Users Not Granted DVACCTMGR Role Allowed To Manage Other Users In An AV Database (Doc ID 1123624.1)

Last updated on NOVEMBER 25, 2016

Applies to:

Oracle Audit Vault - Version 10.2.3.2 and later
Information in this document applies to any platform.

Symptoms

After applying  patchset 10.2.3.2 on an  Audit Vault Server environment that uses a RAC database as a repository, SYS is able to manage users via Enterprise Manager DB Console. A new user can be created, an old one can be dropped or the password of any user can be altered. All these operations should fail with ORA-1031 when they are executed  by an user who was not granted the DVACCTMGR role.


Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms