Configuring User Attributes 13-15 Table 13 6 lists the attributes with the Visible property set to No or the System Controlled property set to Yes: Note: ■ The Modify and Create operations are not configurable to this level. All the attributes are displayed as editable on the User Management UI, with the following exceptions: Attributes with property Visible=No Attributes with property System Controlled=Yes ■ The attributes that are visible, but have the property System Controlled=Yes, are displayed as read only. See Table 13 6, Noneditable Attributes . ■ The final list of attributes displayed on the UI depends on the authorization policies configured. ■ Any user-defined field UDF is not displayed in the Available Attributes list for simple search. Table 13 6 Noneditable Attributes Attribute Visible System Controlled Full Name No No UID No Yes Manually Locked No Yes Locked On No Yes Automatically Delete On No No Provisioned Date No No Deprovisioned Date No No Login Attempts No Yes Created On No Yes Updated On No Yes Password Cannot Change No Yes Password Must Change No Yes Password Never Expires No Yes Password Expiration Date No Yes Password Warn Date No Yes Password Expired No No Password Warned No No Password Reset Attempts No Yes Change Password At Next Login No No Password Minimum Age Date No Yes Created By No Yes 13-16 Oracle Fusion Middleware Administrators Guide for Oracle Identity Manager

13.3 User Configuration Management Authorization

Authorization of the user configuration management is governed by a default authorization policy. Custom authorization policies cannot be created for this feature. The users that are members of the System Administrators role are authorized to perform all user configuration operations. The operations are defined by the permissions set for the default authorization policy for this feature. Table 13 7 lists the permissions: Updated By No Yes User Created On No Yes Policy Updated No No Password Generated No Yes Data Level No Yes LDAP Organization No No LDAP Organization Unit No No LDAP GUID No Yes LDAP DN No No Number Format No No Currency No No Date Format No No Time Format No No Accessibility Mode No No Color Contrast No No Font Size No No Embedded Help No No FA Language No No FA Territory No No User Name Preferred Language No No See Also: User Management Configuration in the Oracle Fusion Middleware Users Guide for Oracle Identity Manager for information about the default authorization policy for user configuration management Table 13 7 Authorization Permissions Permission Description Create Attribute Decides if adding attributes is enabled in the UI for the user. This permission is also used at the API level to decide if the user can add an attribute. Table 13 6 Cont. Noneditable Attributes Attribute Visible System Controlled