11-38 Oracle Fusion Middleware Users Guide for Oracle Identity Manager

11.3.3 Viewing and Modifying User Information

The view user operation allows you to view detailed user profile information in the User Detail page. You can open this page if you are authorized to view the users profile as determined by the authorization policy through the View User Details privilege. If you have the authorization to modify the user, then you can modify the user by using this page. To display user details, perform any of the following: ■ Click the user login link in the search results table for simple search. ■ Select a record in the user search results table for both simple and advanced search, and then select Modify User from the Actions menu. Alternatively, you can click Modify User on the toolbar. The viewing and modifying operations are described in the following sections: ■ User Details Page ■ User Modifications ■ Single User Operations ■ Bulk User Modifications

11.3.3.1 User Details Page

The user details page for the user entity is auto-generated based on configuration and authorization. This page is divided into the following tabs: ■ The Attributes Tab ■ The Roles Tab ■ The Resources Tab ■ The Proxies Tab ■ Direct Reports ■ The Requests Tab

11.3.3.1.1 The Attributes Tab

This tab displays the attribute profile that includes details about basic user information, account settings, and other user attributes. You can modify any field to change the attribute profile information, and click Apply. Tip: Users can be created by any one of the following methods: ■ By using Oracle Identity Administration ■ By self registration ■ By creating a request ■ By using SPML Web service or APIs For all the above methods, Oracle Identity Manager uses the default password policy or Password Policy against Default Rule. If you want to use a different password policy, then you must attach the new password policy to the default rule by using the Design Console. To do so, see Managing Password Policies in the Oracle Fusion Middleware Administrators Guide for Oracle Identity Manager. Managing Users 11-39 To eliminate the changes made in this page, click Revert. 11.3.3.1.2 The Roles Tab This tab displays a list of roles to which the user belongs. You can click each role to display summary information about the role. For each role in the list, it displays the following: ■ Display Name: The name displayed on the UI. ■ Role Name: Name of the role assigned to a user. ■ Role Namespace : Namespace to which the role is assigned. ■ Description: A description of the role. In the Roles tab, you can assign roles to the user and remove roles from the user. For more details, see Adding and Removing Roles on page 11-41.

11.3.3.1.3 The Resources Tab This section displays a list of resources that a user has

been provisioned. For each resource in the list, it displays the following: ■ Resource Name: Name of the resource assigned to a user ■ Request ID : If the provisioned instance is associated with a request ■ Service Account: Yes if the account was provisioned as a service account, otherwise No. ■ Description : If any, for the provisioned instance ■ Type: The type of resource ■ Status: The status of the resource such as Provisioned, Enabled, or Disabled ■ Provisioned On: The date when the resource was provisioned to the user

11.3.3.1.4 The Proxies Tab This tab displays all proxies that are currently set up for the

user. For each proxy in the list, it displays the following: ■ Proxy Name: The display name of the proxy user ■ Start Date: The start date for the proxy user ■ End Date: The end date for the proxy user ■ Status: The status of the proxy user ■ Relationship: The relationship of the proxy user with the open user, such as manager ■ Last Updated: The date when the proxy user was last updated This section also displays the history of proxy information for the user in which the end date is shown. The Current Proxies display the current proxies for the user. The Past Proxies display the proxies history for the user. The Status column is not displayed in the Past Proxies table. If you select a row in the table that displays proxies information, then a summary information about the proxy is displayed where you can edit the proxy name, relationship with the user, start date, and end date. The Proxies tab allows you to add proxies to the user and to remove proxies from the user. For information about adding and removing proxies, see Modifying Proxy Details on page 11-43. 11-40 Oracle Fusion Middleware Users Guide for Oracle Identity Manager

11.3.3.1.5 Direct Reports This tab displays a read-only table of users for whom the user

is set as the manager. In other words, this tab lists the direct reportees of the user. For each user in the table, it displays the following: ■ Display Name ■ User Login ■ Status ■ Organization If you select a row in the table, then summary information about the direct reportee is displayed at the bottom. Direct reports allows you to open the user details of the direct reportees. To do so, select a row in the table of direct reportees, and form the Action menu, select Open User . Alternatively, you can click Open User on the toolbar. 11.3.3.1.6 The Requests Tab This tab displays the requests raised by the user where the user is the requester and the requests raised for the user where the user is the beneficiary of the target user. For each request, the following details are displayed: ■ Request ID: An ID to uniquely identify the request ■ Model Name: The request model name ■ Status : Shows the current state of the request ■ Requested By: The requester who raised the request ■ Parent ID: An ID of the parent request, if any, to which the request is a child request ■ Date Requested: The date on which the request is created This tab allows you to open the details of the requests by clicking the request IDs.

11.3.3.2 User Modifications

You can perform administrative user modification tasks from the user details. The modification is broken up across the different tabs in the page that displays user details, which means that modifications done in each tab are independent of each other and must be saved individually. The modifications you can perform in each tab is outlined in the following sections: ■ Modifying Attribute Profile ■ Adding and Removing Roles ■ Adding and Removing Resources ■ Enabling and Disabling Resources ■ Displaying Resource Details ■ Displaying Resource History ■ Modifying Proxy Details See Also: Chapter 14, Creating and Searching Requests for information about requests, request types, and parent and child requests Managing Users 11-41

11.3.3.2.1 Modifying Attribute Profile The attribute profile information is displayed in the

Attributes tab of the user details page. To modify the attribute profile, edit the fields in the Attributes tab, and click Apply.

11.3.3.2.2 Adding and Removing Roles To add a role:

1. In the Roles tab, from the Action menu, select Assign Roles. Alternatively, you

can click Assign Roles on the toolbar. The Assign Role to User window is displayed. 2. From the Search Roles list, select the type of role or role category. The default role categories are OIM Roles and Default. In addition, you can create custom role categories. See Creating and Managing Role Categories on page 12-22 for detailed information about role categories. 3. Search can be performed on the following fields: ■ Display Name ■ Name ■ Role Namespace Select All or any conjunction operator. For information about these operators, see Conjunction Operator on page 11-33. 4. Enter a search criterion in the search field. You can specify the asterix wildcard character in the search criterion. Then, click the search icon. All roles that belong to the category you selected are displayed in the Available Roles list. 5. Select one or more roles from the Available Roles list Shift + Click for contiguous row selection and Ctrl + Click for non-contiguous selection. Then click the Move or Move All buttons to move the selected roles to the Roles to Assign list.

6. Click OK. A confirmation message is displayed and the roles you selected are

assigned to the user. The Roles tab allows you to select one or multiple roles in the list, and then allows you to remove roles. To remove a role: 1. Select the role or roles that you want to remove.

2. From the Action menu, select Revoke Roles. Alternatively, you can click Revoke

Roles on the toolbar. A message is displayed asking you to confirm.

3. Click OK. A success message is displayed on the user details page for successful

role assignment.

11.3.3.2.3 Adding and Removing Resources The Resources tab allows you to select one or

multiple resources in the list, and then perform various operations, such as adding and removing resources, enabling and disabling resources, and displaying resource details and history. To add a resource to a user:

1. In the Resources tab, from the Action menu, select Add. Alternatively, you can

click Add Resource on the toolbar. The Provision Resource to User wizard is displayed. 2. In Step 1: Select a Resource page, select the resource you want to provision. See Also: Table 12–5, Default Roles in Oracle Identity Manager for information about the default roles in Oracle Identity Manager