A user can have roles and grants. A grants is set of privileges on a “Security group”, while roles are a set of grants or other roles or security groups.
A “Security group” is a set of database instances and/or servers.
Four roles are predefined:
Domain Manager, a special role, that gives privileges to edit the domain configuration. This is to change anything related to the setup of the dbWatch Control Center installation. This role cant be altered, removes, modified or have extra privileges added to it.
Security Manager, a special role that gives privileges to edit the security system in dbWatch.
Super DBA, a special role, that gives all privileges on all the registered database instances. This role cant be altered, removes, modified or have extra privileges added to it.
DBA, by default, this gives all privileges on all the registered database instances. But different from the “Super User” role, this can be changed, and the list of instances can be changed.
You can also create your own roles.
The normal setup is to give users either the “DBA” or “Super User” roles, and have the users that also configure security and setup of Control Center have the “Domain MAnager”/“Security Manager” role.
For specific privileges look at the Privilege and actions map
See details for 2 factor authentication.
For specific privileges look at the Privilege and actions map
Post your comment on this topic.