Wednesday, March 20, 2013

How to Correlate OIA Global User to OIA Admin Users

When I started working with OIA, I wondered how we would add OIA admin accounts for all the managers and data owners who were going to conduct Identity Certifications. We had hundreds on one project. That sounded like lots of work.

Little did I know OIA is built to automatically create the OIA admin user accounts for those managers/data owners.

Here's how it works.
1. The managers who will conduct certifications must be OIA global users.
2. Create an identity certification.
3. OIA automatically creates the OIA admin account with certification privileges in the background. It even provides them with a unique password.
4. When the manager accesses OIA to conduct the identity certification, the OIA admin account is ready for them.

Here are a few pointers to help:
1. Configure the OIA Access Control settings to force a password change on first login.
2. Change how the new password is configured using the following property located in ../rbacx/WEB-INF/security-config-context.xml :

The comments located above the property should help you configure the password differently if you need to.

No comments: