Group Membership Changes Are Not Immediately Reflected in OPAM
Last updated on SEPTEMBER 08, 2017
Applies to:Oracle Privileged Account Manager - Version 22.214.171.124.0 and later
Information in this document applies to any platform.
Within OPAM, grants to target Accounts can be assigned as Group Grantees. That way, user rights can be managed by group membership in the external LDAP User Identity Store.
When a user's access is revoked; i.e. when they are removed from a Grantee Group, the account remains in the user's OPAM "My Accounts" list for several minutes. the target Account can still be seen in "My Accounts" even if a new search is performed.
The Account can still be checked out and the password revealed.
Is there any way to modify the refresh interval so that group membership updates and associated permissions are immediately reflected in the OPAM Grants?
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms