Create Users and Assign Them to Predefined Roles

You use this EPM Automate command sequence to create users and assign them to predefined roles in the identity domain.

  • Sign in to the environment as a Service Administrator.

  • Export Groups and Membership information from the environment to example_snapshot.zip. This discussion assumes that you have previously exported Groups and Membership artifacts using Migration to create example_snapshot.zip.

  • Download the snapshot (example_snapshot.zip) to a local directory.

  • Delete the snapshot (example_snapshot.zip) from the environment.

  • Sign out of the environment.

  • Extract the contents of example_snapshot.zip.

  • Append information about new users to HSS-Shared Services\resource\External Directory\Users.csv in First Name,Last Name,Email,User Login format.

    For detailed information, see Importing a Batch of User Accounts in Getting Started with Oracle Cloud.

  • Append information about role assignments of new users (in First Name,Last Name,Email,User Login format) to appropriate roles file(s).

    User assignment for each predefined role should be specified in a separate file available in HSS-Shared Services\resource\External Directory\Roles. For example, assignment to Service Administrator role should be appended to <service_name> Service Administrator.csv while assignments to Viewer roe should be appended to HSS-Shared Services\resource\External Directory\Roles\<service_name> Viewer.csv.

    For detailed information, see Assigning One Role to Many Users in Getting Started with Oracle Cloud.

  • re-create example_snapshot.zip by zipping the HSS-Shared Services directory and its contents.

  • Sign into the environment as a Service Administrator who also has Identity Domain Administrator role.

  • Upload the modified example_snapshot.zip to the environment.

  • Import example_snapshot.zip into the environment.

  • Delete the uploaded example_snapshot.zip from the environment.

  • Sign out.

Note:

You can automate this scenario by writing a custom script that completes these tasks:

  • Unzip example_snapshot.zip
  • Append user information to Users.csv
  • Append role assignments to files
  • Zip HSS-Shared Services and its contents to re-create example_snapshot.zip
epmautomate login serviceAdmin C:\mySecuredir\password.epw 
https://example.oraclecloud.com 
epmautomate exportsnapshot example_snapshot
epmautomate downloadfile "example_snapshot.zip"
epmautomate deletefile "example_snapshot.zip"
epmautomate logout

/* Add custom code to extract the contents of example_snapshot.zip

/* Add custom code to append new user information to HSS-Shared Services\resource\External Directory\Users.csv 
/* Optional: Add custom code to append role information to the appropriate role file(s) in HSS-Shared Services\resource\External Directory\Roles\
/* Add custom code to zip HSS-Shared Services and its contents as example_snapshot.zip */

epmautomate login serviceAdmin C:/mySecuredir/password.epw https://example.oraclecloud.com
epmautomate uploadfile "example_snapshot.zip"
epmautomate importsnapshot example_snapshot userPassword=Password1 resetPassword=true
epmautomate deletefile example_snapshot.zip
epmautomate logout

Note:

The value that you specify for userPassword (Password1 in the preceding command) will be set as the initial password of new users. Set the value of resetPassword as true to force new users to reset password on first login. See importSnapshot for details.