Users Being Granted Dv_secanalyst Cannot Be Added To The Auth List Of Any Realm (Doc ID 1319668.1)

Last updated on MAY 26, 2011

Applies to:

Oracle Database Vault - Version: 11.1.0.7 and later   [Release: 11.1 and later ]
Information in this document applies to any platform.

Symptoms

Users being granted the DV_SECANALYST role either directly or via a role cannot be added to the authorizations list of any realm:


SQL> conn dvowner
Connected.

SQL> grant dv_secanalyst to NL12345_DBA;

Grant succeeded.

SQL> declare
begin
dvsys.dbms_macadm.ADD_AUTH_TO_REALM(
realm_name => 'OCCS Realm'
,grantee => 'NL12345_DBA'
,rule_set_name => 'OCCS Admin Access'
,auth_options => 0);
commit;
end;
/ 2 3 4 5 6 7 8 9 10
declare
*
ERROR at line 1:
ORA-01031: insufficient privileges
ORA-06512: at "DVSYS.DBMS_MACUTL", line 10
ORA-06512: at "DVSYS.DBMS_MACUTL", line 367
ORA-06512: at "DVSYS.DBMS_MACADM", line 1658
ORA-06512: at line 3


SQL> revoke dv_secanalyst from NL12345_DBA;

Revoke succeeded.

SQL> declare
begin
dvsys.dbms_macadm.ADD_AUTH_TO_REALM(
realm_name => 'OCCS Realm'
,grantee => 'NL12345_DBA'
,rule_set_name => 'OCCS Admin Access'
,auth_options => 0);
commit;
end;
/
2 3 4 5 6 7 8 9 10
PL/SQL procedure successfully completed.

SQL>

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms