Overview of Enterprise User Security Administrative Groups |
 Contents |
 Previous |
 Next |
Security administrators must belong to the identity management realm administrative groups described in the following table in order to manage Enterprise User Security:
| Administrative Group | Description |
|---|---|
| OracleContextAdmins | Have full access to all groups
and entries within its associated realm's Oracle Context
DN: Default owner: The user who created the identity management realm. |
| OracleDBAdmins | Manage user-schema
mappings. Only users who are already members of this group
or OracleContextAdmins can add or remove users from the OracleDBAdmins
group.
DN: Default owner: None. Database Configuration Assistant automatically makes the user who registers a database in the directory a member of this group. |
| OracleDBCreators | Create new databases and
register them in the directory by using Database Configuration Assistant.
Can add database service objects to the realm's Oracle Context.
Can modify entrees in the OracleDefaultDomain (enterprise
domain).
DN: Default owner: OracleContextAdmins |
| OracleDBSecurityAdmins | Have permissions on all of
the domains in the enterprise to set default database-to-directory
authentication method, create and delete enterprise domains, move
databases from one domain to another.
When Oracle Internet Directory Configuration Assistant creates the default realm's Oracle Context, the tool grants this group's members all privileges in the OracleDBSecurity subtree and modify privileges for members of the OracleDBSecurityAdmins group. DN: Default owner: All group members |
| OracleUserSecurityAdmins | Administer all aspects of
Oracle database user security, such as reading wallet password hints
and modifying user passwords.
DN: Default owner: The user who created the identity management realm. |
| OraclePasswordAccessibleDomains | Group members are enterprise
domains, which contain databases enabled for password-authenticated
enterprise users.
DN: Default owner: All group members |
For more information about these administrative groups, refer to the Oracle Database Security Guide.