I started exploring OIM 11g R2 PS3 and here's what I experienced during Admin Role creation:
1. Documents says if we create Admin Role related to User Operation like "User View", "User Modify" etc, we can not select "Mandatory Attributes" and "System Generated" attributes under "Denied Attribute List" BUT I selected these attributes and UI didn't throw any error while selecting these attributes.
2. I selected couple of attributes under "Denied Attribute" list but UI doesn't show that info anywhere on the screen. Even on the summary page, I don't see which attributes I have selected under "Denied Attribute" list. I feel that atleast summary page should display attributes information so that admin can really see what he is going to create.
1. Documents says if we create Admin Role related to User Operation like "User View", "User Modify" etc, we can not select "Mandatory Attributes" and "System Generated" attributes under "Denied Attribute List" BUT I selected these attributes and UI didn't throw any error while selecting these attributes.
2. I selected couple of attributes under "Denied Attribute" list but UI doesn't show that info anywhere on the screen. Even on the summary page, I don't see which attributes I have selected under "Denied Attribute" list. I feel that atleast summary page should display attributes information so that admin can really see what he is going to create.