My Oracle Support Banner

Oracle Identity Manager (OIM) 11g and Oracle Identity Governance (OIG) 12c Access Policy Harvesting Steps for Reconciled Entitlements (Doc ID 2003107.1)

Last updated on DECEMBER 24, 2022

Applies to:

Identity Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Goal

There is an entitlement which is part of an access policy. But a user in OIM gets this entitlement via reconciliation. Then the User is given a OIM Role which is attached to the access policy which provisions the same entitlement. Later when that OIM role is taken away from the user, the access policy evaluation does not remove the entitlement. The entitlement can only be removed via a direct revocation of the entitlement. 

How to use access policy harvesting to manage such entitlements which are reconciled so those are managed by the access policy?

 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.