Oracle Identity Manager and EPM System

Oracle Identity Manager is a role and user administration solution that automates the process of adding, updating, and deleting both user accounts and attribute-level entitlements across enterprise resources. Oracle Identity Manager is available as a stand-alone product or as part of Oracle Identity and Access Management Suite Plus.

Oracle Enterprise Performance Management System integrates with Oracle Identity Manager by using enterprise roles which are LDAP groups. Roles of EPM System components can be assigned to enterprise roles. Users or groups added to Oracle Identity Manager enterprise roles automatically inherit assigned EPM System roles.

For example, assume that you have a Oracle Hyperion Planning application named Budget Planning. To support this application, you can create three enterprise roles—Budget Planning Interactive User, Budget Planning End User, and Budget Planning Admin—in Oracle Identity Manager. While provisioning EPM System roles, ensure that Provisioning Managers provision the enterprise roles from Oracle Identity Manager with the required roles from Budget Planning and other EPM System components including Shared Services. All users and groups assigned to the enterprise roles in Oracle Identity Manager inherits the EPM System roles. See Oracle Identity Manager documentation for information on deploying and managing Oracle Identity Manager.

To integrate Oracle Identity Manager with EPM System, Administrators must perform these steps:

• Ensure that members (users and groups) of Oracle Identity Manager enterprise roles that are to be used for EPM System provisioning are defined in an LDAP-enabled user directory; for example OID or Active Directory.

• Configure the LDAP-enabled user directory where members of the enterprise roles are defined as an external user directory in EPM System. See Configuring OID, Active Directory, and Other LDAP-based User Directories.