Skip Navigation Links | |
Exit Print View | |
Oracle Identity Analytics System Integrator's Guide 11g Release 1 |
1. Integrating With Oracle Identity Manager, Preferred Method
Understanding Terminology in Oracle Identity Analytics and Oracle Identity Manager
Step 1: Copy the Required Files From the OIM Server
Step 2: Edit the Oracle Identity Analytics Configuration Files
Step 3: Modify the Oracle Identity Manager Forms Using the Form Designer
Step 4: Configure the Oracle Identity Manager Data Collection Scheduler
Step 5: Configure Oracle Identity Analytics to Connect to Oracle Identity Manager
Step 6: Import the Oracle Identity Manager (OIM) Data Into Oracle Identity Analytics (OIA)
To Import Entitlements, Users, and Accounts
To Verify That Each Import Job Completed Successfully
To Validate That the Parent Attribute for Each Attribute Category is Set
Step 8: Review Oracle Identity Manager Automatic Role Assignment and Role Management Settings
To Migrate From the Deprecated OIM-OIA Integration to the Preferred OIM-OIA Integration
Understanding Closed Loop Compliance
To Configure Resources in Oracle Identity Analytics for Remediation
To Configure Certifications in Oracle Identity Analytics for Remediation
Scheduling Incremental Updates of Users, Accounts, and Entitlements
2. Integrating With Oracle Identity Manager, Deprecated Method
3. Integrating With Oracle Waveset (Sun Identity Manager)
4. Integrating With Other Provisioning Servers
6. Integrating With Intellitactics Security Manager
7. Configuring Oracle Identity Analytics For Web Access Control
With the integration of Oracle Identity Analytics and Oracle Identity Manager, it is possible to directly revoke roles and entitlements from Oracle Identity Analytics if the results of the certification process require it. This integration eliminates the need for manual de-provisioning of access for managed resources. In addition, roles and entitlements can still be manually revoked by leveraging the information stored in the remediation configuration module. This takes into account non-managed applications.
If certification remediation is enabled, changes are propagated to Oracle Identity Manager either when the certification is complete, or when the certification end-date is reached (depending on configuration). OIM revokes or re-provisions target system accounts based on the revocations and certifications that occurred during the certification process.
Every resource type in Oracle Identity Analytics can be separately configured for automatic or manual remediation.
Log in to Oracle Identity Analytics.
Choose Identity Warehouse> Resources.
Click the resource for which remediation action needs to be configured, and go to the Remediation tab.
Select the Select Provisioning Mode check box.
Choose the mode of provisioning desired for the particular resource.
Auto - Automatically send role/entitlement updates linked with this resource to Oracle Identity Manager.
Select the appropriate connection name of the provisioning server and save the changes.
Manual - Use the manual steps for revocation of roles and entitlements using a text editor.
List the steps to be followed for non-managed system remediation and save the changes.
Log in to Oracle Identity Analytics.
Choose Administration > Configuration.
Click Identity Certification.
Expand the Revoke and Remediation section, and, under the Remediation section, choose one of the following options:
Display Remediation Instructions - Select to display instructions about how to perform manual remediation of nonmanaged resources.
Perform Closed Loop Remediation on - Select to specify that the remediation be completed by either the Certification End Date or the Certification Completion Date.