X hits on this document





48 / 78


© 2010 Oracle Corporation – Proprietary and Confidential

The Three A’s Best Practices Enterprise Manager Authorization Overview

What type of administrator should the new user be?

What System Privilege(s) should the user have?

If groups of targets are always monitored and managed in the same way, do we have to grant the privileges on these individual targets to the user?

Privilege Propagating Group – Privileges granted on the group automatically granted on its members

Normal Enterprise Manager Administrator

Has NO access to anything unless granted privileges

Super Administrator

Has FULL privileges on all targets and the ability to create Super Administrators

Enterprise Manager offers 10 System Privileges (4 new in 11g Release 1),e.g.,

Should the user be able to VIEW any targets

Should the user be able to ADD new targets?

What targets should the user be able to access?

Should the user only be able to monitor the databases of his own department?

What Target Privilege(s) should the user have

Enterprise Manager provides 7 Target Privileges, e.g.,

Should the user be able to blackout target 1, 2 and 3?

Should the user be able to change metric threshold setting for target 4, 5 and 6?

Whether the user is able to tune performance of  target 1 depends on the credential he uses to connect to target 1

Privilege Propagating Group


If there are a set of users sharing the same responsibilities, do we have to grant all the individual privileges one by one to these users?

Role -- Set of privileges

Document info
Document views335
Page views336
Page last viewedTue Jan 24 05:31:53 UTC 2017