My Oracle Support Banner

Users Being Granted Dv_secanalyst Cannot Be Added To The Auth List Of Any Realm (Doc ID 1319668.1)

Last updated on JANUARY 02, 2020

Applies to:

Oracle Database Vault - Version 11.1.0.7 and later
Information in this document applies to any platform.

Symptoms

NOTE: In the images and/or the document content below, the user information and data used represents fictitious data from the Oracle sample schema(s) or Public Documentation delivered with an Oracle database product. Any similarity to actual persons, living or dead, is purely coincidental and not intended in any manner. 

Users being granted the DV_SECANALYST role either directly or via a role cannot be added to the authorizations list of any realm:

SQL> conn <user with DV_OWNER role>
Connected.

SQL> grant dv_secanalyst to <user name>;

Grant succeeded.

SQL> declare
begin
dvsys.dbms_macadm.ADD_AUTH_TO_REALM(
realm_name => '<realm name>'
,grantee => '<user name>'
,rule_set_name => '<rule set name>'
,auth_options => 0);
commit;
end;
/ 2 3 4 5 6 7 8 9 10
declare
*
ERROR at line 1:
ORA-01031: insufficient privileges
ORA-06512: at "DVSYS.DBMS_MACUTL", line 10
ORA-06512: at "DVSYS.DBMS_MACUTL", line 367
ORA-06512: at "DVSYS.DBMS_MACADM", line 1658
ORA-06512: at line 3


SQL> revoke dv_secanalyst from <user name>;

Revoke succeeded.

SQL> declare
begin
dvsys.dbms_macadm.ADD_AUTH_TO_REALM(
realm_name => '<realm name>'
,grantee => '<user name>'
,rule_set_name => '<rule set name>'
,auth_options => 0);
commit;
end;
/
2 3 4 5 6 7 8 9 10
PL/SQL procedure successfully completed.

SQL>

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.