What Are the Minimum Privileges / Group Membership a Regular (NonAdmin) User Needs To Register Databases / Network Services with DBCA for EUS or Create Tnsnames Entries in an OID OracleContext? (TNS-04411: Directory service: permission denied)
(Doc ID 1428080.1)
Last updated on APRIL 03, 2019
Applies to:Oracle Net Services - Version 126.96.36.199 and later
Oracle Internet Directory - Version 10.1.2 and later
Information in this document applies to any platform.
Created a non-administrator user in Oracle Internet Directory (OID) only for registering network services, i.e., to create tnsnames entries into the cn=oraclecontext,dc=mycompany,dc=com realm context.
This user will be using Net Manager (Netmgr) and/or Oracle Directory Manager (OID 10g) / Oracle Directory Services Manager (ODSM, OID 11g) to register the entries, or Database Configuration Assistant (DBCA) to register databases for Enterprise User Security (EUS).
What are the minimum privileges/groups this ID needs for these purposes?
Below is a potential DBCA error authenticating with a regular user without sufficient permissions:
service. - TNS-04411: Directory service:
TNS-04411: Directory service: permission denied
caused by: oracle.net.ldap/NNFLException
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document