23 Using Reporting Features
This chapter describes reporting in Oracle Identity Manager. It contains the following sections:
23.1 About Reporting in Oracle Identity Governance
Oracle Business Intelligence (BI) Publisher is Oracle's primary reporting tool for authoring, managing, and delivering all your highly formatted documents.
You can use standalone BI Publisher to view and run Oracle Identity Manager reports.
After BI Publisher configuration, you can take advantage of the standard features of BI Publisher, such as:
- 
                        Highly formatted and professional quality reports with pagination and headers/footers. 
- 
                        PDF, Word, and HTML output of reports. 
- 
                        Capability to develop your own custom reports against the Oracle Identity Manager repository (read-only repository access). 
- 
                        BI Publisher's scheduling capabilities and delivery mechanisms, such as e-mail and FTP. 
- 
                        Format (report) can be edited separately from the data definition (data model). 
- 
                        Standardized Oracle Identity subtemplate for headers. 
- 
                        National Language Support (NLS) for BI Publisher report output. 
Note:
Before using Oracle Identity Manager reports, configure standalone BI Publisher reports. See Configuring Reports in Developing and Customizing Applications for Oracle Identity Governance.23.2 Supported Output Formats for Reports
BI Publisher supports multiple report output formats, such as HTML, PDF, RTF, and MHTML.
All reports are generated in a native XML format which can be transformed into different other output formats. The following formats are supported:
- 
                        HTML 
- 
                        PDF 
- 
                        RTF 
- 
                        MHTML 
23.3 Classification of Oracle Identity Governance Reports
Oracle Identity Governance reports are classified into various categories based on functional areas.
All the reports containing Date type input parameters must be provided with the date range in the Date Input Parameters before running the report. Otherwise, the reports will not display any data.
Oracle Identity Manager Reports are classified into the following categories based on their functional areas:
23.3.1 Access Policy Reports
The access policy reports are Access Policy Details and Access Policy List by Role.
Oracle Identity Manager BI Publisher Reports provides the following access policy reports for Oracle Identity Manager:
23.3.1.1 Access Policy Details
It provides administrators or auditors the ability to view a current snapshot of all the policies associated only with roles defined in Oracle Identity Manager system, along with key information about each policy, and the number of instances in which each policy has been activated.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Access Policy Name | Name of the Access Policy | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Description | Description of the policy | 
| Approval Required | Approval required for the policy | 
| Creation Date | Date when the policy is created | 
| Retrofit Access Policy | Retrofit of the access policy | 
| Created By | Name of the person who created the policy | 
| Priority | Priority of the policy | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Application Instance Name | Name of the application instance | 
23.3.1.2 Access Policy List by Role
It lists all policies defined in Oracle Identity Manager system by role. This report can be used for operational and compliance purposes.
Input Parameters
The following table lists the input parameters for the report:
| Report Parameter | Description | 
|---|---|
| Role Name | Name of the role | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Description | Description of the policy | 
| Approval Required | Approval required for the policy | 
| Creation Date | Date when the policy is created | 
| Retrofit Access Policy | Retrofit of the access policy | 
| Created By | Name of the person who created the policy | 
| Priority | Priority of the policy | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Role Name | Name of the role | 
23.3.2 Request and Approval Reports
The request and approval reports are Approval Activity Report, Request Details Report, Request Summary Report, and Task Assignment History.
Oracle Identity Manager BI Publisher Reports provides the following request and approval reports for Oracle Identity Manager:
23.3.2.1 Approval Activity Report
This report provides the administrators the ability to view the approval activity including requests that are approved, rejected, or pending.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Approver's First Name | First name of the approver | 
| Approver's Last Name | Last name of the approver | 
| Approver's User ID | User ID of the approver | 
| Organization | Name of the organization | 
Fields
N/A
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Approver's First Name | First name of the approver | 
| Approver's Last Name | Last name of the approver | 
| Approver's User ID | User ID of the approver | 
| Organization | Organization of the approver | 
| Approval Accepted | Count of the accepted approval | 
| Approval Rejected | Count of the rejected approval | 
| Approvals Pending | Count of the pending approval | 
| Approval Requests Total | Total number of approval requests | 
23.3.2.2 Request Details Report
This report provides administrators the ability to view the details (requestor, current approver and so on) of all requests with the input current status. Additionally, this report displays the details of all users (user name, organization, manager details, user status and so on) that will be provisioned as a result of the request approval. This helps administrators in planning and prioritizing operational activities so that they may expedite the closure of pending requests.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Requestor User First Name | First name of the requestor | 
| Requestor User Last Name | Last name of the requestor | 
| Request User ID | ID of the requestor | 
| Request ID | Request ID | 
| Request Parent ID | Parent ID of the request | 
| Request Status | Status of the request | 
| Request Type | Type of the request | 
| Request Date From | Start date of the request | 
| Request Date To | End date of the request | 
| Beneficiary User First Name | First name of the beneficiary | 
| Beneficiary User Last Name | Last name of the beneficiary | 
| Beneficiary User ID | ID of the beneficiary | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Request ID | Request ID | 
| Request Type | Type of the request | 
| Requester User ID | ID of the requester | 
| Request Date | Date on which request is initiated | 
| Approver User ID | ID of the approver | 
| Current Status | Status of the request | 
| Parent Request ID | ID of the parent Requester | 
Columns
The following table lists the columns of the report, if a beneficiary is present:
| Report Column | Description | 
|---|---|
| First Name | First name of the beneficiary | 
| Last Name | Last name of the beneficiary | 
| User ID | ID of the beneficiary | 
| User Type | Type of user | 
| User Status | Status of the beneficiary | 
| Organization | Organization of the beneficiary | 
| Request Value | Request value of the resource | 
The following table lists the columns of the report, if a beneficiary is not present:
| Report Column | Description | 
|---|---|
| Request Name | Name of the request | 
| Request Value | Value of the request | 
The following table provides the approver details:
| Report Column | Description | 
|---|---|
| Approver User ID | User ID of the approver of the request | 
| Approver User Name | User name of the approver of the request | 
23.3.2.3 Request Summary Report
This report provides administrators the ability to view the current status of all requests raised in the specified time interval. This helps administrators in planning and prioritizing operational activities so that they may expedite the closure of pending requests.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Request Type | Type of request | 
| Request Date From | Start date of the request | 
| Request Date To | End date of the request | 
| Organization | Details of the organization | 
Fields
N/A
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Request ID | Request ID | 
| Parent Request ID | ID of the parent Requester | 
| Request Type | Type of request | 
| Request Status | Status of request | 
| Requester User ID | ID of the requester | 
| Requester User Name | Name of the requester of the request | 
| Beneficiary User ID | ID of the beneficiary | 
| Request Details | Details of the request | 
| Approver User ID | ID of the approver | 
| Approver User Name | Name of the approver of the request | 
| Request Date | Date of request | 
23.3.2.4 Task Assignment History
It lists the history of all task assignments.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Resource Name | Name of the resource | 
| Assignee User ID | ID of the assignee user | 
| Assignee First Name | First name of the assignee user | 
| Assignee Last Name | Last name of the assignee user | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Resource Type | Type of resource | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| User ID | ID of the beneficiary | 
| Assignee First Name | First name of the assignee | 
| Assignee Last Name | Last name of the assignee | 
| Assignee User ID | ID of the assignee | 
| Assignee Role Name | Role name of the assignee | 
| Assignee User Name | User name of the assignee | 
| Employee Type | Type of employee | 
23.3.3 Role and Organization Reports
The role and organization reports are Role Membership History, Role Membership Profile, Role Membership, Organization Details, and User Membership History.
Oracle Identity Manager provides the following role and organization reports:
23.3.3.1 Role Membership History
This report displays membership history of all the roles. The report will not show indirect memberships.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Role Name | Name of the role | 
| Role Category | Category of the role | 
| Employee Type | Type of the employee: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor | 
| Employee Status | Status of the employee: Active, Disabled, Deleted, Disabled Until Start Date | 
| Membership Status | Status of membership: Revoked, Active | 
| Effective From | Role membership effective from date | 
| Effective To | Role membership effective to date | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Created By | Name of the person who created the role | 
| Creation Date | Date on which the role was created | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Employee Type | Type of employee | 
| Employee Status | Status of the employee | 
| Membership Status | Membership date of the user | 
| Effective From | Membership start date of the user | 
| Effective To | Membership end date of the user | 
| Manager's First Name | First name of the manager | 
| Manager's Last Name | Last name of the manager | 
| Manager's User ID | ID of the manager | 
| Updated By | Name of the user who updated the record | 
23.3.3.2 Role Membership Profile
This report shows number of users present for number of roles and the details of users belonging to count number of roles.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Organization | Organization of the user | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Membership in Number of Roles | Number of members in number of roles | 
| Number of Users | Number of users in the role | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Employee Type | Type of the employee: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor | 
23.3.3.3 Role Membership
This report displays membership details of all roles.
Input Parameters
The following table lists input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Role Name | Name of the role | 
| Role Category | Category of the role | 
| Organization | Name of the organization | 
| Employee Type | Type of the employee: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor | 
| Employee Status | Status of the employee: Active, Disabled, Deleted, Disabled Until Start Date | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Created By | Name of the person who created the user | 
| Creation Date | Date on which the user is created | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of user | 
| Employee Status | Status of the user | 
| Employee Type | Type of the employee: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor | 
| Member Since | Joining date of the user | 
| Manager's First Name | First name of the manager | 
| Manager's Last Name | Last name of the manager | 
| Manager's User ID | ID of the manager | 
23.3.3.4 Organization Details
It lists the hierarchical organization structure and details about users in the organization.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Organization Name | Name of the organization | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Parent Organization Name | Name of the parent organization | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Role | Name of Administrator User roles | 
| First Name | First name of the user in the organization | 
| Last Name | Last name of the user in the organization | 
| User ID | ID of the user | 
| User Status | Status of the user | 
| User Type | Type of user | 
| Start Date | Joining date of the user | 
| End Date | Leaving date of the user | 
23.3.3.5 User Membership History
This report lists the logged in users with their membership history.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Last Name | First name of the user | 
| First Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| Employee Status | Status of the employee: Active, Disabled, Deleted, Disabled Until Start Date | 
| Employee Type | Type of the employee: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| User ID | ID of the user | 
| User First Name | First name of the user | 
| User Last Name | Last name of the user | 
| Organization | Organization of the user | 
| Employee Status | Status of the employee: Active, Disabled, Deleted, Disabled Until Start Date | 
| Employee Type | Type of the employee: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| User Role | Name of the user role | 
| Membership Status | Status of membership | 
| Effective From | Date from which the membership is effective | 
| Updated By | User who updated the record | 
23.3.4 Password Reports
The password reports are Password Expiration Summary Report, Password Reset Summary Report, and Resource Password Expiration Report.
Oracle Identity Manager provides the following password reports:
23.3.4.1 Password Expiration Summary Report
This report shows the list of all active users whose Oracle Identity Manager passwords are about to expire within a specified period.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Last Name | Last name of the user | 
| First Name | First name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| Expiration Date Range From | Start date of the expiration date | 
| Expiration Date Range To | End date of the expiration date | 
Fields
N/A
Columns
The following table lists the columns of the report:
| Report Field | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Employee Type | Type of the employee: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor | 
| Employee Status | Status of the employee: Active, Disabled, Deleted, Disabled Until Start Date | 
| Organization | Organization of the user | 
| Password Expiration Date | Date on which the password expires | 
23.3.4.2 Password Reset Summary Report
This report provides the ability to view the aggregated metrics around password change attempts done by users themselves or on behalf of them. The metrics include all password change attempts, successful or failure outcome of password change attempt, users locked due to multiple concurrent unsuccessful password change attempts.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Aggregation Frequency | The frequency of the report generated | 
| Date Range From | Start date of the report generated | 
| Date Range To | End date of the report generated | 
| Organization | Name of the organization | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Aggregation Frequency | The frequency of the report generated | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Time Period | Date and time of reset attempts performed | 
| Reset Attempts | Number of reset attempts | 
| Failed Reset Attempts | Number of failed reset attempts | 
| Locked Users due to Failed Reset Attempts | Number of users locked due to a failed reset attempt | 
| Resets by non-beneficiary | Number of resets by non-beneficiary | 
23.3.4.3 Resource Password Expiration Report
It lists users whose resource passwords will expire in a specified time period.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Resource Name | Name of the resource | 
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| User Status | Status of the user | 
| Password Expiration Date From | The password expiry starting date | 
| Password Expiration Date To | The password expiry ending date | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Resource Type | Type of resource | 
Columns
The following table lists the columns of the report:
| Report Field | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| User Status | Status of the user: Active, Disabled, Deleted, Disabled Until Start Date | 
| User Type | Type of the user: Full-Time, Part-Time, Temp, Intern, Consultant, Contractor | 
| Password Expiration Date | Date on which the password expires | 
23.3.5 Resource and Entitlement Reports
The resource and entitlement reports are Account Activity In Resource, Delegated Admins and Permissions by Resource, Delegated Admins by Resource, Entitlement Access List, Entitlement Access List History, Financially Significant Resource Details, Resource Access List History, Resource Access List, Resource Account Summary, Resource Activity Summary, User Resource Access History, User Resource Access, User Resource Entitlement, and User Resource Entitlement History.
Oracle Identity Manager BI Publisher Reports provides the following resource and entitlement reports for Oracle Identity Manager:
23.3.5.1 Account Activity In Resource
The Account Activity in Resource report lists all account activities in each resource, and provides information on how each user is associated with a specific activity of that resource.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Resource Name | Name of the resource | 
| Date Range From | Date from which reports are displayed | 
| Date Range To | Date to which reports are displayed | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Resource Name | Name of the resource | 
| Activity Type | The type of activity | 
| Resource Authorizer User Role(s) | Name of the role which authorize the role | 
| Resource Administrator User Role(s) | Name of the role which authorize the resource | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| User Status | Status of the user: Active, Disabled, Deleted, Disabled Until Start Date | 
| Organization | Organization of the user | 
| Manager's User ID | ID of the manager | 
| Timestamp | Date when the report is created | 
23.3.5.2 Delegated Admins and Permissions by Resource
This report displays the list of user roles with write and delete access that are administrators of the resource.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Resource Name | Name of the resource | 
Fields
N/A
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Administrator Role Name | Name of the Administrator role | 
| Administrator Role Information | Information about the Administrator role | 
| Read Access | Indicates whether the resource has read access | 
| Write Access | Indicates whether the resource has write access | 
| Delete Access | Indicates whether the resource has delete access | 
| Authorizer Role | Authorizer role name | 
| Name Priority | Priority of the resource | 
| Created By | Name of the person who created the resource | 
| Creation Date | Resource creation date | 
23.3.5.3 Delegated Admins by Resource
The report displays the list of user roles that are the administrators or authorizers of the resource and members of those roles.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Resource Name | Name of the resource | 
| Resource Type | Type of resource | 
| Resource Audit Objective | Objective to carry out the audit for the resource | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Resource Type | Type of resource | 
| Target | Indicates whether the resource is a target for organization or user | 
| Write Access | Indicates whether the resource has write access | 
| Delete Access | Indicates whether the resource has delete access | 
| Creation By | Resource creation source | 
| Creation Date | Date on which resource is created | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| User Status | Status of the user | 
