Manage Excluded Users in Oracle Search
Oracle Search uses the Access Control List (ACL) method for HCM data security. Some users don't receive any Oracle Search-based search results because of their complex security setup. These users are called excluded users. You can make Oracle Search experience available to excluded users by simplifying their security setup.
ACL is precomputed for each user and applied on the search results they receive. Excluded users don't have the ACL computed because the computation time exceeds the 10 minutes threshold. Hence, their access control list is empty resulting in no search results from Oracle Search.
One way to make Oracle Search available to excluded users is replacing custom SQL predicates with built-in capabilities of security profiles. You must always review the possibilities of making the security setup simple and efficient with your organization’s security experts. Here are some processes you can run to manage excluded users:
- Report users who are currently flagged as excluded. To do that, run this
process.
Job Name Parameter Name Parameter Value Manage Excluded Users ACL Action Report excluded users After the process is complete, the log files contain the total count and the user names of users excluded from Oracle Search experience.
- Compute access control list for all excluded users. To do that, run this process.
Job Name Parameter Name Parameter Value Manage Excluded Users ACL Action Compute excluded usersACL User Popluation All excluded users This process attempts computation of access control list for all excluded users. Users whose computation succeeds within the 10 minutes threshold will no longer be excluded from Oracle Search experience.
- Compute access control list for a single excluded users. To do that, run this
process.
Job Name Parameter Name Parameter Value Manage Excluded Users ACL Action Compute excluded usersACL User Popluation Single excluded user User Name Enter the user name here Create Diagnostic Report Yes This process attempts computation of access control list for a single user. The job will produce a diagnostic report that you can use to review or troubleshoot the user’s security setup.