Delegated Administration Tasks
The Delegated Administration layer of Access Control in Oracle Applications enables local administrators to perform a variety of specifically defined administrative tasks. Once they are assigned the appropriate roles, local administrators manage the subset of users and people to which they have access by creating, updating, or disabling accounts, granting or revoking a limited subset of their organization’s roles, and changing passwords.
Oracle User Management enables local administrators to manage people and users in the system. People are individuals in the system who may or may not possess a user account, whereas users are individuals in the system who possess user accounts. In addition, system administrators can also manage system accounts, such as a Guest
account, that are not linked to people.
Typically, people and users are managed by local administrators, who can perform the following tasks:
- Register new people (optional: requires access to have been granted to the “Account Creation by Administrators” registration process)
- Create, update, or disable user accounts
- Reset passwords
- Grant users access to different parts of the system by assigning or revoking roles
The following are prerequisites for performing any delegated administration task listed in the preceding section. Each task may have additional prerequisites:
- A role that is granted the User Maintenance UIs (UMX_USER_ADMIN_UI_PERMS) permission set. The role must also inherit the User Management responsibility.
- Appropriate privileges for User Administration, Role Administration, and Organization Administration.
- The Query Person Details (UMX_PERSON_OBJECT) permission for the set of people and administrator can manage.
- Optionally, the Edit Person Details (UMX_OBJECT_EDIT_PERSON) permission for the set of people that the administrator can manage.
- For system administrators, the Maintain System Accounts (UMX_SYSTEM_ACCOUNT_ADMINISTRATION) permission.
1. Navigate to the User Management responsibility and then click the Users subtab.
2. Use the search fields to locate the required people or users.
3. Manage the generated list of people or users by clicking the required icon and performing the necessary steps in the resulting window. Options for managing people and users vary depending on the permissions assigned to the administrator.
Oracle User Management ships with the following basic and advanced options for maintaining people and users:
• Query users
• Edit personal information
• Reset password
• Maintain account information (create, inactivate, reactivate accounts)
• Maintain system accounts
• Assign or revoke roles
The important roles that you need to assign to any user with administrator responsibility are
- System Administration
- CRM HTML Administration
- System Administrator
- Security Administrator : Security Administrators manage all user accounts in the system, and can assign / revoke all roles. Security Administrators also manage system accounts (such as GUEST), that are not tied to a person.
- System Administrator : Application Object Library System Adminstrator
- User Management
Leave a ReplyWant to join the discussion?
Feel free to contribute!