My Oracle Support Banner

Users Being Granted Dv_secanalyst Cannot Be Added To The Auth List Of Any Realm (Doc ID 1319668.1)

Last updated on MARCH 06, 2019

Applies to:

Oracle Database Vault - Version 11.1.0.7 and later
Information in this document applies to any platform.

Symptoms

NOTE: In the images and/or the document content below, the user information and data used represents fictitious data from the Oracle sample schema(s) or Public Documentation delivered with an Oracle database product. Any similarity to actual persons, living or dead, is purely coincidental and not intended in any manner. 

Users being granted the DV_SECANALYST role either directly or via a role cannot be added to the authorizations list of any realm:

SQL> conn dvowner
Connected.

SQL> grant dv_secanalyst to TEST_DBA;

Grant succeeded.

SQL> declare
begin
dvsys.dbms_macadm.ADD_AUTH_TO_REALM(
realm_name => 'OCCS Realm'
,grantee => 'TEST_DBA'
,rule_set_name => 'OCCS Admin Access'
,auth_options => 0);
commit;
end;
/ 2 3 4 5 6 7 8 9 10
declare
*
ERROR at line 1:
ORA-01031: insufficient privileges
ORA-06512: at "DVSYS.DBMS_MACUTL", line 10
ORA-06512: at "DVSYS.DBMS_MACUTL", line 367
ORA-06512: at "DVSYS.DBMS_MACADM", line 1658
ORA-06512: at line 3


SQL> revoke dv_secanalyst from TEST_DBA;

Revoke succeeded.

SQL> declare
begin
dvsys.dbms_macadm.ADD_AUTH_TO_REALM(
realm_name => 'OCCS Realm'
,grantee => 'TEST_DBA'
,rule_set_name => 'OCCS Admin Access'
,auth_options => 0);
commit;
end;
/
2 3 4 5 6 7 8 9 10
PL/SQL procedure successfully completed.

SQL>

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.