1. Home
  2. Lainnya

Provisioning Statuses and Exception Handling

Understanding the Oracle Directory Integration Platform for Provisioning 12-17 to manage and provision users, manage applications, or any combination of these privileges, as described in the following scenarios: ■ Provisioning Administration Model ■ Oracle Delegated Administration Services Privileges ■ Provisioning Administration Privileges ■ Application Administration Privileges ■ Oracle Delegated Administration Services and Provisioning Administration Privileges ■ Application Administration and Oracle Delegated Administration Services Privileges ■ Provisioning and Application Administration Privileges ■ Oracle Delegated Administration Services, Provisioning, and Application Administration Privileges

12.7.1 Provisioning Administration Model

The following types of provisioning information is managed in Oracle Internet Directory: ■ Base user information. ■ Application-specific information. ■ User provisioning status in each provisioning-integrated application; this information is stored in the base user entry but is administered separately. Administrators and users each require the following types of privileges: ■ Administrators require privileges for managing base user attributes and application-specific information. ■ Users require privileges for managing their own base attributes and application-specific information. User accounts with administrative privileges are represented by the group entry cn=User Provisioning Admins,cn=Groups,cn=OracleContext. To manage application-specific information, the application must grant privileges to the cn=User Provisioning Admins,cn=Groups,cn=OracleContext group. If an application already defines a group with administrative privileges, then the application needs to add this group as a member of the group.

12.7.2 Oracle Delegated Administration Services Privileges

For administrators with privileges for Oracle Delegated Administration Services administration, Create, Delete, and Edit buttons are available in the Provisioning Console for performing user creation, deletion, and modification. When an administrator who only has administrative rights for Oracle Delegated Administration Services clicks one of these buttons, single-step procedures are used for performing the function. Note: Oracle Directory Integration Platform 11g Release 1 11.1.1 interoperates with and supports Oracle Delegated Administration Services release 10.1.4.3.0 and higher. 12-18 Oracle Fusion Middleware Administrators Guide for Oracle Directory Integration Platform

12.7.3 Provisioning Administration Privileges

For administrators with provisioning privileges, Create, Delete, and Edit buttons are available in the Provisioning Console for performing user creation, deletion, and modification. However, unlike the single-step procedures that occur for administrators with Oracle Delegated Administration Services privileges, wizard-based procedures perform creation and modification for administrators with provisioning privileges. User deletion is performed with the same single-step procedure that is available with Oracle Delegated Administration Services privileges, as described in Oracle Delegated Administration Services Privileges on page 12-17.

12.7.4 Application Administration Privileges

For administrators with application administration privileges, but not Oracle Delegated Administration Services privileges or provisioning privileges, Create and Delete buttons are not available in the Provisioning Console. However, there is an Edit button that launches the same wizard that is available with provisioning administration privileges, as described in Provisioning Administration Privileges on page 12-18. If the application administrator does not have provisioning privileges, then the first page in the wizard, which is used for general user provisioning, is read-only. Yet, the application administrator can modify the application provisioning attributes that are available on other pages in the wizard.

12.7.5 Oracle Delegated Administration Services and Provisioning Administration Privileges

Administrators with Oracle Delegated Administration Services privileges and provisioning privileges have the same rights that are available with provisioning administration privileges, as described in Provisioning Administration Privileges on page 12-18.

12.7.6 Application Administration and Oracle Delegated Administration Services Privileges

This section explains how privileges are delegated if an administrator is assigned various Oracle Delegated Administration Services privileges and also has administrative privileges. 12.7.6.1 Application Administration Privileges and Oracle Delegated Administration Services User Creation Privileges For application administrators with user creation privileges in Oracle Delegated Administration Services, but not user editing or deletion privileges, the Create and Edit buttons are available in the Provisioning Console, but not the Delete button. User creation is performed with the same wizard-based procedure that is available with provisioning administration privileges, as described in Provisioning Administration Privileges on page 12-18. User editing privileges are the same as those available with application administration privileges, as described in Application Administration Privileges on page 12-18. 12.7.6.2 Application Administration Privileges and Oracle Delegated Administration Services User Editing Privileges For application administrators with user editing privileges in Oracle Delegated Administration Services, but not user creation or deletion privileges, the Edit button is available in the Provisioning Console, but not the Create or Delete buttons. User

Dokumen yang terkait

Oracle Fusion Middleware Online Documentation Library

0 4 110

Oracle Fusion Middleware Online Documentation Library

0 1 210

Oracle Fusion Middleware Online Documentation Library

0 3 60

Oracle Fusion Middleware Online Documentation Library

0 5 76

Oracle Fusion Middleware Online Documentation Library

0 0 44

Oracle Fusion Middleware Online Documentation Library

0 0 70

Oracle Fusion Middleware Online Documentation Library

0 0 18

Oracle Fusion Middleware Online Documentation Library

0 0 152

Oracle Fusion Middleware Online Documentation Library

0 0 76

Oracle Fusion Middleware Online Documentation Library

0 1 74