| Member Since | Joining date of the user | 
| Manager's First Name | First name of the manager | 
| Manager's Last Name | Last name of the manager | 
| Manager's User ID | ID of the manager | 
23.3.5.4 Entitlement Access List
This report provides administrators or auditors the ability to query all existing users, who have a specified entitlement. This report can be used for operational and compliance purposes.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Entitlement Code | Code of the entitlement | 
| Resource Name | Name of the resource | 
| Organization | Organization of the user | 
| Role Name | Name of the role | 
| User Status | Status of the user: Active, Disabled, Deleted, Disabled Until Start Date | 
| User Type | Type of user | 
| Provisioning Date From | Date from which the resource is provisioned to the user | 
| Provisioning Date To | Date to which the resource is provisioned to the user | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Entitlement Code | Code of the entitlement | 
| Entitlement Name | Name of the entitlement | 
| Entitlement status | Status of the entitlement. | 
| Resource Name | Name of the resource | 
| Resource Type | Type of resource | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| User Id | ID of the user | 
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User Status | User Status | 
| User Type | Type of the user | 
| Organization | Organization of the user | 
| Valid To Date | Entitlement valid from date | 
| Valid From Date | Entitlement valid to date | 
23.3.5.5 Entitlement Access List History
This report provides administrators or auditors the ability to query all existing users provisioned to a entitlement over its lifecycle. This is a lifetime report showing entire history of resource's access list or entitlements.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Entitlement Code | Code of the entitlement | 
| Resource Name | Name of the resource | 
| Organization | Organization of the user | 
| Role Name | Name of the role | 
| User Status | Status of the user: Active, Disabled, Deleted, Disabled Until Start Date | 
| User Type | Type of user | 
| Effective From Date | Entitlement effective from date | 
| Effective To Date | Entitlement effective to date | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Entitlement Code | Code of the entitlement | 
| Entitlement Name | Name of the entitlement | 
| Resource Name | Name of the resource | 
| Resource Type | Type of resource | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| User Id | ID of the user | 
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User Status | Status of the user | 
| User Type | Type of user | 
| Effective From | Entitlement effective from date | 
| Effective To | Entitlement effective to date | 
23.3.5.6 Financially Significant Resource Details
This report provides Administrators to get a list of financially significant resources to prioritize various administrative and cleanup activities. It also helps Compliance or Privacy and Security officers assessing effectiveness of preventive and detective controls in financial significant resources and Auditors to understand the IT resources that host financial data.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Resource Name | Name of the resource | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Resource Type | Type of resource | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| User Roles | Lists the resource administrator user roles | 
23.3.5.7 Resource Access List History
This report provides administrators or auditors the ability to query all existing users provisioned to a resource over its lifecycle. This is a lifetime report showing entire history of resource's access list or entitlements.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Resource Name | Name of the resource | 
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| User Status | Status of the user | 
| User Type | Type of the user | 
| Snapshot Date From | Effective start date of resource access to the user | 
| Snapshot Date To | Effective end date of resource access to the user | 
| Changes Date From | Resource changed from date to user | 
| Changes Date To | Resource changed to date to user | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Resource Type | Type of resource | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| Resource Descriptive data | Descriptive data to identify the resource | 
| User Status | Status of the user | 
| Resource Status | Status of the resource | 
| Effective From | Effective start date | 
| Effective To | Effective end date | 
23.3.5.8 Resource Access List
This report provides administrators or auditors the ability to query all existing users provisioned to a specified resource. This report can be used for operational and compliance purposes.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Resource Name | Name of the resource | 
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| User Status | Status of the user | 
| User Type | Type of the user | 
| Provisioning Date From | Resource provision start date | 
| Provisioning Date To | Resource provision end date | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Resource Type | Type of resource | 
Columns
The following table lists the columns of the report:
| Report Parameter | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| User Type | Type of the user | 
| User Status | Status of the user | 
| Organization | Organization of the user | 
| Provisioning Date | Date on which the resource is provisioned | 
23.3.5.9 Resource Account Summary
This report lists the number of users for each status within each resource.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Resource Name | Name of the resource | 
| Resource Type | Type of resource | 
| Account Status | Status of the account | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Resource Type | Type of resource | 
| Total Number of Users | Total number of users associated with the account | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Account Status | Status of the account | 
| Number of Users | Number of users with that account status | 
23.3.5.10 Resource Activity Summary
It lists the history of all provisioning and approval activities for a resource.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Resource Name | Name of the resource | 
| Date Range From | Start date | 
| Date Range To | End date | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Resource Type | Type of resource | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Accounts Provisioned | Number of accounts provisioned | 
| Accounts De-Provisioned | Number of accounts de-provisioned | 
| Approval Requests | Number of approval requests | 
| Approval Accepted | Number of approved requests | 
| Approval Rejected | Number of rejected requests | 
23.3.5.11 User Resource Access History
This report provides administrators or auditors the ability to view user's resource access history over user's lifecycle. This report can be used for compliance and forensic auditing purposes. This is not a user access profile snapshot report. This is a lifetime report showing entire history of user's entitlements.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| Status | Status of the user | 
| Employee Type | Type of employee | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| User ID | ID of the user | 
| User First Name | First name of the user | 
| User Last Name | Last name of the user | 
| Manager User ID | ID of the reporting Manager | 
| Manager First Name | First name of the reporting Manager | 
| Manager Last Name | Last name of the reporting Manager | 
| Organization | Organization of the user | 
| Employee Status | Status of employee | 
| Employee Type | Type of employee | 
| Identity Creation Date | User creation date | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Resource Name | Name of the resource | 
| Resource Descriptive Data | Description of the resource | 
| Provisioned Date | Date on which the resource is provisioned | 
| Provisioned By | Name of the person who provisioned the resource | 
| Effective From | Effective start date of resource access to the user | 
| Effective To | Effective end date of resource access to the user | 
23.3.5.12 User Resource Access
This report provides administrators or auditors the ability to query all existing users provisioned to a specified resource. This report can be used for operational and compliance purposes.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| Employee Status | Status of employee | 
| Employee Type | Type of employee | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| User ID | ID of the user | 
| User First Name | First name of the user | 
| User Last Name | Last name of the user | 
| Manager User ID | ID of the reporting Manager | 
| Manager First Name | First name of the reporting Manager | 
| Manager Last Name | Last name of the reporting Manager | 
| Organization | Organization of the user | 
| Employee Status | Status of employee | 
| Employee Type | Type of employee | 
| Identity Creation Date | User creation date | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Resource Name | Name of the resource | 
| Resource Descriptive Data | Description of the resource | 
| Resource Status | Status of the resource | 
| Provisioned Date | Date on which the resource is provisioned | 
23.3.5.13 User Resource Entitlement
This report provides administrators or auditors the ability to query all existing entitlements provisioned to specific users. This report can be used for operational and compliance purposes.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| User ID | ID of the user | 
| First Name | First name of the user | 
| Last Name | Last name of the user | 
|  | Email of the user | 
| Resource Name | Name of the resource | 
| Organization | Organization of the user | 
| Role Name | Name of the role | 
| User Status | Status of the user | 
| User Type | Type of the user | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| User ID | ID of the user | 
| First Name | First name of the user | 
| Middle Name | Middle name of the user | 
| Last Name | Last name of the user | 
|  | Email of the user | 
| Organization | Organization of the user | 
| User Status | Status of the user | 
| User Type | Type of the user | 
| Manager First Name | First name of the manager | 
| Manager Last Name | Last name of the manager | 
| Start Date | Entitlement of resource start date | 
| End Date | Entitlement of resource end date | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Entitlement Code | Code of the entitlement | 
| Entitlement Name | Name of the entitlement | 
| Entitlement Status | Status of the entitlement | 
| Resource | Type of the resource | 
| Provisioning Start | Date from which the resource is provisioned to the user | 
| Valid From Date | Entitlement of resource valid start date | 
23.3.5.14 User Resource Entitlement History
This report provides administrators or auditors the ability to view user's resource entitlement history over user's lifecycle. This report can be used for compliance and forensic auditing purposes. This is not a user access profile snapshot report. This is a lifetime report showing entire history of user's entitlements.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| User ID | ID of the user | 
| First Name | First name of the user | 
| Last Name | Last name of the user | 
|  | Email of the user | 
| Resource Name | Name of the resource | 
| Organization | Organization of the user | 
| Role Name | Name of the role | 
| User Status | Status of the user | 
| User Type | Type of the user | 
| Effective From Date | Resource entitlement effective start date | 
| Effective To Date | Resource entitlement effective end date | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| User ID | ID of the user | 
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User Status | Status of the user | 
| User Type | Type of the user | 
| Organization | Organization of the user | 
|  | Email of the user | 
| Start Date | Start date of resource entitlement | 
| End Date | End date of resource entitlement | 
| Identity Creation Date | Date of identity creation | 
| Manager First Name | First name of the manager | 
| Manager Last Name | Last name of the manager | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Entitlement Code | Code of the entitlement | 
| Entitlement Name | Name of the entitlement | 
| Resource | Type of the resource | 
| Effective From Date | Resource entitlement effective start date | 
| Effective To Date | Resource entitlement effective end date | 
23.3.6 User Reports
The user reports are User Creation, User Profile History, User Summary, Users Deleted, Users Disabled, and Users Unlocked.
Oracle Identity Manager provides the following user reports:
23.3.6.1 User Creation
This report lists all Oracle Identity Manager users created between a specified date range. In addition, it provides the source of information on the users created.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Employee Status | Status of the user | 
| Employee Type | Type of employee | 
| Creation Date From | Start date of user summary | 
| Creation Date To | End date of user summary | 
| Organization | Organization of the user | 
Fields
N/A
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| Employee Current Status | Status of the user | 
| Employee Type | Type of employee | 
| Manager ID | ID of the Manager to whom the user reports | 
| Source of Creation | User creation source | 
| Creation On | Date on which the user is created | 
| Created By | User who created the user | 
23.3.6.2 User Profile History
This report shows all the users and their details based on the input parameters.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| Role Name | Role of the user | 
| Manager User ID | ID of the Manager to whom the user reports | 
| Employee Status | Status of the user | 
| Employee Type | Type of employee | 
| Changes Date Range From | Effective start date of the changes | 
| Changes Date Range To | Effective end date of the changes | 
| Snapshot Date Range From | Effective start date of resource access to the user | 
| Snapshot Date Range To | Effective end date of resource access to the user | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| User ID | ID of the user | 
| User First Name | First name of the user | 
| User Last Name | Last name of the user | 
| Manager User ID | ID of the reporting Manager | 
| Manager First Name | First name of the reporting Manager | 
| Manager Last Name | Last name of the reporting Manager | 
| Organization | Organization of the user | 
| Employee Status | Status of employee | 
| Employee Type | Type of employee | 
| Identity Creation Date | User creation date | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Profile Parameter | Name of user profile | 
| Value | Value of user profile | 
| Date Effective From | Effective from date | 
| Time Effective From | Effective from time | 
| Updated By | User who updated the record | 
23.3.6.3 User Summary
It lists all Oracle Identity Manager User's summary in a specified time period. It includes user details along with source of creation, and who created it and when.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Employee Status | Status of the user | 
| Employee Type | Type of employee | 
| Creation Date From | Start date of user summary | 
| Creation Date To | End date of user summary | 
| Organization | Organization of the user | 
Fields
N/A
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| Employee Status | Status of the user | 
| Employee Type | Type of employee | 
| Manager ID | ID of the Manager to whom the user reports | 
| Source | User creation source | 
| Creation Date | Date at which the user is created | 
23.3.6.4 Users Deleted
This report shows all the deleted users and their details based on input parameters.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| Employee Type | Type of employee | 
| Deletion Date From | Start date of summary of deleted users | 
| Deletion Date To | End date of summary of deleted users | 
| Organization | Organization of the user | 
Fields
N/A
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| Employee Type | Type of employee | 
| Manager ID | ID of the Manager to whom the user reports | 
| Source | User creation source | 
| Deletion Date | Date at which the user is deleted | 
23.3.6.5 Users Disabled
This report provides the ability to view the details of users whose accounts are disabled. The account may be disabled for various reasons, for example, unsuccessful login or password reset attempts failure.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| Employee Type | Type of employee | 
| Disabled Date From | Start date of user disabled | 
| Disabled Date To | End date of user disabled | 
| Organization | Organization of the user | 
Fields
N/A
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| Employee Status | Current status of the employee | 
| Employee Type | Type of employee | 
| Manager ID | ID of the Manager to whom the user reports | 
| Source | User creation source | 
| Disabled Date | Date at which the user is disabled | 
| Updated By | Users who updated the record | 
23.3.6.6 Users Unlocked
This report provides the ability to view the details of users whose disabled accounts are unlocked by administrators. Delegated administrators of the organizations to whom the user belongs may enable the accounts.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| Employee Type | Type of employee | 
| Unlocked Date From | Start date of user unlocked | 
| Unlocked Date To | End date of user unlocked | 
| Organization | Organization of the user | 
Fields
N/A
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| Employee Status | Status of the user | 
| Employee Type | Type of employee | 
| Manager ID | ID of the Manager to whom the user reports | 
| Source | User creation source | 
| Unlocked Date | Date at which the user is unlocked | 
| Updated By | User who updated the record | 
23.3.7 Certification Reports
Certification reports select data from the certification tables of the Oracle Identity Manager database.
There are a list of predefined or default certification reports in Oracle Identity Manager. Table 23-1 lists the default certification reports for each type of certification.
Table 23-1 Default Certification Reports
| Certification Type | Certification Report | Description | 
|---|---|---|
| User certification | Complete Certification Report | Presents comprehensive data of a user certification. This report includes a list of all employees and their access. | 
| User certification | Certified Access Report | Lists access marked as certified. | 
| User certification | Revoked Access Report | Lists access marked as revoked. | 
| User certification | Abstained Access Report | Lists certification items that the certifier declined to complete because the certifier is not responsible for verifying the user's assigned roles and entitlements. | 
| User certification | Certified Conditionally Access Report | Lists access that the certifier approved temporarily, even though the access may not be appropriate or justified in the long term. Reviewers are required to enter an end date, which is included in this report. However, the access is not revoked and notices are not sent out about expired end dates. | 
| User certification | Complete Certification Task Report | Presents user-certification data based on certification tasks. This is a subset of the Complete Certification Report. | 
| Role certification | Complete Certification Report | Presents comprehensive data of a role certification. | 
| Role certification | Certified Access Report | Lists entitlements marked as certified. | 
| Role certification | Revoked Access Report | Lists entitlements as revoked. | 
| Role certification | Abstained Access Report | Lists certification items that the certifier declined to complete because the certifier is not responsible for verifying the role's assigned memberships. | 
| Role certification | Certified Conditionally Access Report | Lists access that the certifier approved temporarily, even though the access may not be appropriate or justified in the long term. Reviewers are required to enter an end date, which is included in this report. However, the access is not revoked and notices are not sent out about expired end dates. | 
| Role certification | Complete Certification Task Report | Presents role-certification data based on certification tasks. This is a subset of the Complete Certification Report. | 
| Application instance certification | Complete Certification Report | Presents comprehensive data of an application instance certification. | 
| Application instance certification | Certified Access Report | Lists entitlements marked as certified. | 
| Application instance certification | Revoked Access Report | Lists entitlements marked as revoked. | 
| Application instance certification | Abstained Access Report | Lists certification items that the certifier declined to complete because the certifier is not responsible for verifying the application instances's assigned users and accounts. | 
| Application instance certification | Certified Conditionally Access Report | Lists access that the certifier approved temporarily, even though the access may not be appropriate or justified in the long term. Reviewers are required to enter an end date, which is included in this report. However, the access is not revoked and notices are not sent out about expired end dates. | 
| Application instance certification | Complete Certification Task Report | Presents certification data for application instances based on certification tasks. This is a subset of the Complete Certification Report. | 
| Entitlement certification | Complete Certification Report | Presents comprehensive data of an entitlement certification. | 
| Entitlement certification | Certified Access Report | Lists access marked as certified. | 
| Entitlement certification | Revoked Access Report | Lists access marked as revoked. | 
| Entitlement certification | Abstained Access Report | Lists certification items that the certifier declined to complete because the certifier is not responsible for verifying the entitlement's assigned accounts and attributes. | 
| Entitlement certification | Certified Conditionally Access Report | Lists access that the certifier approved temporarily, even though the access may not be appropriate or justified in the long term. Reviewers are required to enter an end date, which is included in this report. However, the access is not revoked and notices are not sent out about expired end dates. | 
| Entitlement certification | Complete Certification Task Report | Presents entitlement-certification data based on certification tasks. This is a subset of the Complete Certification Report. | 
23.3.8 Identity Audit Reports
An IDA Policy Violation report can be generated for a Policy, Scan Stop Date, Manager, Remediator or selected users.
