In User Administration Setup, if you are a system administrator or an advanced user with the appropriate permissions, you can manage database users and the associated database roles. - HOW DOES THIS WORK NOW? NO SYS ADMIN ROLE ANYMORE?
To enable the database user management functionality in your environment, set Sys Item 239 (Database Users screen visibility in User Administration Center) to 1. You can also allow different access based on the type of region (DEV, TEST, PROD) control via Sys Item 201. Depending on the type of region, the system will display code values of one of these three categories as allowed roles: DB_USER_DEV, DB_USER_QA, and DB_USER_PROD.
About the Proxy Feature
For DEV regions only (Sys Item 201=DEV), you can also use the proxy feature (Add write permissions and Remove write permissions) to connect to the database either as an ESTAR or PACE_MASTERDBO user. To connect with this type of access, users have to be granted appropriate permissions in User Administration. The Add Write Permissions command should be applied in the DB Users window. The Remove Write Permissions command should be used to remove this access.
New DB Users are now assigned to predefined DB Roles which are selected according to Sys Item 201 which specifies whether it is a PROD, DEV, or TEST system. Additionally, the EA_PROFILE profile is now applied when a new DB user is created.
DB Users Feature - Audit trail - BUILT ONLY IN SMC??
Full audit history of any Manage DB User activity initiated from within User Admin UI is shown in 'DB Users Administration Audit' report
Location: System management Center > Diagnostics > Queries > Query name - UA Security - DB Users Administration Audit
This feature will be available as of V2015 R2.7. During the install process, a special step is required that is noted in the install documentation delivered with the release.
You can manage Oracle database users as follows:
0 Comments