
To Modify User Password
12.4.3
To Create OIA Roles
12.5
Configuring Password Policy Settings
12.5.1
To Configure Password Policy Settings
12.5.1.1
Password Quality Settings
12.5.1.2
Password Expiration Settings
13
Audit Event Log and Import-Export Log
13.1
Overview
13.2
Audit Event Log
13.2.1
To View Audit Log Events
13.2.2
To Export Audit Log Events to a Spreadsheet
13.3
Import-Export Log
13.3.1
To View Import and Export Log Events
13.3.2
To Export Import-Job Log Details to a Spreadsheet
Part II System Administrator's Guide
14
Securing Oracle Identity Analytics
14.1
Overview
14.2
Understanding the Property Encryption Utility
14.2.1
To Run the Property Encryption Utility
14.2.2
To Encrypt the Database Password
14.3
Enabling SSL Encryption Between Oracle Identity Analytics and the Database
14.3.1
To Configure OIA to use SSL with the Database
15
Understanding and Configuring the System Log
15.1
Overview
15.2
The System Log
15.3
Configuring the System Log
15.3.1
Logging Levels
15.3.2
Understanding How the log4j.properties File Is Organized
15.3.3
log4j.properties File
16
Using System Logs
16.1
Overview
16.2
Tomcat Logging
16.2.1
Context Initialization
16.3
VAAU Commons Logging
16.3.1
Context Initialization
16.4
Oracle Identity Analytics Core Logging
16.4.1
Sequence Update
16.5
Oracle Identity Analytics Security Logging
16.5.1
Login Error
16.5.2
User Creation
16.5.3
User Deletion
16.6
Oracle Identity Analytics Scheduling Logging
16.6.1
Scheduled Certification Reminder
16.6.2
Scheduled Account Import Job
16.7
Oracle Identity Analytics Identity Access Management (IAM) Logging
16.7.1
User Import
16.7.2
Account Import
16.7.3
Unknown User
16.8
Oracle Identity Analytics Reports Logging
16.8.1
Generating Reports
16.9
Oracle Identity Analytics Audit Logging
16.9.1
Audit Logging
16.10
Oracle Identity Analytics Identity Certification (IDC) Logging
16.10.1
Certification Reminder
16.10.2
Certification Creation, Example 1
16.10.3
Certification Creation, Example 2
17
Oracle Identity Analytics Troubleshooting
17.1
Overview
17.2
To Verify That Oracle Identity Analytics Started Properly
17.3
To Start / Stop Oracle Identity Analytics
17.4
Troubleshooting Common Errors
17.4.1
JDBC Connection Error
17.4.1.1
To Resolve the Error
17.4.2
Error Loading Workflow
17.4.2.1
To Resolve the Error
17.4.3
Error Rendering Report
17.4.3.1
To Resolve the Error
17.4.4
Oracle Identity Analytics Configuration Error
17.4.4.1
To Resolve the Error
17.4.5
Java Heap Out of Memory Error
17.4.5.1
To Resolve the Error
17.4.6
RACF Account Import Error
17.4.6.1
To Resolve the Error
18
Tuning Server Configuration Properties
18.1
Overview
18.2
Configuring Identity Certification Settings on the Server
18.2.1
To Modify Identity Certification Batch Sizes on the Server
Scripting on this page enhances content navigation, but does not change the content in any way.