OIM 11g R2 Ps2 (11.1.2.2.0) : Dynamic Organization Membership

In this post I will cover one of the newly introduced feature of OIM 11g R2 Ps2 which is the Dynamic Organization Membership.


What this mean is that a user can belong to one home organization and then can belong to multiple dynamic organizatons.

Dynamic organization membership provides a way to specify a rule that drives the membership of the user to one or more organizations based on their user attributes.

Membership Rule works exactly the way the Role Membership Rule works where in you specify the user attribute name and a value along with AND or OR condition as it works in case of Roles.

Also the membership is dynamic in the sense that if the condition is no longer met that then the users are automatically unassigned from that organization.

Application Instances, Entitlement and Roles are published to an organization as a way of authorization mechanism. So with this new feature user can be made member of dynamic org as a way of Role Based Access Control framework which is flexible and does not require duplication of same business logic.


Some of the screenshots below explaining this feature:-

                                                                                                                                                           
On the User Profile , Home Org is visible






On the Organizations Tab of the User Profile, all the Dyanamic Orgs are visible



Comments

Popular posts from this blog

OIM 11g R2 PS2 : SOA Approval Workflow Sample

Oracle Identity Manager (OIM) Interview Questions

OHS 12c (12.1.3) webgate deployment and configuration