DBA role to the user OGGADM
HelloI implement Oracle GoldenGate to repplication one-way between two databases Oracle 11 GR 2. I'm following this OBE tutorial: "Oracle GoldenGate on Linux: two-way replication of Oracle 11 GR 2 to Oracle 11 GR 2.
I want to know if it is mandatory to assign the role DBA to oggadm user. The problem is that I'll set up a topology to many-to-one and some of the source databases are external to my environment, so we will not be allowed to assign the role dba for these databases.
Thank you
You can grant DBA user of GoldenGate. Treat the user as you would for any other account which has the role. Alternatively, just follow what is indicated in table 4-1 (the most recent releases, table 1 or 2 in some old documents) in the installation guide.
Kind of been lost on directions - one statement said one-way, but you use the bidirectional tutorial.
Tags: Business Intelligence
Similar Questions
-
What is the role that the user points?
What is the role that the user points? Who can tell me
Reoddy
You will find the information here:
http://en.community.Dell.com/Dell-groups/new-to-community/f/3511/t/19566154
Bev.
-
All files generated by a coil in sqlplus receive ownership of oracle: dba instead of the user of the BONE started sqlplus and run the script. There's a file with users owners of BONES of the coil.
Script launched in until OS user 'A' on the 'A' server which launches sqlplus, then connects to a remote database through a service of tnsnames.ora as another user of the database and the results of this script are spoulées on the server "A".
The file queued on the old server is written with rw-rw-r: read write user, group read the writing, reading and possession header that is the user of the OS. The file queued on the new server is written to rw-r-r user: reading writing, reading group, public reading and ownership oracle: dba.
"" The user then has no privileges to modify the file and continue the process of transmitting the file, editing and deleting the file for the next set of commands. This allows us to keep the possibility to migrate to the new server we are unable to process orders.
$ORACLE_HOME/bin/sqlplus - s user/password@prd1 @./script/CustomScript/R12_OM_UFPC-oracle.sql
Background: old server running 4.8, Oracle 10.2.0.4 OEL
New server running OEL 6.5, Oracle 11.2.0.4
Tested so far:
File and update umask to 0002 instead of 0022 is now generated as rw-r-r. However, the property is still oracle: dba.
Update of ownershipt of $ORACLE_HOME/bin/oracle.exe of oracle: oracle (edi added the user to the oracle group) and chmod 6751 oracle.exe. This created several problems where crucial scripts, that is to say of sqlplus failed to run.
Added! chmod 755 output.file.name - OS user 'A' is not allowed to change to mod.
Added! command cp MV output file and that generated the file as a user of the operating system: oracle. It is a potential work around in case of emergency, but the developer would have to rewrite the countless scripts.
Any ideas?
I have reproduced the behavior of the old server and am able to spool a file via sqlplus under OS user. No changes have been made on the remote database server. All the changes have been on the new server hosting a small 11.2.0.4 database on a server running OEL 6.5 32 - bit OS.
(1) removed the sticky bit $ORACLE_HOME/bin/sqlplus using chmod u-s, g-s, o - s suggestion of Billy ~ Verreynne
(2) modified the main group for the 'oracle' user match the user operating system applications, while maintaining membership in the groups 'oracle' and 'dba '.
-We are dealing with here EDI processes, so the Group was called edi.
(3) modified property of the files tnsnames.ora and listener.ora for oracle: edi
(4) restart the receiver
(5) disconnect / reconnect
Script runs as expected, the output file contains the correct ownership and permissions.
Thank you all for taking a look and offering options.
-Josh
-
Hi team,
I'm trying to revoke grant on the user table
The Sub statement gives error saying
[code]
REVOKE < role_nm > on < a.table_nm > to < b.user_nm >
Error: ORA 00990: missing or invalid privilege
[/ code]
But the following works fine
[code]
REVOKE ALL ON < a.table_nm > to < b.user_nm >
[/ code]
Please suggest me to revoke the grant on the user table
Smile says:
[code]
REVOKE
on of Error: ORA-00990: missing or invalid privilege
[/ code]
A GRANT on table is assigned to a ROLE and that ROLE is assigned to the USER. So when you want to REVOKE a specific GRANT what is assigned to a user by ROLE. You must REVOKE any ROLE to the user or REVOKE the GRANTING OF THE ROLE.
