Thursday, August 5, 2010

Role based group memberships in OIM

As I recently discussed role driven automatic provisioning of target system roles on the  Oracle IDM discussion board I thought it may be interesting to shine a little spotlight on this specific form of target system role management.

My addition to the thread was basically the "Role based group memberships in OIM" section of the AD and LDAP group management through OIM
In the discussion Oracle Quest made the excellent suggestion to use a combination of SQL, XSLT and Regex to create a very agile and very fully featured system for rules. 
In some cases you might not need this much flexibility and a simple model where the rules are contained in lookups and the only real addition is support for wildcards may be sufficient. Basic implementation can be done through an entity adapter set on post insert on the user form.

No comments:

Post a Comment