My Oracle Support Banner

"AccessDeniedException: IAM-3054101" Error: User With Admin Role Having Role Related Capbility Is Unable to Add Self to A Role (Doc ID 2167488.1)

Last updated on APRIL 30, 2019

Applies to:

Identity Manager - Version 11.1.2.3.160719 to 11.1.2.3.160719 [Release 11g]
Information in this document applies to any platform.

Symptoms

User <ADMINUSER> belongs to an Admin Role<ADMINROLE> with capabilities:

. Grant Role Memberships

. Revoke Role Memberships

. Role Modify

. Role View/Search

<ADMINUSER> is able to add other users to some OIM Role <OIMROLE> but they cannot add themselves to the role.

If they try to add themselves to the role the following exception is thrown:

 Note: capabilities Grant Role Memberships and Revoke Role Memberships are provided by fix 22664253, which was included in the OIM 11.1.2.3 Bundle Patches starting with 11.1.2.3.160719.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.