-
Assignment of roles to the user when creating the user
Hi all
I gave a roll deposited (< dsp:input bean = "ProfileFormHandler.value.roles.role" maxsize = "30" size = "30" type = "text" / > on the registration page.) After registration, each field in db except role (table dps_role).
Pls let me know what I am doing wrong.
Thank youYou should not assign roles to the user as 'ProfileFormHandler.value.roles.role' of
1. in your file properties formhandler declare a dependency on the directory of the default user, which by default points to the profile database:
userDirectory = / atg/userprofiling/ProfileUserDirectory
So, in the form Manager, you declare corresponding setUserDirectory() and getUserDirectory().
2 then in the formhandler, get the DirectoryPrincipal objects associated with the user profile and the role you want to assign and then assign the role to the user:
import atg.userdirectory.UserDirectory; import atg.userdirectory.DirectoryPrincipal; import atg.userdirectory.User; import atg.userdirectory.Role; import atg.userdirectory.DirectoryModificationException; import java.util.Collection; import java.util.Iterator; .. .. private boolean assignRoleToUser(String roleName, String userId) { UserDirectory userDirectory = getUserDirectory(); DirectoryPrincipal userPrincipal = userDirectory.findUserByPrimaryKey(userId); DirectoryPrincipal rolePrincipal = userDirectory.getRoleByPath(roleName); User user = (User)userPrincipal; Collection collection = userDirectory.getRoles(); boolean status = false; Iterator iter = collection.iterator(); while(iter.hasNext()) { Object obj = iter.next(); if(obj instanceof Role) { Role role = (Role)obj; if(roleName.equals( role.getName() ) && user!=null) { try { status = user.assignRole(role); //will return true if the role was added otherwise false } catch (DirectoryModificationException e) { //handle exception } break; } } } return status; }In the code above 'roleName' parameter is the name of the role to be assigned to the profile with the id as "userId". If you want to do the role assignment when creating the user, then you can do the things above in postCreateUser() so that you can get the Principal associated with the profile. For more information about the interfaces and classes used here, you can refer to the documentation of the API of the ATG.
http://docs.Oracle.com/CD/E26180_01/platform.94/APIDoc/ATG/userDirectory/package-summary.html
-
On the role of the user of the VI
Hello!
Role of the user of the vi, I get a problem in get by powercli. I can get the information of account by the Get-VMHostAccount cmdlet
but he did not provide the role information, so, how can I get role of vi and vi user mapping information?
Other: I know something in the 'Description' filed by Get-VMHostAccount, and sometimes he shows me that the user is an "administrator."
But how to know exactly what the "some user" user as a role of 'administrator '?
Thanks in advance!
The Get-VMHostAccount cmdlet returns the accounts defined in the COS of the ESX Server.
The accounts used in permissions on entities of vCenter are local users on the server vCenter or AD accounst of the domain to which belongs the vCenter server.
To see the accounts, look at the main property returned by the Get-VIPermission cmdlet.
Get-VIPermission
____________
Blog: LucD notes
Twitter: lucd22
-
Change the role of the user once authenticated LDAP authentication
Hi forum,
I do know that if it is possible, I have not found a solution so far
I have a simple web application with LDAP authentication. We would like to use LDAP for authentication and store the information of user roles in the database. After authentication, LDAP assigns the role of "guest" to the user and the home page (the only page available for this role) is displayed.
In this home page, the user must select a profile (the same user can have multiple profiles) in a list retrieved from the database. The profile of each user has an associated role. After selection, we want to change the role of the user "guest" to the role associated with the selected profile.
I don't think that implementation of a custom plug-in fits my needs because the role assignment requires the participation of the user.
Any suggestions?
