This chapter includes the following sections:
Note:
Oracle Identity Manager Reports enables you to use Oracle BI Publisher as the reporting solution for Oracle Identity and Access Management products.
To use reports on Oracle Identity Manager 11g Release 2 (11.1.2.2.0), you must install Oracle BI Publisher 11g (11.1.1.7.1). To install Oracle BI Publisher 11g (11.1.1.7.1), first install Oracle BI Publisher 11g (11.1.1.7.0), and then apply the patch for Oracle BI Publisher 11g (11.1.1.7.1) by using OPATCH. The patch number for Oracle BI Publisher 11g (11.1.1.7.1) is 16556157, which can be downloaded at the following URL:
You can download Oracle BI Publisher 11g (11.1.1.7.0) by navigating to the following URL:
See Oracle Fusion Middleware Installation Guide for Oracle Business Intelligence for information about installing BI Publisher 11g (11.1.1.7.0).
Oracle Identity Manager Reports are classified based on the functional areas. For instance, Access Policy Reports, Attestation, Request and Approval Reports, Password Policy Reports and so on. It is no longer named Operational and Historical.
Oracle Identity Manager Reports provides a restricted-use license for Oracle BI Publisher and easy-to-use reporting packages for multiple Oracle Identity Management products.
For large-scale deployments, especially those taking advantage of the extensive auditing capabilities of Oracle Identity Manager, it is highly recommended that you deploy a dedicated enterprise-class reporting solution. A solution based on tools such as Oracle Business Intelligence Enterprise Edition can provide the flexibility, automation, and performance required for a large-scale organizations.
The following are Oracle Identity Manager reporting features:
Select and view reports from a predefined list in the BI Publisher.
Filter report information.
View reports on-screen in the desired format.
Provide interactive reports.
Start BI Publisher server explicitly as managed server from the Oracle WebLogic Server Administrative Console.
Login to the WebLogic Administrative Console.
Under the Domain Structure, expand Environment.
Click Servers to display the Summary of Servers table.
Click Control. Select the BI Publisher server, for example bi_server1, and then click Start.
Note:
BI Publisher cannot be accessed through Oracle Identity Manager UI. You must open BI publisher explicitly to access the Oracle Identity Manager 11g reports.Start Oracle Identity Manager Reports. See Section 19.2, "Starting Oracle Identity Manager Reports" for more information.
Expand Shared Folders.
Expand Oracle Identity Manager Reports to display the reports classified according to their functional areas.
To view a report:
In the left menu, select the report functional area, for example, Access Policy Reports.
On the right side page, under the desired report, for example Access Policy Details, click Open.
The Report Input Parameters page is displayed. This page displays the input parameters that must be provided to run a report. The report input parameters act as a filter criterion.
In some cases, at least one or more parameter fields are required fields. Some reports do not require any input parameter. If this is not the case, then you must populate at least one of the fields to run a report.
Note:
If you leave the input parameter field blank, and then click Apply, then all the information associated with the report is displayed.Enter the information required to identify what information the report contains.
Click Apply to run the report.
The report is displayed.
BI Publisher supports multiple report output formats. All reports are generated in a native XML format which can be transformed into different other output formats. The following formats are supported:
HTML
RTF
MHTML
All the reports containing Date type input parameters must to provide the date range in the Date Input Parameters before running the report. Otherwise, the report will not display any data.
Oracle Identity Manager Reports are now classified based on the functional areas. For instance, Access Policy Reports, Attestation, Request and Approval Reports, Password Policy Reports, and so on. It is no longer named Operational and Historical.
Oracle Identity Manager Reports are classified into the following categories based on their functional areas:
Oracle Identity Manager BI Publisher Reports provides the following access policy reports for Oracle Identity Manager:
It provides administrators or auditors the ability to view a current snapshot of all the policies defined in Oracle Identity Manager system, along with key information about each policy, and the number of instances in which each policy has been activated.
Input Parameters
The following table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Access Policy Name | Name of the Access Policy |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Description | Description of the policy |
Approval Required | Approval required for the policy |
Creation Date | Date when the policy is created |
Retrofit Access Policy | Retrofit of the access policy |
Created By | Name of the person who created the policy |
Priority | Priority of the policy |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Resource Name | Name of the resource |
It lists all policies defined in Oracle Identity Manager system by role. This report can be used for operational and compliance purposes.
Input Parameters
The following table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Role Name | Name of the role |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Description | Description of the policy |
Approval Required | Approval required for the policy |
Creation Date | Date when the policy is created |
Retrofit Access Policy | Retrofit of the access policy |
Created By | Name of the person who created the policy |
Priority | Priority of the policy |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Role Name | Name of the role |
Oracle Identity Manager BI Publisher Reports provides the following attestation, request, and approval reports for Oracle Identity Manager:
Note:
The Attestation feature has been deprecated. It can be used only if you have upgraded Oracle Identity Manager from Release 9.1.x or 11g Release 1.This report provides the administrators the ability to view the approval activity including requests that are approved, rejected, or pending.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Approver's First Name | First name of the approver |
Approver's Last Name | Last name of the approver |
Approver's User ID | User ID of the approver |
Organization | Name of the organization |
Fields
N/A
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Approver's First Name | First name of the approver |
Approver's Last Name | Last name of the approver |
Approver's User ID | User ID of the approver |
Organization | Organization of the approver |
Approval Accepted | Count of the accepted approval |
Approval Rejected | Count of the rejected approval |
Approvals Pending | Count of the pending approval |
Approval Requests Total | Total number of approval requests |
This report displays details of all the attestation process. The security model is implemented in this report.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Attestation Process Name | Name of the attestation process |
Attestation Process Owner | Owner of the attestation process |
Fields
N/A
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Attestation Process Name | Name of the attestation process |
Owner User ID | ID of the owner of attestation process |
Date of Current Request | Data on which the request was made |
Date of Last Completion | Data on which the request was completed |
Certified | Attestation process certified |
Rejected | Attestation process rejected |
Declined | Attestation process declined |
Delegated | Attestation process delegated |
Total | Sum of certified, rejected, and declined |
It lists details of selected Oracle Identity Manager attestation requests.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Attestation Process Name | Name of the attestation process |
Attestation Request ID | ID of the attestation process |
Request Initiation Date Range From | Start date of the attestation request |
Request Initiation Date Range To | End date of the attestation request |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Attestation Process Name | Name of the attestation process |
Attestation Request ID | ID of the attestation request |
Request Initiation Date | Date on which the request is initiated |
Completion | Date on which the request is completed |
Certified | Attestation process certified |
Rejected | Attestation process rejected |
Delegated | Attestation process delegated |
No Action | Number of attestation processes on which no action is taken |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
First Name | First name of the user who initiated the attestation request |
Last Name | Last name of the user who initiated the attestation request |
User ID | ID of the user who initiated the attestation request |
Resource | Name of the resource |
Descriptive Data | Date on which the request is completed |
Reviewer's First Name | First name of the reviewer |
Reviewer's Last Name | Last name of the reviewer |
Reviewer's User ID | ID of the reviewer |
Action | Action taken by the reviewer |
This report displays details of all the attestation process and the request for each process, where the logged in user is a member of the administrator or the owner role of the attestation process.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Attestation Process Name | Name of the attestation process |
Attestation Process Owner | Owner of the attestation process |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Attestation Owner | Name of the attestation process owner |
Total Number of Requests | Total number of requests |
Last Completion Date | Date by which attestation should be completed |
Current Request Initiation Date | Date on which attestation is initiated |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Request ID | ID of the attestation request |
Initiation Date | Date on which attestation is initiated |
Completion Date | Date by which attestation should be completed |
Certified | Attestation process certified |
Rejected | Attestation process rejected |
Declined | Attestation process declined |
Delegated | Attestation process delegated |
Total Attested | Sum of certified records, rejected records and declined records |
It displays list of attestation requests by reviewer. The report includes the number of requests associated with each reviewer and information about each request. In addition, it displays the time at which the request is created and completed.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Reviewer First Name | First name of the reviewer |
Reviewer Last Name | Last name of the reviewer |
Reviewer User ID | User ID of the reviewer |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Reviewer 's First Name | First name of the reviewer |
Reviewer 's Last Name | Last name of the reviewer |
Reviewer 's User ID | User ID of the reviewer |
Total Number of Requests | Count of requests to review |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Request ID | ID of the attestation request |
Process Name | Name of the process |
Initiation Date | Date on which attestation is initiated |
Completion Date | Date by which attestation should be completed |
Certified | Attestation process certified |
Rejected | Attestation process rejected |
Declined | Attestation process declined |
Delegated | Attestation process delegated |
Total Attested | Count of requests to attest |
This report provides administrators the ability to view the details (requestor, current approver and so on) of all requests with the input current status. Additionally, this report displays the details of all users (user name, organization, manager details, user status and so on) that will be provisioned as a result of the request approval. This helps administrators in planning and prioritizing operational activities so that they may expedite the closure of pending requests.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Requestor User First Name | First name of the requestor |
Requestor User Last Name | Last name of the requestor |
Request User ID | ID of the requestor |
Request ID | Request ID |
Request Parent ID | Parent ID of the request |
Request Status | Status of the request |
Request Type | Type of the request |
Request Date From | Start date of the request |
Request Date To | End date of the request |
Beneficiary User First Name | First name of the beneficiary |
Beneficiary User Last Name | Last name of the beneficiary |
Beneficiary User ID | ID of the beneficiary |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Request ID | Request ID |
Request Type | Type of the request |
Requester User ID | ID of the requester |
Request Date | Date on which request is initiated |
Approver User ID | ID of the approver |
Current Status | Status of the request |
Parent Request ID | ID of the parent Requester |
Columns
The following table lists the columns of the report, if a beneficiary is present:
Report Column | Description |
---|---|
First Name | First name of the beneficiary |
Last Name | Last name of the beneficiary |
User ID | ID of the beneficiary |
User Type | Type of user |
User Status | Status of the beneficiary |
Organization | Organization of the beneficiary |
Request Value | Request value of the resource |
The following table lists the columns of the report, if a beneficiary is not present:
Report Column | Description |
---|---|
Request Name | Name of the request |
Request Value | Value of the request |
The following table provides the approver details:
Report Column | Description |
---|---|
Approver User ID | User ID of the approver of the request |
Approver User Name | User name of the approver of the request |
This report provides administrators the ability to view the current status of all requests raised in the specified time interval. This helps administrators in planning and prioritizing operational activities so that they may expedite the closure of pending requests.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Request Type | Type of request |
Request Date From | Start date of the request |
Request Date To | End date of the request |
Organization | Details of the organization |
Fields
N/A
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Request ID | Request ID |
Parent Request ID | ID of the parent Requester |
Request Type | Type of request |
Request Status | Status of request |
Requester User ID | ID of the requester |
Requester User Name | Name of the requester of the request |
Beneficiary User ID | ID of the beneficiary |
Request Details | Details of the request |
Approver User ID | ID of the approver |
Approver User Name | Name of the approver of the request |
Request Date | Date of request |
It lists the history of all task assignments.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Resource Name | Name of the resource |
Assignee User ID | ID of the assignee user |
Assignee First Name | First name of the assignee user |
Assignee Last Name | Last name of the assignee user |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Resource Type | Type of resource |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
User ID | ID of the beneficiary |
Assignee First Name | First name of the assignee |
Assignee Last Name | Last name of the assignee |
Assignee User ID | ID of the assignee |
Assignee Role Name | Role name of the assignee |
Assignee User Name | User name of the assignee |
Employee Type | Type of employee |
Oracle Identity Manager BI Publisher Reports provides the following role and organization reports for Oracle Identity Manager:
This report displays membership history of all the roles. The report will not show indirect memberships.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Role Name | Name of the role |
Role Category | Category of the role |
Employee Type | Type of the employee: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor |
Employee Status | Status of the employee: Active, Disabled, Deleted, Disabled Until Start Date |
Membership Status | Status of membership: Revoked, Active |
Effective From | Role membership effective from date |
Effective To | Role membership effective to date |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Created By | Name of the person who created the role |
Creation Date | Date on which the role was created |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Employee Type | Type of employee |
Employee Status | Status of the employee |
Membership Status | Membership date of the user |
Effective From | Membership start date of the user |
Effective To | Membership end date of the user |
Manager's First Name | First name of the manager |
Manager's Last Name | Last name of the manager |
Manager's User ID | ID of the manager |
Updated By | Name of the user who updated the record |
This report shows number of users present for number of roles and the details of users belonging to count number of roles.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Organization | Organization of the user |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Membership in Number of Roles | Number of members in number of roles |
Number of Users | Number of users in the role |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Employee Type | Type of the employee: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor |
This report displays membership details of all roles.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Role Name | Name of the role |
Role Category | Category of the role |
Organization | Name of the organization |
Employee Type | Type of the employee: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor |
Employee Status | Status of the employee: Active, Disabled, Deleted, Disabled Until Start Date |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Created By | Name of the person who created the user |
Creation Date | Date on which the user is created |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of user |
Employee Status | Status of the user |
Employee Type | Type of the employee: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor |
Member Since | Joining date of the user |
Manager's First Name | First name of the manager |
Manager's Last Name | Last name of the manager |
Manager's User ID | ID of the manager |
It lists the hierarchical organization structure and details about users in the organization.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Organization Name | Name of the organization |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Parent Organization Name | Name of the parent organization |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Role | Name of Administrator User roles |
First Name | First name of the user in the organization |
Last Name | Last name of the user in the organization |
User ID | ID of the user |
User Status | Status of the user |
User Type | Type of user |
Start Date | Joining date of the user |
End Date | Leaving date of the user |
This report lists the logged in users with their membership history.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Last Name | First name of the user |
First Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
Employee Status | Status of the employee: Active, Disabled, Deleted, Disabled Until Start Date |
Employee Type | Type of the employee: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
User ID | ID of the user |
User First Name | First name of the user |
User Last Name | Last name of the user |
Organization | Organization of the user |
Employee Status | Status of the employee: Active, Disabled, Deleted, Disabled Until Start Date |
Employee Type | Type of the employee: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
User Role | Name of the user role |
Membership Status | Status of membership |
Effective From | Date from which the membership is effective |
Updated By | User who updated the record |
Oracle Identity Manager BI Publisher Reports provides the following password reports for Oracle Identity Manager:
This report shows the list of all active users whose Oracle Identity Manager passwords are about to expire within a specified period.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Last Name | Last name of the user |
First Name | First name of the user |
User ID | ID of the user |
Organization | Organization of the user |
Expiration Date Range From | Start date of the expiration date |
Expiration Date Range To | End date of the expiration date |
Fields
N/A
Columns
The following table lists the columns of the report:
Report Field | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Employee Type | Type of the employee: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor |
Employee Status | Status of the employee: Active, Disabled, Deleted, Disabled Until Start Date |
Organization | Organization of the user |
Password Expiration Date | Date on which the password expires |
This report provides the ability to view the aggregated metrics around password change attempts done by users themselves or on behalf of them. The metrics include all password change attempts, successful or failure outcome of password change attempt, users locked due to multiple concurrent unsuccessful password change attempts.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Aggregation Frequency | The frequency of the report generated |
Date Range From | Start date of the report generated |
Date Range To | End date of the report generated |
Organization | Name of the organization |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Aggregation Frequency | The frequency of the report generated |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Time Period | Date and time of reset attempts performed |
Reset Attempts | Number of reset attempts |
Failed Reset Attempts | Number of failed reset attempts |
Locked Users due to Failed Reset Attempts | Number of users locked due to a failed reset attempt |
Resets by non-beneficiary | Number of resets by non-beneficiary |
It lists users whose resource passwords will expire in a specified time period.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Resource Name | Name of the resource |
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
User Status | Status of the user |
Password Expiration Date From | The password expiry starting date |
Password Expiration Date To | The password expiry ending date |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Resource Type | Type of resource |
Columns
The following table lists the columns of the report:
Report Field | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
User Status | Status of the user: Active, Disabled, Deleted, Disabled Until Start Date |
User Type | Type of the user: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor |
Password Expiration Date | Date on which the password expires |
Oracle Identity Manager BI Publisher Reports provides the following resource and entitlement reports for Oracle Identity Manager:
It lists all account activities in each resource. It also provides information on how each user is associated with a specific activity of that resource.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Resource Name | Name of the resource |
Date Range From | Date from which reports are displayed |
Date Range To | Date to which reports are displayed |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Resource Name | Name of the resource |
Activity Type | The type of activity |
Resource Authorizer User Role(s) | Name of the role which authorize the role |
Resource Administrator User Role(s) | Name of the role which authorize the resource |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
User Status | Status of the user: Active, Disabled, Deleted, Disabled Until Start Date |
Organization | Organization of the user |
Manager's User ID | ID of the manager |
Timestamp | Date when the report is created |
This report displays the list of user roles with write and delete access that are administrators of the resource.
Input Parameters
The table lists the report parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Resource Name | Name of the resource |
Fields
N/A
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Administrator Role Name | Name of the Administrator role |
Administrator Role Information | Information about the Administrator role |
Read Access | Indicates whether the resource has read access |
Write Access | Indicates whether the resource has write access |
Delete Access | Indicates whether the resource has delete access |
Authorizer Role | Authorizer role name |
Name Priority | Priority of the resource |
Created By | Name of the person who created the resource |
Creation Date | Resource creation date |
The report displays the list of user roles that are the administrators or authorizers of the resource and members of those roles.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Resource Name | Name of the resource |
Resource Type | Type of resource |
Resource Audit Objective | Objective to carry out the audit for the resource |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Resource Type | Type of resource |
Target | Indicates whether the resource is a target for organization or user |
Write Access | Indicates whether the resource has write access |
Delete Access | Indicates whether the resource has delete access |
Creation By | Resource creation source |
Creation Date | Date on which resource is created |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
User Status | Status of the user |
Member Since | Joining date of the user |
Manager's First Name | First name of the manager |
Manager's Last Name | Last name of the manager |
Manager's User ID | ID of the manager |
This report provides administrators or auditors the ability to query all existing users, who have a specified entitlement. This report can be used for operational and compliance purposes.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Entitlement Code | Code of the entitlement |
Resource Name | Name of the resource |
Organization | Organization of the user |
Role Name | Name of the role |
User Status | Status of the user: Active, Disabled, Deleted, Disabled Until Start Date |
User Type | Type of user |
Provisioning Date From | Date from which the resource is provisioned to the user |
Provisioning Date To | Date to which the resource is provisioned to the user |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Entitlement Code | Code of the entitlement |
Entitlement Name | Name of the entitlement |
Entitlement status | Status of the entitlement. |
Resource Name | Name of the resource |
Resource Type | Type of resource |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
User Id | ID of the user |
First Name | First name of the user |
Last Name | Last name of the user |
User Status | User Status |
User Type | Type of the user |
Organization | Organization of the user |
Valid To Date | Entitlement valid from date |
Valid From Date | Entitlement valid to date |
This report provides administrators or auditors the ability to query all existing users provisioned to a entitlement over its lifecycle. This is a lifetime report showing entire history of resource's access list or entitlements.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Entitlement Code | Code of the entitlement |
Resource Name | Name of the resource |
Organization | Organization of the user |
Role Name | Name of the role |
User Status | Status of the user: Active, Disabled, Deleted, Disabled Until Start Date |
User Type | Type of user |
Effective From Date | Entitlement effective from date |
Effective To Date | Entitlement effective to date |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Entitlement Code | Code of the entitlement |
Entitlement Name | Name of the entitlement |
Resource Name | Name of the resource |
Resource Type | Type of resource |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
User Id | ID of the user |
First Name | First name of the user |
Last Name | Last name of the user |
User Status | Status of the user |
User Type | Type of user |
Effective From | Entitlement effective from date |
Effective To | Entitlement effective to date |
This report provides Administrators to get a list of financially significant resources to prioritize various administrative and cleanup activities. It also helps Compliance or Privacy and Security officers assessing effectiveness of preventive and detective controls in financial significant resources and Auditors to understand the IT resources that host financial data.
Input Parameters
The table lists the report parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Resource Name | Name of the resource |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Resource Type | Type of resource |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
User Roles | Lists the resource administrator user roles |
This report provides administrators or auditors the ability to query all existing users provisioned to a resource over its lifecycle. This is a lifetime report showing entire history of resource's access list or entitlements.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Resource Name | Name of the resource |
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
User Status | Status of the user |
User Type | Type of the user |
Snapshot Date From | Effective start date of resource access to the user |
Snapshot Date To | Effective end date of resource access to the user |
Changes Date From | Resource changed from date to user |
Changes Date To | Resource changed to date to user |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Resource Type | Type of resource |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
Resource Descriptive data | Descriptive data to identify the resource |
User Status | Status of the user |
Resource Status | Status of the resource |
Effective From | Effective start date |
Effective To | Effective end date |
This report provides administrators or auditors the ability to query all existing users provisioned to a specified resource. This report can be used for operational and compliance purposes.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Resource Name | Name of the resource |
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
User Type | Type of the user |
Provisioning Date From | Resource provision start date |
Provisioning Date To | Resource provision end date |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Resource Type | Type of resource |
Columns
The following table lists the columns of the report:
Report Parameter | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
User Type | Type of the user |
User Status | Status of the user |
Organization | Organization of the user |
Provisioning Date | Date on which the resource is provisioned |
This report lists the number of users for each status within each resource.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Resource Name | Name of the resource |
Resource Type | Type of resource |
Account Status | Status of the account |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Resource Type | Type of resource |
Total Number of Users | Total number of users associated with the account |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Account Status | Status of the account |
Number of Users | Number of users with that account status |
It lists the history of all provisioning and approval activities for a resource.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Resource Name | Name of the resource |
Date Range From | Start date |
Date Range To | End date |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Resource Type | Type of resource |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Accounts Provisioned | Number of accounts provisioned |
Accounts De-Provisioned | Number of accounts de-provisioned |
Approval Requests | Number of approval requests |
Approval Accepted | Number of approved requests |
Approval Rejected | Number of rejected requests |
This report provides administrators or auditors the ability to view user's resource access history over user's lifecycle. This report can be used for compliance and forensic auditing purposes. This is not a user access profile snapshot report. This is a lifetime report showing entire history of user's entitlements.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
Status | Status of the user |
Employee Type | Type of employee |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
User ID | ID of the user |
User First Name | First name of the user |
User Last Name | Last name of the user |
Manager User ID | ID of the reporting Manager |
Manager First Name | First name of the reporting Manager |
Manager Last Name | Last name of the reporting Manager |
Organization | Organization of the user |
Employee Status | Status of employee |
Employee Type | Type of employee |
Identity Creation Date | User creation date |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Resource Name | Name of the resource |
Resource Descriptive Data | Description of the resource |
Provisioned Date | Date on which the resource is provisioned |
Provisioned By | Name of the person who provisioned the resource |
Effective From | Effective start date of resource access to the user |
Effective To | Effective end date of resource access to the user |
This report provides administrators or auditors the ability to query all existing users provisioned to a specified resource. This report can be used for operational and compliance purposes.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
Employee Status | Status of employee |
Employee Type | Type of employee |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
User ID | ID of the user |
User First Name | First name of the user |
User Last Name | Last name of the user |
Manager User ID | ID of the reporting Manager |
Manager First Name | First name of the reporting Manager |
Manager Last Name | Last name of the reporting Manager |
Organization | Organization of the user |
Employee Status | Status of employee |
Employee Type | Type of employee |
Identity Creation Date | User creation date |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Resource Name | Name of the resource |
Resource Descriptive Data | Description of the resource |
Resource Status | Status of the resource |
Provisioned Date | Date on which the resource is provisioned |
This report provides administrators or auditors the ability to query all existing entitlements provisioned to specific users. This report can be used for operational and compliance purposes.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
User ID | ID of the user |
First Name | First name of the user |
Last Name | Last name of the user |
Email of the user | |
Resource Name | Name of the resource |
Organization | Organization of the user |
Role Name | Name of the role |
User Status | Status of the user |
User Type | Type of the user |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
User ID | ID of the user |
First Name | First name of the user |
Middle Name | Middle name of the user |
Last Name | Last name of the user |
Email of the user | |
Organization | Organization of the user |
User Status | Status of the user |
User Type | Type of the user |
Manager First Name | First name of the manager |
Manager Last Name | Last name of the manager |
Start Date | Entitlement of resource start date |
End Date | Entitlement of resource end date |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Entitlement Code | Code of the entitlement |
Entitlement Name | Name of the entitlement |
Entitlement Status | Status of the entitlement |
Resource | Type of the resource |
