HAPPY NEW YEAR 2017

Identity And Access Management - Rajiv Dewan

Weird Behavior : Role Membership OIM 11g R2 PS1

Scenario:


  • Assigned a role to a user (through request/direct). 
  • Verified the role membership through user entity as well as through role entity 
  • Membership existed at both the places
  • Disabled the user
  • Verified the role membership through role entity, user got removed from the role
  • Verified the role membership through user entity, role was still there
  • Verified from Database end, user was still having role membership there

Expected Result:

  • Role membership must remain with user because there's no membership rule associated with role on user status attribute
  • Role Entity UI and User Entity UI must be in synch


Expected Issue :

It's an issue with the API. It only returns Active users.

Hint for Product Team: appendActiveUsersCriteria


Role Membership Through Role Entity



Role Membership Through User Entity