Thanks in advance,
Tatiana.Hello
Well, the problem is that you need to change the subject of the user authenticated, who's a JAAS thing to do. The only way this can work is indeed use a custom LoginModule and then access the user object to add a security principal that represents the role you want to add.
Frank
-
Role of the user of "SQL Developer" rESTful services
Hello
I am following the tutorial ""REST Data Services Installation, Configuration and Development Guide " "
But it seems that I can't create a user with the role of "Developer SQL". I am running the below command, I specify the password. Then called the credentials file is created.
But I can not yet connect SQL Developer using development REST with this credential.
java-jar ords.war user test_developer "SQL Developer"
There is no such role when I manually search for in the database. How can I create it?
Maybe I should create a thread separate, but my second question is, why I need for RESTful to work services have both apex_al.xml and apex_rt.xml conf files?
For what I understand, it is not necessary to have installed to use the services of APEX RESTful?
dmdamiyo wrote:
I am following the tutorial 'REST Data Services Installation, Configuration and Development Guide.
But it seems that I can't create a user with the role of "Developer SQL". I am running the below command, I specify the password. Then called the credentials file is created.
But I can not yet connect SQL Developer using development REST with this credential.
java-jar ords.war user test_developer "SQL Developer"
There is no such role when I manually search for in the database. How can I create it?
As mentioned by rwendel is not an Oracle database user / role you create, but it is specific to ADR.
You can share the link in the documentation where you follow this step?
If you want to install ADR using Oracle SQL Developer and use the various functions of the ADR 3.0, you can watch the following for quick information on ADR 3.0 sessions:
- https://www.YouTube.com/watch?v=vigcbPTekIs (ADR 3.0 installation using Oracle SQL Developer)
- Oracle REST data services learn more (ADR 3.0 - Quick information sessions)
Maybe I should create a thread separate, but my second question is, why I need for RESTful to work services have both apex_al.xml and apex_rt.xml conf files?
For what I understand, it is not necessary to have installed to use the services of APEX RESTful?
Yes, Oracle APEX is not necessary for the accommodation of RESTful Web Services with ADR 3.0, it was necessary in pre ADR 3.0 versions.
Reference:
The 'apex_al.xml' is the configuration user DB APEX_LISTENER and 'apex_rt.xml' matches the configuration of the APEX_REST_PUBLIC_USER DB user. You don't have to configure these users (if you do not want to use Oracle APEX). These users are necessary only if you want to use the RESTful Services with Oracle APEX.
Reference: http://docs.oracle.com/cd/E56351_01/doc.30/e56293/config_file.htm#BABHAJDE
If you do not want to use Oracle APEX, then just configure the users ORDS_PUBLIC_USER and ORDS_METADATA.
Reference: http://docs.oracle.com/cd/E56351_01/doc.30/e56293/install.htm#CHDGACJC
Kind regards
Kiran
-
What a privilege it must compare the roles and the users of the model
Hi all
I want to compare the roles that I created in the model and the roles I have in the database,
I want to know if is posible to compare objects that you have granted to roles between the model and the database.
the problem is perhaps because the user I selected for the connection to the database has no privilege enough,
could you tell me, please
what privileges needs of the user of the connection in order to compare with the roles, packages and other objects in the physical model?
Thanks in advanceHello
I'm afraid, it is not possible to compare users, roles, or packages at the moment.
David
-
Problem with the role and the user; the user cannot see the table
Hello forum,.
I created a role:
Enr_service CREATE ROLE;
GRANT CONNECT TO enr_service;
GRANT ALL ON tenants TO enr_service;
GRANT ALL ON enr_service TO user;
GRANT ALL ON sportsmen TO enr_service;
GRANT SELECT ON test TO enr_service;
and also a user:
CREATE USER ENR1 IDENTIFIED BY password QUOTA UNLIMITED on USERS;
GRANT enr_service to ENR1;
ALTER USER ENR1 by DEFAULT ROLE enr_service;
ALTER USER DEFAULT TABLESPACE USERS ENR1;
I can connect to the database with this user, but when I try to query a table that has been granted access I get an error message:
SELECT * ATHLETES;
ORA-00942: table or view does not exist
I don't see what I did wrong. Any help is appreciated.