Provisioning Start | Date from which the resource is provisioned to the user |
Valid From Date | Entitlement of resource valid start date |
This report provides administrators or auditors the ability to view user's resource entitlement history over user's lifecycle. This report can be used for compliance and forensic auditing purposes. This is not a user access profile snapshot report. This is a lifetime report showing entire history of user's entitlements.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
User ID | ID of the user |
First Name | First name of the user |
Last Name | Last name of the user |
Email of the user | |
Resource Name | Name of the resource |
Organization | Organization of the user |
Role Name | Name of the role |
User Status | Status of the user |
User Type | Type of the user |
Effective From Date | Resource entitlement effective start date |
Effective To Date | Resource entitlement effective end date |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
User ID | ID of the user |
First Name | First name of the user |
Last Name | Last name of the user |
User Status | Status of the user |
User Type | Type of the user |
Organization | Organization of the user |
Email of the user | |
Start Date | Start date of resource entitlement |
End Date | End date of resource entitlement |
Identity Creation Date | Date of identity creation |
Manager First Name | First name of the manager |
Manager Last Name | Last name of the manager |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Entitlement Code | Code of the entitlement |
Entitlement Name | Name of the entitlement |
Resource | Type of the resource |
Effective From Date | Resource entitlement effective start date |
Effective To Date | Resource entitlement effective end date |
Oracle Identity Manager BI Publisher Reports provides the following user reports for Oracle Identity Manager:
This report lists all Oracle Identity Manager users created between a specified date range. In addition, it provides the source of information on the users created.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Employee Status | Status of the user |
Employee Type | Type of employee |
Creation Date From | Start date of user summary |
Creation Date To | End date of user summary |
Organization | Organization of the user |
Fields
N/A
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
Employee Current Status | Status of the user |
Employee Type | Type of employee |
Manager ID | ID of the Manager to whom the user reports |
Source of Creation | User creation source |
Creation On | Date on which the user is created |
Created By | User who created the user |
This report shows all the users and their details based on the input parameters.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
Role Name | Role of the user |
Manager User ID | ID of the Manager to whom the user reports |
Employee Status | Status of the user |
Employee Type | Type of employee |
Changes Date Range From | Effective start date of the changes |
Changes Date Range To | Effective end date of the changes |
Snapshot Date Range From | Effective start date of resource access to the user |
Snapshot Date Range To | Effective end date of resource access to the user |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
User ID | ID of the user |
User First Name | First name of the user |
User Last Name | Last name of the user |
Manager User ID | ID of the reporting Manager |
Manager First Name | First name of the reporting Manager |
Manager Last Name | Last name of the reporting Manager |
Organization | Organization of the user |
Employee Status | Status of employee |
Employee Type | Type of employee |
Identity Creation Date | User creation date |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Profile Parameter | Name of user profile |
Value | Value of user profile |
Date Effective From | Effective from date |
Time Effective From | Effective from time |
Updated By | User who updated the record |
It lists all Oracle Identity Manager User's summary in a specified time period. It includes user details along with source of creation, and who created it and when.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Employee Status | Status of the user |
Employee Type | Type of employee |
Creation Date From | Start date of user summary |
Creation Date To | End date of user summary |
Organization | Organization of the user |
Fields
N/A
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
Employee Status | Status of the user |
Employee Type | Type of employee |
Manager ID | ID of the Manager to whom the user reports |
Source | User creation source |
Creation Date | Date at which the user is created |
This report shows all the deleted users and their details based on input parameters.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
Employee Type | Type of employee |
Deletion Date From | Start date of summary of deleted users |
Deletion Date To | End date of summary of deleted users |
Organization | Organization of the user |
Fields
N/A
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
Employee Type | Type of employee |
Manager ID | ID of the Manager to whom the user reports |
Source | User creation source |
Deletion Date | Date at which the user is deleted |
This report provides the ability to view the details of users whose accounts are disabled. The account may be disabled for various reasons. For example, rejection in attestation, unsuccessful login or password reset attempts failure and so on.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
Employee Type | Type of employee |
Disabled Date From | Start date of user disabled |
Disabled Date To | End date of user disabled |
Organization | Organization of the user |
Fields
N/A
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
Employee Status | Current status of the employee |
Employee Type | Type of employee |
Manager ID | ID of the Manager to whom the user reports |
Source | User creation source |
Disabled Date | Date at which the user is disabled |
Updated By | Users who updated the record |
This report provides the ability to view the details of users whose disabled accounts are unlocked by administrators. Delegated administrators of the organizations to whom the user belongs may enable the accounts.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
Employee Type | Type of employee |
Unlocked Date From | Start date of user unlocked |
Unlocked Date To | End date of user unlocked |
Organization | Organization of the user |
Fields
N/A
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
Employee Status | Status of the user |
Employee Type | Type of employee |
Manager ID | ID of the Manager to whom the user reports |
Source | User creation source |
Unlocked Date | Date at which the user is unlocked |
Updated By | User who updated the record |
Certification reports select data from the certification tables of the Oracle Identity Manager database. There are a list of predefined or default certification reports in Oracle Identity Manager. Table 19-1 lists the default certification reports for each type of certification.
