What Are the Minimum Privileges / Group Membership a Regular (NonAdmin) User Needs To Register Databases / Network Services with DBCA for EUS or Create Tnsnames Entries in an OID OracleContext? (TNS-04411: Directory service: permission denied)
Last updated on AUGUST 31, 2017
Applies to:Oracle Net Services - Version 22.214.171.124 and later
Oracle Internet Directory - Version 10.1.2 and later
Information in this document applies to any platform.
Created a non-administrator user in Oracle Internet Directory (OID) only for registering network services, i.e., to create tnsnames entries into the cn=oraclecontext,dc=mycompany,dc=com realm context.
This user will be using Net Manager (Netmgr) and/or Oracle Directory Manager (OID 10g) / Oracle Directory Services Manager (ODSM, OID 11g) to register the entries, or Database Configuration Assistant (DBCA) to register databases for Enterprise User Security (EUS).
What are the minimum privileges/groups this ID needs for these purposes?
Below is a potential DBCA error authenticating with a regular user without sufficient permissions:
service. - TNS-04411: Directory service:
TNS-04411: Directory service: permission denied
caused by: oracle.net.ldap/NNFLException
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms