Oracle Fusion User Roles
- Explain how roles and its related data access impact the security
- Roles needed for Implementation consultant
| Roles needed for all implementation consultants | Application Implementation Consultant |
| Make Changes to any Role/Assign Role to any user | IT Security Manager |
| Finance Module | Role | Data Access |
| General Ledger | General Accounting Manager | Ledger / Data access set |
| General Accountant | Ledger / Data access set | |
| Account Payables | Accounts Payable Manager | Business Unit |
| Accounts Payable Supervisor | Business Unit | |
| Accounts Payable Specialist | Business Unit | |
| Accounts Receivable | Accounts Receivable Manager | Business Unit |
| Accounts Receivable Specialist | Business Unit | |
| Fixed Assets | Asset Accounting Manager | Business Unit |
| Asset Accountant | Business Unit | |
| Cash Management | Cash Manager | No Data access needed |
| Cashier |
Run User and Roles Synchronization Process
The Run User and Roles Synchronization Process in Oracle Fusion Applications (specifically using Retrieve Latest LDAP Changes) synchronizes users, roles, and assignments between the LDAP directory (identity store) and the Oracle Fusion Application tables. This is crucial after initial setup, during implementation, or after security changes, ensuring users can log in and have the correct access.
Key Steps to Run the Process
- Navigate: Go to Setup and Maintenance > Users and Security functional area.
- Task: Select the task Run User and Roles Synchronization Process.
- Submit: Click Submit on the “Retrieve Latest LDAP Changes” process.
- Verify: You can optionally select “Notify me when this process ends” to receive an alert.
Key Considerations
- Automatic Sync: After the initial setup, user/role synchronization generally happens automatically.
- When to Run: Run this process after initial setup, release updates, or if users cannot see their assigned roles.
- Alternative Method: You can also use the Scheduled Processes work area to submit the “Import User and Role Application Security Data” process.
- Identity Cloud Service (IDCS): For integration, the “Send Pending LDAP Requests” job should complete before running synchronization to ensure consistency between Oracle Applications Cloud and IDCS.
