These topics discuss how to manage users:
The following basic user types exist in Oracle Social Network:
Participant: Participants are users who are employees of your company; this category includes most other user types. Participants can create conversations, post messages, assign flags to other users, and so on. They are normally created when your organization configures users in the Oracle Cloud, but they also can be invited by other participants. A participant is typically a user whose email address (user name) exists within your organization's email domain.
Within your environment, you might have two types of participant users; these two participants are not distinguished from each other in Oracle Social Network. For example, in an Oracle Cloud Application CRM integration you might have 50 licenses; these 50 users have access to both CRM and Oracle Social Network. These users are added to Oracle Social Network and they are participant users. You can invite additional users within the company to use Oracle Social Network, but they do not have access to CRM; these non-CRM users are also participant users.
Employee users are also participants. An employee is typically a user whose email address (user name) exists outside your organization's email domain but they are still employees who are entitled to full Oracle Social Network access, possibly including service administrator permissions. You must explicitly add or invite them to join Oracle Social Network. When these added/invited users log in, they become Participant users. To allow employee users in your environment, you use the Extended Collaboration page in the Administration UI. For more information, see Managing User Collaboration.
Administrator: An administrator is a user who has been given additional administrative privileges. Administrators can log in to the Oracle Social Network web client to do administration tasks. There are two types of administrators: site and service. Service administrators have access to features that allow them to do all the typical management tasks for users, social definitions, and more. Site administrators are Oracle personnel who have access to extended functionality for Oracle Social Network administration. The site administrator privilege is not managed in the administration UI.
Integration account: This account type is for a program, not a user; it authenticates to Oracle Social Network to integrate custom applications. An integration account is not visible in the user interface. Optionally, you can allow the integration account to act on behalf of actual users. This privilege lets the integrating program do tasks as a user who is not logged in to Oracle Social Network, such as posting a message from an on-premise application as if it were posted by a user.
Caution: You can also optionally allow the integration account to access any data in Oracle Social Network for any user. This privilege can be used for applications that require access to this secured data, such as custom search indexing, eDiscovery, and compliance. Make sure the credentials to this account are held securely.
Outside user: An outside user is a user whose email address (user name) exists outside your organization's email domain and who is not an employee of your company. Outside users cannot be given administrator permissions. For users outside your email domain, you must explicitly add or invite them to join Oracle Social Network. To allow outside users in your environment, the Invitations option must be enabled, at least one value must exist in the Outside Users Whitelist field on the Extended Collaboration page, unless the Invite Outside Users with Any Email Domain check box is selected. To exclude outside users from a specific email domain, you can add the domain name to the Outside Users Blacklist field. If a user is invited from a domain in the blacklist, the invitation fails. For more information, see Managing User Collaboration.
When configured with an external user management system such as Oracle Identity Manager (OIM), general user properties are typically managed in that system. By default, when a user's general properties are changed in OIM, they are automatically propagated to Oracle Social Network when the user logs in. Your specific system configuration determines whether this change occurs.
By default, these properties are managed from OIM and are not editable in Oracle Social Network:
Display Name
E-mail address
Manager
Name (user ID/login)
Organization
Phone Number
Title
Your environment might have more or fewer properties managed in OIM, depending on your specific configuration.
Role (privilege) properties can be changed from either OIM or from Oracle Social Network, and the changes are propagated to the other system. When role properties are changed using Oracle Identity Manager, it could take up to 10 minutes for that change to be visible in Oracle Social Network. The change is visible after that user logs in again. Changes made in Oracle Social Network become effective immediately in Oracle Identity Manager as well as Oracle Social Network.
Role properties include:
Developer
Service Administrator
Employee
Outside User
If your OIM settings become out of sync with Oracle Social Network, or if you want to replace property values for one or all users without waiting for the automatic sync that occurs during login, you can do this task either for an individual user or for all users at once. For more information, see Synchronizing User Profile Information with OIM.
On the Users page, you must find the user that you are interested in before you can edit their properties.
You can view a list of administrators, developers, or outside users by selecting the associated tab on the Users page, or you can search for an individual user.
To find an individual user, enter part of the user name, display name, or email address in the Search field and click Search. All matching user accounts are listed in the Users list.
The user list shows some basic information about the users, including the name, email address, user type, and verification status.
Verified user accounts have been verified using one of these methods:
The user was located in an external account database such as an LDAP (Lightweight Directory Access Protocol) directory service directory.
An email was sent to the user, and the user clicked the link in that email to verify their identity and logged in.
In an Oracle Cloud environment, you typically do not need to specifically invite users; you can publicize the URL for the Oracle Social Network end-user-client login page, and users inside your email domain can create their own accounts.
If you want to allow employee users (for example, non-Oracle Cloud users who are within your company) or outside users to join Oracle Social Network, you must enable the Employees option or the Outside Users option on the Extended Collaboration page, and add the users' domain in the Employee Whitelist or Outside Users Whitelist field. If the Invite Outside Users with Any Email Domain check box is selected, you do not need to specify domains in the whitelist to allow external users.
To invite a user to join Oracle Social Network:
Note: You can add many employee or outside users to Oracle Social Network at once using the Bulk User Upload Wizard. For more information, see Adding Several Employee or Outside Users at Once.
By default, when you create/invite one or more users to Oracle Social Network, a new user invitation email is sent at these times:
A new user invitation email is sent immediately.
If the new user has not accessed Oracle Social Network, a second invitation email is sent two days after the user is created.
If the new user still has not accessed Oracle Social Network, a third invitation email is sent three days after the user is created.
In some cases (such as when creating users in bulk, or if your system is not being used in production yet) you might not want to send invitation emails to new users. If you disable all email notifications for more than three days, no invitation emails are sent. For more information about the global email notification setting, see Editing General Properties.
When an administrator disables (deactivates) a user, the disabled user can't log in. In addition, access for a disabled user is removed from all Conversations that they were a member of, and other users can't follow that user or post to their wall.
Note: The Deleted check box is not editable; if you see that it's selected, it indicates that the user account is managed in an external user directory, and the user account no longer exists in that directory. You use the Enabled option rather than the Deleted option to specify a user's status in Oracle Social Network.
To enable or disable a user:
You can manage Oracle Social Network privileges and other properties for participant, employee, and outside user accounts from the Users page.
To view and edit a user's properties:
The following table describes the user properties.
| Element | Description |
|---|---|
|
General Properties |
In this section you can view general information about the user; you cannot edit the values. |
|
Display Name |
The version of the user's name to be displayed in the client. If blank, the User Name is used. |
|
ID |
An identifier assigned by the system for this user's account. |
|
Type |
The user type: Participant or Outside User. |
|
User Name |
The user's name. |
|
|
The user's email address. |
|
Verified |
Users are verified by either finding them in the user directory, or after the user clicked a link in an invitation email to verify their identity and joined Oracle Social Network. |
|
Created |
The date and time this user account was created in Social Network. |
|
Last Modified |
The date and time this user account was last modified. |
|
Last Connected |
The date and time this user last logged in to Oracle Social Network. |
|
Last Disconnected |
The date and time this user's last session with Oracle Social Network ended. |
|
Account Settings |
In this section you can enable or disable an account, and view the settings for deleted or locked users. |
|
This User Account is Enabled |
Specifies whether this user is enabled on the system. A disabled user can't log in. In addition, access for a disabled user is removed from all Conversations that they were a member of, and other users can't select to follow that user or post to their wall. |
|
This User Account is Deleted |
Not editable. Indicates that a user account is managed in an external user directory, and the user account no longer exists in that directory. A user can't be Enabled and Deleted at the same time. |
|
This User Account is Locked |
Indicates that the user account is locked. You can't modify this property from the properties page. For more information about locked accounts, see Unlocking User Accounts. |
|
Privileges and Special Behavior |
In this section you can specify user types and configure integration accounts. These properties do not display for Outside Users. |
|
Service Administrator |
Specifies whether the user is a service administrator. Service administrators have access to the Administration section of the Oracle Social Network browser interface, and can do all the typical management tasks for users, apps, social definitions, and more. |
|
Developer |
Specifies whether the user is a developer. Developers can access the Oracle Social Network developer website to use specialized tools for development work; developer tools include the API Explorer, Social Definition Builder, and more. Note: Set this property only on the staging instance; the developer user type is intended for use only on that instance. Changes you make on the production instance are not copied to the staging instance. |
|
Integration Account |
Specifies whether this is an integration account. This account type is for a program, not a user; it authenticates to Oracle Social Network to integrate custom applications. By default, an integration account has service administrator privileges. An integration account is not visible in the user interface. Optionally, you can also set two special privileges:
Tips:
|
|
Conversation Settings |
In this section you can configure Conversation settings for the user. |
|
Show Conversation Membership Messages by Default |
When enabled, the user sees a message in Conversations whenever new members are added to the Conversation; for example, The Conversation is now accessible to <name>. When disabled, messages about new members do not appear in Conversations. If you change the property, it takes effect when the user logs out and then logs in again. |
|
Delegates |
To define users or groups who can post to this user's wall on their behalf, click Choose Delegates and then search for the users and groups that you want to assign as delegates. In the Update Delegates dialog, move people or groups to the right column to add them, or to the left column to remove them. |
|
Legal Hold and Retention |
A retention policy allows you to specify how log to keep data on the system before deleting it. When using retention policies, you can place individual users on legal hold. While a user is on legal hold, messages and documents created or modified by this user, and Conversations, Collections, or Social Objects in which this user participated are not deleted regardless of the retention policy. Retention policies are managed externally; contact Oracle Support for questions about your retention policy configuration. For more information on retention properties, see General Properties Page. |
|
On Legal Hold |
Enable or disable legal hold for the user. While an account is on Legal Hold, no user data for that account is deleted, regardless of the retention policy settings. |
|
Retention Extended |
If selected, the user's data is kept on the system for the time period defined in the Extended Retention Period rather than the Standard Retention Period. For more information on retention properties, see General Properties Page. |
If your OIM settings become out of sync with Oracle Social Network, or if you want to replace property values for one or all users without waiting for the automatic sync that occurs during login, you can do this task either for an individual user or for all users at once.
To synchronize profile information for an individual user, open the user's properties page and click Sync Profile Now.
To synchronize profile information for all users at once, open the Users page and click Sync Profile Data.
You can use the Bulk User Upload Wizard to add many employee or outside users to Oracle Social Network in one action.
The process has two steps:
Notes:
The primary purpose of the wizard is to add users; however, if a user already exists in the system, the wizard updates the user information based on the content of the user properties CSV file.
By default, invitation emails are sent to all new users. For more information about these emails and how to disable them if needed, see About New User Invitation Emails.
The wizard adds or updates users based on the information in a CSV file that you upload. Before you can run the wizard you need to put user data into the file.
Use the wizard to upload the CSV file containing user information.
Before you begin: Make sure your Extended Collaboration settings allow these employee or outside users to be added. For more information, see Enabling Extended User Collaboration.
Note: If you left the wizard open after downloading the template file, you can skip to step 4 below.
If a user attempts to log in to Oracle Social Network but provides incorrect login information five or more times, the user account is temporarily locked. Locked users are identified in the Users page user list.
To manually unlock an account, click Unlock to the right of the user information in the user list.
If you do not manually unlock a user account, it is unlocked automatically after 20 minutes.
Note: If you manage user locking in your environment using an external process such as Oracle Access Management, user locking and unlocking is controlled from there and not using the Oracle Social Network Administration interface.