Manually linking identities to E-Business Suite user accounts
An identity can be linked to multiple E-Business Suite user accounts, for example, so that you can assign an administrative user account in addition to the default user account. One identity can also use default user accounts with different types.
To manually assign user accounts to an identity
-
In the Manager, select the Identities > Identities category.
-
Select the identity in the result list and run the Assign E-Business Suite user accounts task.
-
Assign the user accounts.
- Save the changes.
Related topics
Linking E-Business Suite user accounts with imported identities
Identity data imported from Oracle E-Business Suite is mapped in the Person table in the One Identity Manager database. The data source of the import is specified for every imported identity (ImportSource column). The E-Business Suite user accounts have a variety of properties with which these identities can be assigned.
To assign an imported identity to a user account
-
In the Manager, select the Oracle E-Business Suite > User accounts category.
-
Select the user account in the result list.
-
Select the Change main data task.
-
Select the General tab.
-
Select the HR person from the HR person menu.
- OR -
Select the customer from the Customer menu.
- OR -
Select the supplier from the Supplier menu.
- Save the changes.
If the imported identities are only connected to the user accounts through these columns, the user accounts are not managed by One Identity Manager. If an identity is deactivated or classified as a security risk, this change has no effect on the assigned user account. To utilize the possibilities available in One Identity Manager for the management of user accounts and identities for the imported identities, you can create connected user accounts. In these account, persons are connected to the user accounts by the EBSUser.UID_Person column.
HR people can also be connected to user accounts through automatic identity assignment. Standard search criteria are defined for this.
Table 18: Identities assigned to user accounts
Person (UID_Person) |
Identity that uses this user account.
-
An identity is already entered if the user account was generated by an account definition.
-
If you are using automatic identity assignment, an associated identity is found and added to the user account when you save the user account.
-
If you create the user account manually, you can select an identity in the menu.
The menu displays activated and deactivated identities by default. If you do not want to see any deactivated identities, set the QER | Person| HideDeactivatedIdentities configuration parameter.
NOTE: If you assign a deactivated identity to a user account, it might be locked or deleted depending on the configuration.
Every identity can be assigned. |
Customer (UID_PersonCustomer) |
Reference to an identity that is listed as a customer.
Only identities from the E-Business Suite AR data source can be assigned (Person.ImportSource='EBSOIM'). |
HR person (UID_PersonEmployee) |
Reference to an identity in the Oracle E-Business Suite Human Resources module.
Only identities from the E-Business Suite HR data source can be assigned (Person.ImportSource='EBSHR'). |
Party (UID_PersonParty) |
Reference to an identity that is listed as a party.
An identity with the E-Business Suite AR data source can be assigned (Person.ImportSource='EBSOIM'). The assignment cannot be edited in One Identity Manager. |
Supplier (UID_PersonSupplier) |
Reference to an identity that is listed as a supplier or a contact.
Only identities from the E-Business Suite AP data source can be assigned (Person.ImportSource='EBSCRM'). |
Detailed information about this topic
Related topics
Special features for the deletion of identities
If an identity is deleted in the One Identity Manager database who is connected to an E-Business Suite user account, the user account loses its reference to the identity after the deferred deletion has expired. If the user account is managed using an account definition, the behavior on deletion of the connected identity is defined in the account definition. User accounts cannot be deleted in One Identity Manager. The identity is physically deleted from the One Identity Manager database if all other prerequisites for deletion are in place. The user account is retained with the INACTIVE status.
For more information about deleting identities and user accounts, see the One Identity Manager Target System Base Module Administration Guide.
Related topics
Supported user account types
Different types of user accounts, such as default user accounts, administrative user accounts, service accounts, or privileged user accounts, can be mapped in One Identity Manager.
The following properties are used for mapping different user account types.
-
Identity type
The Identity type property (IdentityType column) is used to describe the type of user account.
Table 19: Identity types of user accounts
Primary identity |
Identity's default user account. |
Primary |
Organizational identity |
Secondary user account used for different roles in the company, for example for subcontracts with other functional areas. |
Organizational |
Personalized administrator identity |
User account with administrative permissions, used by an identity. |
Admin |
Sponsored identity |
User account used for a specific purpose. For example, for training purposes. |
Sponsored |
Shared identity |
User account with administrative permissions, used by multiple identities. |
Shared |
Service identity |
Service account. |
Service |
-
Privileged user account
Privileged user accounts are used to provide identities with additional privileges. This includes administrative user accounts or service accounts, for example. The user accounts are labeled with the Privileged user account property (IsPrivilegedAccount column).
Detailed information about this topic