Manage Application Users
Once you create users and provision them with access to the application, there are various user management tasks you have to perform on an ongoing basis. Here are examples of some of the tasks you might have to do:
-
Terminating user accounts when users leave the organization
-
Acting as a proxy for users so you can troubleshoot issues
This chapter describes how to perform these and other use management tasks. But you can also use the file import functionality to perform user management tasks such as::
-
Enabling or disabling user accounts
-
Promoting, demoting, or transferring an employee
User Management Using Manage Users
ERP administrators can use the Manage Users task to manage user accounts when Oracle HCM Cloud service isn't being used. When Oracle HCM Cloud is being used, HR Specialists and Line Managers can manage user accounts with the Manage User Accounts task.
This topic describes how to update an application user account.
To access the user account page for a person:
-
Select to open the Search Person page. You can also search for the Manage Users task in the Setup and Maintenance work area.
-
On the Search Person page, search for the person whose account you're updating.
-
In the search results, select the person and click the person's name. The Edit User page will open.
User Management Using Security Console
IT Security Managers can manage user accounts from the Security Console.
To access the User Account Details page for a person:
-
Select to open the Security Console.
-
Click the Users tab.
-
Search for the user using one of the following:
-
First Name
-
Last Name
-
User Name
-
Email
-
-
Click on either the display name or user name link.
On the User Accounts page of the Security Console, IT Security Managers can:
-
Create and manage user accounts. Typically, only accounts for implementation users are created and managed in this way.
-
Delete the account of an implementation user, if required. User accounts of application users should not be deleted.
-
Lock and unlock user accounts. Users can't sign in to locked accounts.
-
Make user accounts active or inactive.
-
Provision rules to users.
-
Reset user passwords, provided that the Administrator can manually reset password option is selected for the relevant user category.
On the User Categories page of the Security Console, IT Security Managers can create and manage user categories. For any category, they can:
-
Define the default format of user names.
-
Set the password policy.
-
Manage notifications.
-
Add users to and remove users from the category.
Change User Names
To edit a user name:
-
Select .
-
In the Update User Name dialog box, enter the user name and click OK. The maximum length of the user name is 80 characters.
-
Click Save.
This action sends the updated user name to your LDAP directory. Once the request is processed, the user can sign in using the updated name. As the user receives no automatic notification of the change, you're recommended to send the details to the user.
Reset Passwords
Passwords can only be reset using the User Account Details page in the Security Console. ERP administrators can't reset a user's password using the Manage Users task.
To reset a user's password:
-
Navigate to the User Account Details page in the Security Console, and search for the user as discussed in the User Management Using Security Console section.
-
Select .
-
You have the option to either automatically generate a new password or manually change the password, provided that the Administrator can manually reset password option is selected for the relevant user category. If the option to manually change the password is available and you choose it, enter the new password in the New Password field and again in the Confirm New Password field. Then click Reset Password.
This action sends a notification containing a reset-password link to the user's work email.
Note: A notification template for the password-reset event must exist and be enabled for the user's user category. Otherwise, no notification is sent.
Change a User's Email Address
To change a user's email address:
-
Navigate to the User Account Details page in the Security Console, and search for the user as discussed in the User Management Using Security Console section.
-
Click on either the display name or user name link.
-
On the User Account Details page, click Edit.
-
On the Edit User Account page, edit the email address.
-
Click Save and Close.
Manage User Roles
You can manage user roles from both the Edit User page inside the Manage Users task or the Edit User Account page.
To add a role:
-
Click Add Role.
The Add Role dialog box opens.
-
Search for the role that you want to add.
-
In the search results, select the role and click OK.
If you're using the Manage Users task, the role appears in the Role Requests region with the status Add Requested. If you're using the Edit User Account page, the role appears in the Roles region
-
Click Save.
To remove a role from any section of this page:
-
Select the role and click Remove.
-
In the Warning dialog box, click Yes to continue.
-
Click Save.
Clicking Save sends requests to add or remove roles to your LDAP directory server. Requests appear in the Role Requests in the Last 30 Days section. Once provisioned, roles appear in the Current Roles section.
To update a user's roles automatically, select . This action applies to roles for which the Autoprovision option is selected in all current role mappings. The user immediately:
-
Acquires any role for which he or she qualifies but doesn't currently have
-
Loses any role for which he or she no longer qualifies
You're recommended to autoprovision roles for individual users if you know that additional or updated role mappings exist that affect those users.