Table 19-1 Default Certification Reports
Certification Type | Certification Report | Description |
---|---|---|
User certification |
Complete Certification Report |
Presents comprehensive data of a user certification. This report includes a list of all employees and their access. |
Certified Access Report |
Lists access marked as certified. |
|
Revoked Access Report |
Lists access marked as revoked. |
|
Abstained Access Report |
Lists certification items that the certifier declined to complete because the certifier is not responsible for verifying the user's assigned roles and entitlements. |
|
Certified Conditionally Access Report |
Lists access that the certifier approved temporarily, even though the access may not be appropriate or justified in the long term. Reviewers are required to enter an end date, which is included in this report. However, the access is not revoked and notices are not sent out about expired end dates. |
|
Complete Certification Task Report |
Presents user-certification data based on certification tasks. This is a subset of the Complete Certification Report. |
|
Role certification |
Complete Certification Report |
Presents comprehensive data of a role certification. |
Certified Access Report |
Lists entitlements marked as certified. |
|
Revoked Access Report |
Lists entitlements as revoked. |
|
Abstained Access Report |
Lists certification items that the certifier declined to complete because the certifier is not responsible for verifying the role's assigned memberships. |
|
Certified Conditionally Access Report |
Lists access that the certifier approved temporarily, even though the access may not be appropriate or justified in the long term. Reviewers are required to enter an end date, which is included in this report. However, the access is not revoked and notices are not sent out about expired end dates. |
|
Complete Certification Task Report |
Presents role-certification data based on certification tasks. This is a subset of the Complete Certification Report. |
|
Application instance certification |
Complete Certification Report |
Presents comprehensive data of an application instance certification. |
Certified Access Report |
Lists entitlements marked as certified. |
|
Revoked Access Report |
Lists entitlements marked as revoked. |
|
Abstained Access Report |
Lists certification items that the certifier declined to complete because the certifier is not responsible for verifying the application instances's assigned users and accounts. |
|
Certified Conditionally Access Report |
Lists access that the certifier approved temporarily, even though the access may not be appropriate or justified in the long term. Reviewers are required to enter an end date, which is included in this report. However, the access is not revoked and notices are not sent out about expired end dates. |
|
Complete Certification Task Report |
Presents certification data for application instances based on certification tasks. This is a subset of the Complete Certification Report. |
|
Entitlement certification |
Complete Certification Report |
Presents comprehensive data of an entitlement certification. |
Certified Access Report |
Lists access marked as certified. |
|
Revoked Access Report |
Lists access marked as revoked. |
|
Abstained Access Report |
Lists certification items that the certifier declined to complete because the certifier is not responsible for verifying the entitlement's assigned accounts and attributes. |
|
Certified Conditionally Access Report |
Lists access that the certifier approved temporarily, even though the access may not be appropriate or justified in the long term. Reviewers are required to enter an end date, which is included in this report. However, the access is not revoked and notices are not sent out about expired end dates. |
|
Complete Certification Task Report |
Presents entitlement-certification data based on certification tasks. This is a subset of the Complete Certification Report. |
In Oracle Identity Manager, exception refers to the difference between accounts that a user is entitled to and the accounts that are actually assigned to a user. The user is assigned these accounts as a result of access policies, provisioning of resources, approval requests, and reconciliation events. Any difference of these accounts assigned to a user in the target system and the ones assigned to the user in Oracle Identity Manager comprises an exception. Exception reports are enabled by default.
Oracle Identity Manager provides the following exception reports:
Rogue Accounts By Resource
This report returns a list of all the rogue accounts existing in a resource. The following exceptions are reported:
Account exists in the target system, but has been deprovisioned for the corresponding user in Oracle Identity Manager
Account exists and is active in the target system, but account does not exist in Oracle Identity Manager (user exists)
Account exists and is active in the target system, but user does not exist in Oracle Identity Manager
Account exists and is active in the target system, but OIM user has been disabled
Account exists and is active in the system target, but OIM user has been deleted
Orphaned Account Summary Report: An account that exists in the target system, but the corresponding user to whom the account is provisioned has been deleted in Oracle Identity Manager. For the given input resource, it lists the rogue accounts that exist in the target system, but the corresponding users to whom the accounts are provisioned has never existed in Oracle Identity Manager.
Fine Grained Entitlement Exceptions By Resource
This report returns a list of all the accounts in a resource for which the process form data being reconciled is different from the expected values. It means that this report returns any account existing in the target system that is also provisioned to the corresponding user in Oracle Identity Manager, but for which the process data does not match.
Note:
After completion of initial target reconciliation, all account-related activities performed directly on a target resource are tracked as exception activity. Account-related activities include account creation, account modification, and entitlement assignment/revocation. The exception reports should be used only if the organization policies enforce that all account-related activities in target resources would always be initiated in Oracle Identity Manager. In addition, remember that exception detection and recording are an extension of account data reconciliation and, therefore, may result in a drop in performance during reconciliation.
All the exception reports depend on reconciliation data. Therefore, these reports will not display any data if the corresponding reconciliation events are archived.
This section describes the following exception reports:
This report enables administrators, signing officers, internal and external auditors to analyze discrepancies in various process forms and related child tables of various resources and mitigate material weaknesses in the resources through remediation activities.