IDA Policy Violation Reports are available for download from Reports link in the Compliance tab of Oracle Identity Self Service.
The following types of reports are available:
- 
                           Closed Policy Violation Report: Contains all the policy violations that are in Closed state. 
- 
                           Remediation Completed Policy Violation Report: Contains all the policy violations that are in Remediation Completed state. 
- 
                           Expired Policy Violation Report: Contains all the policy violations that are in Expired state. 
- 
                           Remediation In Progress Policy Violation Report: Contains all the policy violations that are in Remediation In Progress state. 
- 
                           Remediation Under Review Policy Violation Report: Contains all the policy violations that are in Remediation Under Review state. 
- 
                           Open Policy Violation Report: Contains all the policy violations that are in Open state. 
- 
                           Preview Policy Violation Report: Contains all the policy violations that are in Preview state. 
- 
                           Assigned Policy Violation Report: Contains all the policy violations that are in Assigned state. 
23.3.9 Exception Reports
The exception reports are Fine Grained Entitlement Exceptions By Resource, Orphaned Account Summary Report, and Rogue Accounts By Resource.
This section describes about the exception reports in the following topics:
23.3.9.1 About Exception Reports
In Oracle Identity Manager, exception refers to the difference between accounts that a user is entitled to and the accounts that are actually assigned to a user. The user is assigned these accounts as a result of access policies, provisioning of resources, approval requests, and reconciliation events. Any difference of these accounts assigned to a user in the target system and the ones assigned to the user in Oracle Identity Manager comprises an exception. Exception reports are enabled by default.
Oracle Identity Manager provides the following exception reports:
- 
                              Rogue Accounts By Resource This report returns a list of all the rogue accounts existing in a resource. The following exceptions are reported: - 
                                    Account exists in the target system, but has been deprovisioned for the corresponding user in Oracle Identity Manager 
- 
                                    Account exists and is active in the target system, but account does not exist in Oracle Identity Manager (user exists) 
- 
                                    Account exists and is active in the target system, but user does not exist in Oracle Identity Manager 
- 
                                    Account exists and is active in the target system, but Oracle Identity Manager user has been disabled 
- 
                                    Account exists and is active in the system target, but Oracle Identity Manager user has been deleted 
 
- 
                                    
- 
                              Orphaned Account Summary Report: An account that exists in the target system, but the corresponding user to whom the account is provisioned has been deleted in Oracle Identity Manager. For the given input resource, it lists the rogue accounts that exist in the target system, but the corresponding users to whom the accounts are provisioned has never existed in Oracle Identity Manager. 
- 
                              Fine Grained Entitlement Exceptions By Resource This report returns a list of all the accounts in a resource for which the process form data being reconciled is different from the expected values. It means that this report returns any account existing in the target system that is also provisioned to the corresponding user in Oracle Identity Manager, but for which the process data does not match. Note: - 
                                       After completion of initial target reconciliation, all account-related activities performed directly on a target resource are tracked as exception activity. Account-related activities include account creation, account modification, and entitlement assignment/revocation. The exception reports should be used only if the organization policies enforce that all account-related activities in target resources would always be initiated in Oracle Identity Manager. In addition, remember that exception detection and recording are an extension of account data reconciliation and, therefore, may result in a drop in performance during reconciliation. 
- 
                                       All the exception reports depend on reconciliation data. Therefore, these reports will not display any data if the corresponding reconciliation events are archived. 
