This discussion is archived
4 Replies Latest reply: Feb 27, 2012 2:50 PM by Paul R RSS

db

839388 Newbie
Currently Being Moderated
Hi All,

I have configure db vault for db. I want one of the user to access only some of the tables.
For e.g I want user A to access only emp table of user B.

Can any one help me in implementing the this.

Your assistance is much appreciated in this regards.

Thanks and Regards,
  • 1. Re: db
    IBarr Explorer
    Currently Being Moderated
    This is actually the forum for Audit Vault not Database Vault. But to answer your question, If you want to restrict User A from accessing any tables in Schema B other than the EMP table, then you can just use normal object level privileges. i.e.
    GRANT SELECT ON B.EMP TO A;

    If User A has some ANY privileges that would allow them to access other tables in Schema B, such as SELECT ANY TABLE, then you should put Schema B in a Realm to protect it from the ANY privileged users. Any other users that should still be able to make use of the ANY privileges can then be added as Realm Participants.

    Hope that helps,

    Iain Barr
    Ategrity Solutions Ltd.
  • 2. Re: db
    839388 Newbie
    Currently Being Moderated
    Hi Iain,

    I dont find any separate forum for db vault hence i post a question in this forum.

    Thanks for the help.

    Can you please help me in finding good examples of realms , rulesets for db vault.

    I tried to find one however unable to find it.

    Please help.

    Thanks and Regards
  • 3. Re: db
    IBarr Explorer
    Currently Being Moderated
    Have you tried the Database Vault Administrator's Guide: http://www.oracle.com/pls/db112/to_toc?pathname=server.112/e23090/toc.htm

    Regards,

    Iain Barr
    Ategrity Solutions Ltd
  • 4. Re: db
    Paul R Explorer
    Currently Being Moderated
    Database Vault can help you here but it's probably overkill.

    Database Vaults main function is to prevent privileged users (SYS, SYSTEM, DBAs) from accessing application data inside the database.

    I think what you might be trying to achieve is allowing one user to access data in another schema. This can be done with regular grants eg :

    grant select on scott.tiger to paul;

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points