12-26 Oracle Fusion Middleware Users Guide for Oracle Identity Manager After a role grant request is generated, the request ID is displayed in the Administrative and User Console. This is for tracking the request in the Self Service or Advanced Administration. Role grant requests have the following details: ■ Request ID: Automatically generated ■ Request Type: Based on the request template ■ Request Status: Assigned ■ Date Requested: Current timestamp ■ Effective Date: Current timestamp ■ Requester: Null ■ Beneficiary: Null ■ Justification: Null 13 Managing Organizations 13-1 13 Managing Organizations An organization entity represents a logical container of entities such as users and other organizations in Oracle Identity Manager. Organizations are containers that can be used for delegated administrative models. In addition, an organization defines the scope of other Oracle Identity Manager entities, such as users. Oracle Identity Manager can have a flat organization structure or a hierarchical structure, which means that an organization can contain other organizations. The hierarchy represents departments, geographical areas, or other logical divisions facilitating management of Oracle Identity Manager entities. To scale the ability to manage a large number of roles and people in an organization of a significant size by using delegated administration, Oracle Identity Manager provides the ability to define delegated administration policies based on the membership of an object within a hierarchy. This also supports recursive organization membership, such as the hierarchy shown in Figure 13–1 : Figure 13–1 Recursive Organization Membership If a hierarchical delegated administration policy is defined to provide Delegated Administrator1 the permission to reset password starting from Engineering, then the permission is granted for Employee1, Employee2, Employee3, and Employee4. If the membership root is Development, then Bob has the permission for Employee2 and Employee3 only. 13-2 Oracle Fusion Middleware Users Guide for Oracle Identity Manager The functional description of the organization services and the UI components that support these services are described in the following sections: ■ Organization Entity Definition ■ Organization Management Tasks ■ Organization Management Authorization

13.1 Organization Entity Definition

In Oracle Identity Manager, attributes are defined by default for the organization entity. These attributes are the same for all entities, such as user, organization, role, role hierarchy, and role membership. For a list of attributes defined for the entities, see User Entity Definition on page 11-3. Table 13–1 lists the default attributes of the organization entity:

13.2 Organization Management Tasks

The tasks related to organization management are performed in the Organization Management section of Oracle Identity Management Administration. The tasks are described in the following sections: ■ Searching Organizations ■ Browsing Organizations ■ Creating an Organization Table 13–1 Default Attributes of the Organization Entity Attribute Name Category Type Data Type Display Type Properties Organization Name Basic Single String Single line text Required: Yes System-Can-Default: No System-Controlled: No Encryption: Clear User-Searchable: Yes Type Basic Single String LOV Required: Yes System-Can-Default: Yes System-Controlled: Yes Encryption: Clear User-Searchable: Yes Parent Organization Basic Single String Single line text Required: No System-Can-Default: No System-Controlled: No Encryption: Clear User-Searchable: Yes Status Basic Single String Single line text Required: Yes System-Can-Default: Yes System-Controlled: Yes Encryption: Clear User-Searchable: Yes