Set Permissions for Your Microsoft Active Directory (AD) Account
You use your Microsoft Active Directory (AD) domain administrator account to create an AD Bridge. Before creating this bridge, you must set permissions for your account. You must set these permissions so that you can install the bridge and configure delegated authentication for it.
With delegated authentication, Oracle Identity Cloud Service identity domain administrators and security administrators don’t have to synchronize user passwords between AD and Oracle Identity Cloud Service. Users can use their AD passwords to sign in to Oracle Identity Cloud Service to access resources and applications protected by Oracle Identity Cloud Service.
See Understand Delegated Authentication for more information about delegated authentication.
Set Permissions to Synchronize Users, Groups, and Group Membership
You set permissions for your Active Directory Bridge service account so that you can synchronize users, groups, or OUs between Microsoft Active Directory (AD) and Oracle Identity Cloud Service