Oracle Identity Manager (OIM) 11g and Oracle Identity Governance (OIG) 12c Access Policy Harvesting Steps for Reconciled Entitlements
(Doc ID 2003107.1)
Last updated on DECEMBER 24, 2022
Applies to:
Identity Manager - Version 11.1.2.3.0 and laterInformation in this document applies to any platform.
Goal
There is an entitlement which is part of an access policy. But a user in OIM gets this entitlement via reconciliation. Then the User is given a OIM Role which is attached to the access policy which provisions the same entitlement. Later when that OIM role is taken away from the user, the access policy evaluation does not remove the entitlement. The entitlement can only be removed via a direct revocation of the entitlement.
How to use access policy harvesting to manage such entitlements which are reconciled so those are managed by the access policy?
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |