Group Membership Changes Are Not Immediately Reflected in OPAM
(Doc ID 1924425.1)
Last updated on SEPTEMBER 08, 2017
Applies to:Oracle Privileged Account Manager - Version 188.8.131.52.0 and later
Information in this document applies to any platform.
Within OPAM, grants to target Accounts can be assigned as Group Grantees. That way, user rights can be managed by group membership in the external LDAP User Identity Store.
When a user's access is revoked; i.e. when they are removed from a Grantee Group, the account remains in the user's OPAM "My Accounts" list for several minutes. the target Account can still be seen in "My Accounts" even if a new search is performed.
The Account can still be checked out and the password revealed.
Is there any way to modify the refresh interval so that group membership updates and associated permissions are immediately reflected in the OPAM Grants?
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document