In this post, I will talk about the new features that are available in OIM 11G R2 PS3 (11.1.2.3.0)
Improved Self Service UI
In PS3 , the UI has gone a major overhaul and looks much more tablet and mobile friendly with tiles and easy access. faster navigation is what we are looking for in PS3.
There is less drop down and complicated web structure and all the items that you need are easily accessible.
Access Catalog with Guided Navigation
Complications involved in PS2 navigation are done away and now you have guided navigation feature which helps you in better understanding and manageability of your current accesses.
Temporal Grants for New and Existing Access
Users can now set start date and end date while making the requests which helps in access being given on the exact dates and also there are empowered users who can modify the grant duration as well.
Self Capabilities
PS3 comes with Self Capabilities feature that allows what action an end user can perform on themselves and on others.
This feature allows specifying rules an what all actions can be performed either on themselves or on others.
Simplified Admin Roles
These admin roles allows assigning functional capabilities to the admin role, specify members and membership rules, and organizations that the admin role members can manage.
This also makes APM obsolete and it is of no use in PS3.
Role Lifecycle Management
PS3 comes with complete end to end role life-cycle management capabilities thus making OIA obsolete.
Identity Audit Policy Management
Basically this feature performs Segregation of Duties (SoD) violation during the request process itself and checks the existing user access and also what is being requested.
Enhanced Auditing
This is a new engine which replaces older auditing engine. This one does not depend on audit snapshots and JMS and is synchronous in operation.
used by user, role, and organization management, and other components excluding provisioning
Enhanced Password Policy Management
This solves the older issue of how to password policy management when you have OIM-OAM integrated. It also allow to define challenge questions at global or at per user level.
policies can be defined at Org level.
SCIM-Based REST Services
SCIM stands for System for Cross-Domain Identity Management
and
REST - Representational State Transfer
Both these standards allows for a industry standard approach for integrating with other identity management components or from third party vendors.
SPML XSD-based SOAP web service is deprecated with this particular feature.
Simplified Workflow Policies
This new feature replaces approval policies and provides perform better, expose additional configuration options, and conform to the UI of this release.
Simplified SSO Integration
Weblogic authenticators and plugins are deprecated and it looks like PS3 has gone in favour of older HTTP Header based SSO solution which was present in 10G release.
This allows better and simpler integration with other vendors also.