Categories
- All Categories
- 149 Oracle Analytics News
- 27 Oracle Analytics Videos
- 14.7K Oracle Analytics Forums
- 5.7K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 54 Oracle Analytics Trainings
- 12 Oracle Analytics Data Visualizations Challenge
- 4 Oracle Analytics Career
- 2 Oracle Analytics Industry
- Find Partners
- For Partners
Linking Out of the Box Security Groups with Custom Security Groups
We have created custom groups in Fusion Analytics, and mapped those groups to Out of the Box Groups (i.e. FAW Functional Administrator).
We are finding that this approach is not effective -
- We create a custom group - "Custom Admins"
- We put a user in the "Custom Admins" group
- We map "Custom Admins" to application roles
- this works well - the user benefits from the application roles mapped to "Custom Admins"
- We map the out of the box group FAW Functional Administrator to the "Custom Admins" group
- this is not effective - the user does not benefit from this group to group relationship
- instead we have to put the user into the FAW Functional Administrator group directly (which we'd like to avoid)
Ideally when we set up a user, we'd like to just be able to put them into the "Custom Admins" group and be done.
The way the security is working, we need to put the user into the Custom Admins group and the FAW Functional Administrator group
Not that this is horribly difficult, but it isn't clear why there is an option to "link" or "map" out of the box groups to custom groups if there is no net yield from doing so.
Has anyone else run into this issue - trying to have only one custom group that maps to the required out of the box groups and application roles for that role?
Best Answer
-
Hi @User_9STVF
We can create a custom group and map that group to BOTH application roles and licensed groups? —> Yes you can map custom group to application/Licensed roles/groups.
Regards,
Arjun
0
Answers
-
Please refer : Set Up Custom Security
0 -
Thanks, Rana - can you help me to find where in that document it refers to linking groups together. I've read that a few times and only see references to adding application roles to groups - not groups to groups.
0 -
Hi @User_9STVF
Yes we don't have option to add group to group but we can add user to Group or to Application Role.
Security is Readonly from FAW/FDI Console , IDCS Is source (Except New Application Role creation)
Regards,
Arjun
0 -
Hi Mallikar - thanks for the response.
Do you see the image I shared above where you can link groups in the FAW Console?
Are you saying that this used to be an option when the console was the way to manage security, but now that security is through the IDCS console, linking groups like this is no longer supported - it just looks like it is in the FAW console?
That might be the case - when I log into the FAW security console on a higher version, the group to group linking is no longer presented as an option.
0 -
Hi @User_9STVF
Yes, Seems like you are in the older version where FAW console is allowing to do the security modifications.
Regards
Arjun
0 -
Hi @User_9STVF
As Arjun said, the newer update of the FAW Console will look like this.
The 'Manage Groups' button will send you to the IDCS Console where you can map Licensed groups to other Custom groups you create and generally administer your Groups.
Hope that help.
Regards,
John
1 -
Hi @User_9STVF
If you think we have answered your quesiton, you can mark as Answered so that it can be an reference for other community members.
Regards,
Arjun
0 -
Hi. I did want a confirmation as I think I'm reading different things from the responses.
I am understanding that the security management functionality has moved from the OAX Console to IDCS - but the first response seemed to imply that the ability to map a licensed group to an unlicensed group has also been deprecated, while the second response seems to say the opposite - that group to group mappings are still valid, but must be set up in IDCS.
Can you confirm if our strategy is correct as long as it is set up in IDCS directly?
We can create a custom group and map that group to BOTH application roles and licensed groups? The user only needs to be a member of the custom group to realize the benefits of the related application roles and licensed groups?
0
