User Directories and EPM System Security

Oracle Enterprise Performance Management System products are supported on a number of user and identity management systems, which are collectively referred to as user directories. These include Lightweight Directory Access Protocol (LDAP) enabled user directories such as Sun Java System Directory Server (formerly SunONE Directory Server) and Active Directory. EPM System also supports relational databases as external user directories.

Generally, EPM System products use Native Directory and external user directories in provisioning. See Oracle Enterprise Performance Management System Certification Matrix for a list of supported user directories.

EPM System products require a user directory account for each user who accesses the products. These users may be assigned to groups to facilitate provisioning. Users and groups can be provisioned with EPM System roles and object ACLs. Because of the administrative overhead, Oracle does not recommend the provisioning of individual users. Users and groups from all configured user directories are visible from Oracle Hyperion Shared Services Console.

By default, EPM System Configurator configures the Shared Services repository as the Native Directory to support EPM System products. Directory Managers access and manage Native Directory using the Shared Services Console.