 
- 
                                       
23.3.9.2 Fine Grained Entitlement Exceptions By Resource
This report enables administrators, signing officers, internal and external auditors to analyze discrepancies in various process forms and related child tables of various resources and mitigate material weaknesses in the resources through remediation activities.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Resource Name | Name of the resource | 
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Employee Type | Type of the employee such as fulltime, part time | 
| Organization Name | Name of the organization | 
| Role Name | Name of the role | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Resource Name | Name of the resource | 
| User ID | ID of the user | 
| First Name | First name of the user | 
| Last Name | Last name of the use | 
| Organization Name | Name of the organization | 
| Employee Status | Status of the user | 
| Employee Type | Type of the user | 
| Reviewer First Name | First name of the reviewer | 
| Reviewer Last Name | Last name of the reviewer | 
| Unique ID Attribute | Unique ID attribute in account profile | 
| Unique ID Value in Account Profile | Unique ID value in account profile | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Form Name | Name of the form | 
| Form Type | Type of the form | 
| Form Field Name | Field name of the form | 
| Expected Form Field Value | Old value of the field | 
| Actual Form Field Value | New value of the field | 
Note:
Before running this report, you must populate data for account audit and reconciliation exceptions.
To populate the data for account audit and reconciliation exceptions:
- 
                                 Provision an user to any target. 
- 
                                 Modify any of the user's attribute in the target and reconcile the user. 
- 
                                 Find data in UPA_UD_FORMFIELDS and UPA_UD_FORMS tables. 
- 
                                 Go to Oracle Identity Manger server and run RefreshMaterializedViewScheduler Task. 
- 
                                 Log in to BIP and view the report. 
23.3.9.3 Orphaned Account Summary Report
It lists the rogue accounts for the input resource for which a user existed in the target system, but the associated user to whom the account is provisioned never existed in Oracle Identity Manager.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Resource Name | Name of the resource | 
| Reconciliation Date Range From | Start date of reconciliation | 
| Reconciliation Date Range To | End date of reconciliation | 
Fields
N/A
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Resource | Name of the resource | 
| Account Information | Information of the orphaned account | 
| Account Detail | Details of the account associated with this orphaned account | 
| Reconciliation Date | Date of reconciliation | 
23.3.9.4 Rogue Accounts By Resource
This report includes all rogue accounts for the input resource. This enables administrators, signing officers, internal and external auditors to identify material weaknesses in the resources and plan their mitigation through remediation activities.
Input Parameters
The following table lists the input parameters for the report.
| Report Parameter | Description | 
|---|---|
| Resource Name | Name of the resource | 
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization Name | Organization of the user | 
| User Status | Status of the user | 
| User Type | Type of the user | 
| Exception Type | Type of exception | 
Fields
The following table lists the fields of the report:
| Report Field | Description | 
|---|---|
| Resource Type | Type of resource | 
Columns
The following table lists the columns of the report:
| Report Column | Description | 
|---|---|
| Exception Type | Type of exception | 
| First Name | First name of the user | 
| Last Name | Last name of the user | 
| User ID | ID of the user | 
| Organization | Organization of the user | 
| User Status | Status of the user | 
| User Type | Type of the user | 
| Account Details | Details of the rogue account | 
| Reviewer First Name | First name of the reviewer | 
| Reviewer Last Name | Last name of the reviewer | 
| Reviewer User ID | User ID of the reviewer | 
23.4 Required Scheduled Tasks for BI Publisher Reports
The RefreshMaterializedView, IssueAuditTask, Entitlement List, Entitlement Assignment, and Entitlement Updates scheduled tasks are required for BI Publisher reports.
Table 23-2 lists the scheduled tasks required for Oracle Identity Manager BI Publisher reports:
Table 23-2 Scheduled Tasks for BI Publisher Reports
| Report Name | Scheduled Task Name | Description | 
|---|---|---|
| Fine Grained Entitlement Exceptions By Resource | RefreshMaterializedView | To refresh the Materialized View used in this report with the latest data | 
| User Profile History | IssueAuditTask | To populate the audit tables with the latest data | 
| User Unlocked | IssueAuditTask | To populate the audit tables with the latest data | 
| User Membership History | IssueAuditTask | To populate the audit tables with the latest data | 
| Role Membership History | IssueAuditTask | To populate the audit tables with the latest data | 
| Resource Access List History | IssueAuditTask | To populate the audit tables with the latest data | 
| User Resource Access History | IssueAuditTask | To populate the audit tables with the latest data | 
| Resource Activity Summary | IssueAuditTask | To populate the audit tables with the latest data | 
| Password Reset Summary | IssueAuditTask | To populate the audit tables with the latest data | 
| Entitlement Reports | Entitlement List | To populate the Entitlement List table with the marked entitlements | 
| Entitlement Reports | Entitlement Assignment | To populate the Entitlement Assignment tables with the assigned entitlements | 
| Entitlement Reports | Entitlement Updates | To populate the latest data into the Entitlement Assignment tables, if any entitlement has assigned to any user periodically or later | 
23.5 Best Practices for Running Oracle Identity Governance Reports
Some of the best practices to be followed for BI Publisher reports include not running the reports with null value in date range parameters and running the reports with the set of values as input parameters to provide the selectivity.
As a best practice, you must consider the following points before running Oracle Identity Manager BI publisher reports:
- 
                        Do not run Oracle Identity Manager reports with null value in date range parameters. You must run Oracle Identity Manager reports always with date range values in data range parameters, otherwise report will not display anything. 
- 
                        Invoke the reports with the set of values as input parameters to provide the selectivity, thus improving the performance. 
- 
                        By default, the System Administrator user of Oracle Identity Manager has all the permissions to login to BI Publisher and access all the Oracle Identity Manager Reports.