Sebastianuser2019788 wrote:
Hello forum,.I created a role:
Enr_service CREATE ROLE;
GRANT CONNECT TO enr_service;
GRANT ALL ON tenants TO enr_service;
GRANT ALL ON enr_service TO user;
GRANT ALL ON sportsmen TO enr_service;
GRANT SELECT ON test TO enr_service;and also a user:
CREATE USER ENR1 IDENTIFIED BY password QUOTA UNLIMITED on USERS;
GRANT enr_service to ENR1;
ALTER USER ENR1 by DEFAULT ROLE enr_service;
ALTER USER DEFAULT TABLESPACE USERS ENR1;I can connect to the database with this user, but when I try to query a table that has been granted access I get an error message:
SELECT * ATHLETES;
ORA-00942: table or view does not existI don't see what I did wrong. Any help is appreciated.
Sebastian
This is probably because ENR1 isn't any table named ATHLETES and he did not qualify the name of the table with the schema name...
-
Our product is composed of several modules, for example, the modules-1 thru 8 - module. We sold all 8 modules or some of them - in different combinations to different customers. I've developed help online in the same direction, that is, in the modules, help-1 to ' help-8. Each help module has its own table of contents. According to the requirement for a particular client, I integrate the required modules, build the main table of contents using the mini-table of existing materials for each assistance, generate the sequence to browse and compile. This has been my routine until now.
Now, the product development team would like to automate this process: for example, they want to give me the help of output for the 8 modules in integrated form, as well as tables of contents separate for a combination of different modules for different customers like, assistance, modules 1 to 8, 1-2-3, 1-5-6, etc.. They feel the moment this TOC fell in the output of aid, it should automatically start functioning - without compiling!
I explained the process used to develop Robohelp projects, how TOCs are built, etc., but they want to know if there is a work around, so that when a customer asks for modules 3, 7 and 8, immediately, they can go down the table of contents (for 3-7-8) at the end of the project, and it should work - without compiling , or anything of that kind. I tried Google and Adobe Forum, but couldn't find something suitable.
Do you have a solution? A solution to this problem?
What you need is merged help.
You generate a parent and all the child projects. You always install the parent and then any child projects, you need. OCD, search and index adjusts automatically. See the pages on my site.
Note, however, that many people take another view for the development of your product. See all assistance and people then view information about something and realize that they need!
See www.grainge.org for creating tips and RoboHelp
-
Cannot grant the privilege on the column the user through role?
Hello:
From what I read in the docs I should be able to create a role that has privileges to UPDATE a column in a table and then assign this role to a user, that should be able to update the column in the table. I get "insufficient privileges" when I try which, although it works as advertised if I book directly to the user. I read the docs wrong?
WATCH session:
GAME session:CREATE TABLE "GAFF"."FOO2" ( "F1" NUMBER, "F2" NUMBER, "F3" VARCHAR2(50), "F4" NUMBER, CONSTRAINT "FOO2_PK" PRIMARY KEY ("F1") / create role foo2_u_f2; grant update (f2) on foo2 to foo2_u_f2 ; grant select on gaff.foo2 to play ; grant foo2_u_f2 to play ;
ORA-01031: insufficient privilegesupdate gaff.foo2 set f2 = 1 where f1 = 1Probably foo2_u_f2 role is not a default role to the user's game. Initially, when the user is created the default role is set to ALL. Later, it can be changed to NONE or set of roles. Log in as a game and question:
select * from session_roles /I bet that you won't see any foo2_u_f2. Then the question:
select granted_role,default_role from user_role_privs /This will give you a list of the user default set roles. Another question, you can:
set role foo2_u_f2 /This will allow the role of foo2_u_f2 in the current session. Or you can identify you as privileged user and issue AMENDED the USER default ROLE..., foo2_u_f2.
SY.
-
Prevent the user SYS acess to non-redacted data in Oracle 12 c
Hello
I have a strategy of writing created with the following options:
function_type = > DBMS_REDACT. FULL,
expression = > ' sys_context ("userenv", "session_user")! = "MY_REDACTION" ')
By default users SYS has the following privileges to the redaction: EXEMPT DML DRAFTING a STRATEGY and EXEMPT DDL WRITING
the DBA role has the following privileges to the redaction: EXEMPT DDL DRAFTING a STRATEGY and EXEMPT DML WRITING
the EEXP_FULL_DATABAS role has the following privileges to the redaction: POLICE TAX-FREE of REDACTION.
When I revoke all these privileges users/roles above, the user SYS was always 'see' the non-redacted data.
How can I prevent the SYS user does not ' see ' the non-redacted data?
Thanks and greetings
Hello Laury,
We can't prevent the SYS to see the redacted data. It is exempt from these policies.
You can prevent to access the table with the Vault database.
Kind regards
Vlad
-
Hi all
11.2.0.1
We have a lengthy debate today because head operations would not be approved demand of the listener COMPUTING to revoke dba granted to the user of the application 'HR', as this could cause error to this criticism.
We have a test server for this app, but it cannot reproduce exactly what PROD HR. Therefore, the test is also questionable.
Note that this role dba granted to the user of the "HR" application generates a lot of audit logs, causing problem of disk space, that this app is connect/disconnect several times in the 24 X 7 db.
One of the solutions presented by operations is to trick the database auditing. They said that to avoid a lot of audit logging, we revoke the role of 'DBA' for 'HR '.
And create another "ROLE1" role, but all the privileges given to dba to "ROLE1", then "ROLE1" to "HR". Is this possible and will stopped logging?
Thank you very much
zxy
You should check the setting of parameter audit_trail. If it is set to db means your audit goes to the database (with the exception of the records as sysdba, which is always written to the operating system) and if its set of OS, what OS is your verification. If you want to stop logs being generated, run
NOAUDIT ALL;
but its your choice... Ask your principal before doing this.
-
Authentication of the user in Disqualification
Hi gurus,
A quick question on authentication via Disqualification.
We will have a Java program that calls a web service Disqualification, but before calling the web service of the Disqualification, Java program will preform on the role of user authentication (using OAM, or UPT). Now, is there a way to Disqualification to authenticate once again based on the role of the users/continue to call web services. If authentication can not happen to the Disqualification, is he a way through weblogic server on the side of the Disqualification?
The goal here is to have a graphical interface for the users of the application (for example), click a button and call a web service Disqualification.
Note: I don't know of users accessing Launchpad of the Disqualification.
Thanks in advance,
Disqualification in WebLogic webservices are secure by using GOSA strategies defined in the EM (Fusion Middleware Control) area.
Authentication methods include basic HTTP or WSS security simple elements in the SOAP header.
If your client code can generate one of these methods support then the authentication of the web service must be successful. I don't believe not that style OAM authentication will work here as it is about browser/cookie based.
Please come back with more detailed questions if necessary.
Richard
Maybe you are looking for
-
I do not have group policy Windows XP SP3
My original hard drive died on me, so I had to get a replacement. I don't know if I'm allowed to use Group policy more because I'm on the replacement of the hard drive on an Acer laptop, but if I can someone please tell me how can I get a copy of it?
-
My computer is saying install Wndows in quick launch window, while I have windows
Install My computer is saying install Wndows in quick launch window, while I have windows
-
How can I find the codes of codecs
How can I find the codes of codecs
-
Word document and clearing the Blackberry browser cache automatically
I hope that is clear enough, let me give you general information. I developed an application of launchpad for launching the BB browser and it points to a Web site on the intranet that allows end-users to access a word document. The end users have acc
-
New boot loop card mother Windows 7
I've recently updated my an Intel P35 to a nVidia 780i motherboard and can't seem to start to install the new drivers. I can't reinstall Win7 disc because it forces me to start windows normally. Startup Repair gives me this error. Problem event name