My Oracle Support Banner

OCI Identity Cloud Service (IDCS) - After P2T Unable to Provision Users from IDCS To Fusion Application (FA) (Doc ID 2868566.1)

Last updated on OCTOBER 12, 2022

Applies to:

Identity Cloud Service (IDCS) - Version N/A to N/A
Information in this document applies to any platform.

Goal

This article provides information related to the relationship between synced users from IDCS to the Fusion Application (FA).

Applicable: when you have a sync setup from IDCS to FA in an environment and IDCS is the authoritative source there can be an issue after a P2T.

IDCS maintains the status of the users when they are synced from IDCS to FA. If the users in the FA (Fusion Application) are changed or removed in that application, IDCS will not allow for the users in IDCS to be created as it looks to FA (Fusion Application) to be the source of truth.

Issue presentation -  P2T performed in FA and deleted ALL of the users in Fusion thinking IDCS would recreate them. The link between the users existing in IDCS and FA was broken and the customer could not get IDCS to provision new users because IDCS had previously created them.

***P2T = Production to Test - operation performed at customer request by the FA (Fusion Application) Operations team, where the entire environment is cloned from a production pod to a test/dev pod. 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Goal
Solution
 Question: Why do we have both Grants and AccountMgmtInfo?
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.