Database Rights for the Automation Engine

Specific database rights are required for new installations and update installations of an AE system.

After the installation process, you can remove the schema rights that are required for the database user in order to avoid unintended database modifications.

MS SQL Server

The database user requires the role "db_owner".

sp_addrolemember 'db_owner','uc4'

Oracle

• CREATE SESSION
• CREATE TABLE
• CREATE SEQUENCE
• CREATE PROCEDURE
• EXECUTE ANY PROCEDURE
• CREATE VIEW
• CREATE PUBLIC SYNONYM
• DROP PUBLIC SYNONYM
• ALTER SESSION
• Either the system privilege UNLIMITED TABLESPACE or the tablespace quotas for all tablespaces
• The right EXECUTE for the DBMS package (command so set this right: GRANT execute ON dbms_lock TO <schema_name>). This right can only be set by a user who has the SYSDBA privilege.

Example commands that can be used to assign the relevant rights to the database user uc4:

GRANT create table, create sequence, create session, create procedure, execute any procedure, create public synonym, drop public synonym, create view, alter session, select any dictionary TO uc4;
GRANT execute ON dbms_lock TO uc4;
GRANT unlimited tablespace TO uc4;

The following example commands can be used to check the rights:

Step 1: CREATE TABLE

CREATE TABLE UCDUMMY (UCDUMMY_PK INTEGER NOT NULL, UCDUMMY_System VARCHAR2 (8) NULL,
CONSTRAINT PK_UCDUMMY PRIMARY KEY
(
UCDUMMY_PK
) USING INDEX TABLESPACE UC4_INDEX
) TABLESPACE UC4_DATA;

Step 2: CREATE SEQUENCE

CREATE SEQUENCE SQ_UCDUMMY
INCREMENT BY 1 START WITH 1 MAXVALUE 999999999
MINVALUE 1 CYCLE CACHE 1000 NOORDER;

Step 3: CREATE PROCEDURE

create or replace PROCEDURE DUMMY_PROCEDURE
as
BEGIN
dbms_output.enable(buffer_size => NULL);
dbms_lock.sleep(5);
dbms_output.put_line('could start procedure');
END;

Step 4:

set serveroutput on;

ALTER SESSION:

ALTER SESSION SET NLS_DATE_LANGUAGE = American;

EXECUTE PROCEDURE, EXECUTE for the DBMS package:

execute dummy_procedure;

Use the following commands to delete the test data that has been created: 

DROP TABLE UCDUMMY;
DROP SEQUENCE SQ_UCDUMMY;
DROP PROCEDURE DUMMY_PROCEDURE;

Read the White Paper "UC4.Oracle Database Security Recommendations" if you intend to use several schema users with different rights.

DB2 

• Read access to system tables such as SYSIBM.SYSTABLES,...
• Right to create tablespaces
• Right to create indexes
• Full access to the tables

Use the following command to set these rights:

grant dbadm on database to <user>;

See also:

New Installation - Setting Up The Database

Upgrade Installation