• State Not Answered
  • Replies 3 replies
  • Subscribers 93 subscribers
  • Views 1101 views
  • Users 0 members are here
Options
Related

Oracle native DB Connector user permission

mgck73
over 2 years ago

Dear All,

We are connecting oracle db using native database connector. We are following below guide. In guide we can see that user to connect oracle db is mentioned as SYSTEM in “ Creating a synchronization project” section.

It also mentioned that Connect Mode to SYSDBA. https://support.oneidentity.com/technical-documents/identity-manager/8.1.4/administration-guide-for-connecting-to-native-databases-through-database-systems-integration-module/2#TOPIC-1548914

As per DB Admin, We have to provide them minimum permission required so they can grant it to different user which we can leverage for integration. we can not use sys/system user. We have tried to explore in guide but unable to find the correct path. Can you provide us some link or detail for same?  is it mandatory to use user who have permission similar to sys or system user?

Thanks

  • 0 over 2 years ago

    If you want to manage the oracle users (the ones on your Oracle Serve, that's what the DSI is for), then you need a user in Oracle that allows you to do the following.

    • Read all user accounts and their attributes

    • Read all user roles

    • Read all user profiles

    • Read all tablespaces

    • Read user role membership

    • Read role membership

    • Create and delete operations for users

    • Change password for users

    • Lock or unlock users
    • Change role membership
    • Change user role membership

    I think you just need to specify the user where "SYSTEM" is mentioned in the documentation as the user but still need to follow the other steps (Connect mode = SYSDBA).

  • 0 over 2 years ago in reply to Markus Weiss-Ehlers

    Thanks A lot Markus. 

    Since we have to follow the steps (Connect mode = SYSDBA) this means user which will be used for integration should have SYSDBA privilege apart from above permission.

    We have assigned all above permission but when we are trying to connect with connect mode =SysDba, it throws invalid username password. If we select connect mode = Default, then it throws error in last.

    Can you suggest if a user with SYSDBA privilege is required to connect in sysdba mode.

  • 0 over 2 years ago in reply to mgck73

    I am no Oracle expert. I only know that the connector tries to read the tables user and roles tables from the sys - schema. I just assume that therefore, the sysdba privilege is needed.