4 Replies Latest reply on Feb 27, 2012 10:50 PM by Paul R


      Hi All,

      I have configure db vault for db. I want one of the user to access only some of the tables.
      For e.g I want user A to access only emp table of user B.

      Can any one help me in implementing the this.

      Your assistance is much appreciated in this regards.

      Thanks and Regards,
        • 1. Re: db
          This is actually the forum for Audit Vault not Database Vault. But to answer your question, If you want to restrict User A from accessing any tables in Schema B other than the EMP table, then you can just use normal object level privileges. i.e.

          If User A has some ANY privileges that would allow them to access other tables in Schema B, such as SELECT ANY TABLE, then you should put Schema B in a Realm to protect it from the ANY privileged users. Any other users that should still be able to make use of the ANY privileges can then be added as Realm Participants.

          Hope that helps,

          Iain Barr
          Ategrity Solutions Ltd.
          • 2. Re: db
            Hi Iain,

            I dont find any separate forum for db vault hence i post a question in this forum.

            Thanks for the help.

            Can you please help me in finding good examples of realms , rulesets for db vault.

            I tried to find one however unable to find it.

            Please help.

            Thanks and Regards
            • 3. Re: db
              Have you tried the Database Vault Administrator's Guide: http://www.oracle.com/pls/db112/to_toc?pathname=server.112/e23090/toc.htm


              Iain Barr
              Ategrity Solutions Ltd
              • 4. Re: db
                Paul R
                Database Vault can help you here but it's probably overkill.

                Database Vaults main function is to prevent privileged users (SYS, SYSTEM, DBAs) from accessing application data inside the database.

                I think what you might be trying to achieve is allowing one user to access data in another schema. This can be done with regular grants eg :

                grant select on scott.tiger to paul;