Input Parameters
The table lists the report parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Resource Name | Name of the resource |
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Employee Type | Type of the employee such as fulltime, part time |
Organization Name | Name of the organization |
Role Name | Name of the role |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Resource Name | Name of the resource |
User ID | ID of the user |
First Name | First name of the user |
Last Name | Last name of the use |
Organization Name | Name of the organization |
Employee Status | Status of the user |
Employee Type | Type of the user |
Exception Approved in Attestation | Indicates whether the exception is approved or not |
Reviewer First Name | First name of the reviewer |
Reviewer Last Name | Last name of the reviewer |
Unique ID Attribute | Unique ID attribute in account profile |
Unique ID Value in Account Profile | Unique ID value in account profile |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Form Name | Name of the form |
Form Type | Type of the form |
Form Field Name | Field name of the form |
Expected Form Field Value | Old value of the field |
Actual Form Field Value | New value of the field |
Note:
Before running this report, you must populate data for account audit and reconciliation exceptions.To populate the data for account audit and reconciliation exceptions:
Provision an user to any target.
Modify any of the user's attribute in the target and reconcile the user.
Find data in UPA_UD_FORMFIELDS and UPA_UD_FORMS tables.
Go to Oracle Identity Manger server and run RefreshMaterializedViewScheduler Task.
Log in to BIP and view the report.
It lists the rogue accounts for the input resource for which a user existed in the target system, but the associated user to whom the account is provisioned never existed in Oracle Identity Manager.
Input Parameters
The table lists the report parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Resource Name | Name of the resource |
Reconciliation Date Range From | Start date of reconciliation |
Reconciliation Date Range To | End date of reconciliation |
Fields
N/A
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Resource | Name of the resource |
Account Information | Information of the orphaned account |
Account Detail | Details of the account associated with this orphaned account |
Reconciliation Date | Date of reconciliation |
This report includes all rogue accounts for the input resource. This report also includes the corresponding attestation data to analyze if the rogue accounts represent outstanding or accepted exceptions in the system. This enables administrators, signing officers, internal and external auditors to identify material weaknesses in the resources and plan their mitigation through remediation activities.
Input Parameters
The table lists the report input parameters used to specify a criterion for subsetting data:
Report Parameter | Description |
---|---|
Resource Name | Name of the resource |
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization Name | Organization of the user |
User Status | Status of the user |
User Type | Type of the user |
Exception Type | Type of exception |
Fields
The following table lists the fields of the report:
Report Field | Description |
---|---|
Resource Type | Type of resource |
Columns
The following table lists the columns of the report:
Report Column | Description |
---|---|
Exception Type | Type of exception |
First Name | First name of the user |
Last Name | Last name of the user |
User ID | ID of the user |
Organization | Organization of the user |
User Status | Status of the user |
User Type | Type of the user |
Account Details | Details of the rogue account |
Exception Approved in Attestation | Indicates whether the exception is approved or not |
Reviewer First Name | First name of the reviewer |
Reviewer Last Name | Last name of the reviewer |
Reviewer User ID | User ID of the reviewer |
As a best practice, you must consider the following points before running Oracle Identity Manager BI publisher reports:
Do not run Oracle Identity Manager reports with null value in date range parameters. You must run Oracle Identity Manager reports always with date range values in data range parameters, otherwise report will not display anything.
Invoke the reports with the set of values as input parameters to provide the selectivity, thus improving the performance.
Create a valid OIM User in BIP domain, for example system administrator user, and use it to log in to BIP, and run Oracle Identity Manager reports. Most of the Oracle Identity Manager reports do not display any data on the report UI if the logged-in user is not a valid OIM User.
Oracle Identity Manager supports the creation of reports by using third-party tools such as Crystal Reports. You can use a third-party tool to create the reports listed in Section 19.5, "Reports for Oracle Identity Manager".
Note:
To learn how to create reports by using third-party software, see the third-party software documentation.Table 19-2 lists the scheduled tasks required for Oracle Identity Manager BI Publisher reports:
Table 19-2 Scheduled Tasks for BI Publisher Reports
Report Name | Scheduled Task Name | Description |
---|---|---|
Fine Grained Entitlement Exceptions By Resource |
RefreshMaterializedView |
To refresh the Materialized View used in this report with the latest data |
User Profile History |
IssueAuditTask |
To populate the audit tables with the latest data |
User Unlocked |
IssueAuditTask |
To populate the audit tables with the latest data |
User Membership History |
IssueAuditTask |
To populate the audit tables with the latest data |
Role Membership History |
IssueAuditTask |
To populate the audit tables with the latest data |
Resource Access List History |
IssueAuditTask |
To populate the audit tables with the latest data |
User Resource Access History |
IssueAuditTask |
To populate the audit tables with the latest data |
Resource Activity Summary |
IssueAuditTask |
To populate the audit tables with the latest data |
Password Reset Summary |
IssueAuditTask |
To populate the audit tables with the latest data |
Entitlement Reports |
Entitlement List |
To populate the Entitlement List table with the marked entitlements |
Entitlement Assignment |
To populate the Entitlement Assignment tables with the assigned entitlements |
|
Entitlement Updates |
To populate the latest data into the Entitlement Assignment tables, if any entitlement has assigned to any user periodically or later |