Skip Navigation Links | |
Exit Print View | |
Oracle Identity Analytics Business Administrator's Guide 11g Release 1 |
1. Oracle Identity Analytics Identity Warehouse
2. Oracle Identity Analytics Importing
3. Oracle Identity Analytics ETL Process
4. Oracle Identity Analytics Data Correlation
5. Oracle Identity Analytics Role Engineering and Management
Understanding Role Mining, Role Consolidation, and Entitlements Discovery
Setting Role Mining Attributes
Using the Role Mining Wizard Display Controls
Using the Mining Criteria Page
Using the Role Engineering Data Preview Page
Running or Scheduling a Role Mining Task
To Run or Schedule a Saved Role Mining Task
Validating and Saving Role Mining Results
To Validate and Adjust Role Discovery Results
Using the Role Mining Results Page
Using the Mining Statistics Tab
Using the Classification Rules Tab
Creating and Using Role Provisioning Rules
To Approve/Reject Role Provisioning Rules
To Deactivate or Decommission Rules
To Preview Role Provisioning Rules Job
To Run Role Provisioning Rules Job
6. Oracle Identity Analytics Workflows
7. Oracle Identity Analytics Identity Certifications
8. Oracle Identity Analytics Identity Audit
9. Oracle Identity Analytics Reports
10. Oracle Identity Analytics Scheduling
11. Oracle Identity Analytics Configuration
This module analyzes legacy roles in order to define, re-evaluate, and refine the content of these roles. Entitlements Discovery can also be used for role consolidation if you need to include more applications in the role entitlement mix.
Once roles have been defined for critical applications, you might not want to add new roles or change the makeup of a role, but instead introduce a larger domain of application entitlements in those roles. In this case, select the relevant attributes of the new application as minable only and run Entitlements Discovery on the existing roles.
The Role Entitlements Discovery process can also be applied to top-down roles that are already defined in the organization in order to expedite the hybrid, best-practice role definition process.
Log in to Oracle Identity Analytics.
Choose Role Management > Entitlements Discovery.
The Choose Attribute Type Strategy page opens.
Select Evaluate Minable attributes and click Next.
Select the desired role from the Available Roles panel on the left.
The Available Users panel on the right displays the users that belong to that role.
Select one or more users.
Do one of the following:
Click the Display drop-down menu at the bottom of the panel to view more users on the page.
Select Page at the top of the panel to select all the users on the current page, or select clear Page to deselect the users on the current page.
Select All to select all users across all pages, or clear All to deselect all users.
Click Next.
On the left side of the screen, select a Role and click View Details.
Select a cut-off percentage for each policy and click Save Policies.
The cut-off slider at the bottom of the page can be set to a percentage so that only the users that have an equal or higher similarity-percentage will appear in the result.
Choose Identity Warehouse > Policies to view the time-stamped policies.
The access (attributes) related to these policies can be evaluated and added or removed as required. Policies, once renamed and finalized, can be re-associated to the original role.
Note - Before changing policies (or the associated access attributes), consult with the business owner or role owner.