IDM 14.3 DBA privilege
search cancel

IDM 14.3 DBA privilege

book

Article ID: 137553

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

Client has planning to use the separated Oracle DBs within a new installation and due to DBAs requirements need to make sure wish schema users need DBA privilege on Oracle:


1) Object Store

2) Task Persistence

3) Archive

4) Auditing

5) Snapshots (reporting)

6) Workflow

Environment

Release : 14.3

Component : IdentityMinder(Identity Manager)

Resolution

1) open the URL https://<your machine>:10443/ 

2) Login as config user in the "CA Identity Suite Virtual Appliance console" 

3) Click over link "Help" that will bring a link for "Prerequesites for external database integration" Direct Link inside of vaap: https://:10443/IG-DB-Scripts/readme.txt This readme.txt has information for each external database of identity suite including CA-Identity Manager:


 ========================================= Identity Manager  ========================================


Identity Manager uses 6 data sources: 

 1) Object Store 

 2) Task Persistence 

 3) Archive 

 4) Auditing 

 5) Snapshots (reporting) 

 6) Workflow 


 You may either create a single user/schema for all of the above data sources, or decide to split schemas according to sizing requirements (you may either split all data-sources, or some of them) 


 Oracle: ------- 


a. Create an Identity Manager database. 

b. Create a user with DBA privileges on the Identity Manager database. 

c. The tables will be created automatically by Identity Manager upon first run 

d. After the first run, you should revoke the DBA privilege and assign the following privileges instead: 


 Create/alter/drop tables 

 Create/alter/drop view 

 Create/alter/drop INDEX 

 Create/replace/drop stored procedures 

 Create/replace/drop functions 

 Create/drop sequence 

 Create/replace/drop triggers 

 Create/replace/drop types 

 Insert/select/delete records 

 CREATE SESSION/connect to database



Additional Information

For more information of permissions as CA Identity Portal, CA Identity Governance and also if needs information for MSSQL server the same readme.txt file mentioned in this doc can be reviewed in Vaap


1) open the URL https://<your machine>:10443/ 

2) Login as config user in the "CA Identity Suite Virtual Appliance console" 

3) Click over link "Help" that will bring a link for "Prerequesites for external database integration"

Powered by Wolken Software