Oracle Content Server is main component in Oracle’s Enterprise Content Management/ Universal Content Management (ECM/UCM – Stellent). This post covers Security (User, Group and Accounts) Management in Oracle Content Server.
1. Content Server offers two levels of security on Content Item
a) Security Groups (Required)
b) Accounts (optional)
-If Accounts are in use, Account becomes primary permission to satisfy before security group permissions are applied.
- Account Names CAN NOT exceed 30 characters
2.Each content item (word, pdf, multimedia file..) is assigned to security group and if accounts are enabled then content items could also be assigned to Accounts.
3. Users are assigned Read, Write, Delete, Admin privileges for each security group and Account.
4. Content Server offers three options for Security
a) Internal Security – User security within Content Server
b) External Security- User logins, password and permissions are in external source (AD, LDAP, AD with LDAP)
c) Additional Security – some users using internal security while others external.
5. There are three login type users in content server
a) Local Users – Users defined with in content server by Administrators
b) Global Users- lightly managed users, credentials extends to multiple content server (proxied server).
c) External Users – Users defined outside content server and authenticated through external security.
6. To add security Users and Groups use “User Admin Application”
7. You can run “User Admin Application” in two ways
a) Administration Page (as Java Applet from Browser)
Login to Content Server as administrator -> Administration -> Admin Applets
.
b) Standalone Mode (from machine where Content Server is running)
i) cd $INSTALL_DIR/bin
ii) ./UserAdmin
.
8.Login name is case sensitive in Content Server
for ex. sysadmin, Sysadmin, SysAdmin, SYSADMIN are four different users.
9. Default users in Content Server are sysadmin (Superuser) and user1 (contributor) with default password as idc
10. It is possible to Authenticate user against Active Directory or LDAP Server
.
References
Integration of Oracle Content Server (UCM/ECM) with Microsoft Active Directory or LDAP Server (OID, iPlanet, openLdap) coming soon …
Related Posts for UCM
- Oracle Universal Content Management Architecture
- Oracle Content Server (UCM) installation overview
- Oracle UCM Content Server Installation on Linux : Step by Step Doc – Part I
- Configure Apache (Oracle HTTP Server) with Stellent Content Server (UCM) – Part II
- Security (Users, Groups, Accounts) in Oracle Content Server (ECM/UCM)
- Start / Stop UCM (Stellent) Content Server idcserver_start idcadmin_start
- Can I install Content Server and Web Server (Apache/OHS) on different machines ?
- Integrate UCM (ECM/Content Server) with Microsoft Active Directory as LDAP Provider
- UCM/ECM 11gR1 software & documentation is now available to download
- Oracle Enterprise Content Management (ECM) 11g Installation Overview : UCM/ IBR/ IPM/ IRM/ URM
- Integrate Oracle ECM/UCM (Content Management) 11g with Oracle Internet Directory (LDAP Server) : Things you must know
- UCM Error accessing /cs “The Server is unavailable” . Could not start up IDC server deployment “csProviderUnableToStartSystem”
Oracle WebLogic Administrator [USD 399]- 03rd Dec, 2011
Good hands-on exercises (installation, patching, cloning), very experienced trainer worth every penny 
6 users commented in " Security (Users, Groups, Accounts) in Oracle Content Server (ECM/UCM) "
Follow-up comment rss or Leave a TrackbackAs most of you know, there are very few people that are truly knowledgeable in regards to Stellent / Oracle UCM architecture! I was hoping to network should you know of anyone that would be interested in considering a 3 month project opportunity in the Atlanta area.
If you do happen to know of someone that would be interested in learning more about this opportunity, please feel free to forward my contact information! I am seeking an Oracle UCM (Stellent) Architect / Developer.
I really do appreciate the opportunity to network!
Thanks,
Melanie Jobin
mjobin@xpectsvc.com
Hi Atul,
I need a help.
there is an content server installed on client machine and we need to find out the configurations of that installations.
In detail generally the installation details like database name and host details and the serer details and the webserver used.
can u please help me how to find all the above details? and from which files in the installation i can gather more information?
Thanks
Mahesh.
My apologies for such a late reply – but if you still need this information most of it is available in the config.cgf file in the application instance config/ directory.
Hi,
There is a scenario as below.
Think that I have two contents (C1, C2) which are present in a Site Studio env. And there are three users (U1, U2, U3). I want C1 should be visible to only U1 and U2 but not to U3. So how can I set a new Security Group so that the content is visible only for two users not for the third.
And more over I would like to add a new parameter or a metadata so that in future if there I want the U3 to see C1, I should just change the metadata value.
Regards,
NewUser123
@ NewUser123,
There are couple of ways to achieve it. Two ways which I can think of are
1. Via Groups – Create group c1c2u1u2 and add user u1 and u2 to this group. Give read access to group c1c2u1u2 on content C1 .
2. Via Access Control List – You can assign access to content directly to user/group based on ACL . More information at http://download.oracle.com/docs/cd/E17904_01/doc.1111/e10792/c03_security.htm#CDDBCIDA
however , solution above will still give u1 u2 read access to the c1 content .right ?I think so ….Is there any way that content is completely invisible to the user(for confidential reasons)
Leave A Reply