Hi,Please we are about to install SSO server over a Linux server using Oracle RAC database and we need to know what are the schemas needed as respectives permissions for each schema.
Is there any list of schemas used and respectives permissions ?Tks,Lincoln
The sql schema file are shipped from policy server binary, but loaded onto Oracle database.
The ODBC connection account should have full ownership of the specific database being created, so that it can read, execute, modify, write to it after setup.
Installation and Upgrade Guides › Policy Server Installation Guide › Configuring CA SiteMinder® Data Stores in a Relational Database › How to Store Key Information in Oracle
The documentation says "Note: We recommend that you do not create CA SiteMinder® schema with the SYS or SYSTEM users. If necessary, create an Oracle user, such as SMOWNER, and create the schema with that user.
The following Oracle schema files are in the siteminder_home\db\SQL directory.
Specifies the Policy Server installation path.
Creates the schema for a policy store and key store.
Note: If you are storing keys in a different database, this schema file creates the schema for the key store data.
Creates the schema for the audit logs.
Creates the schema for a session store.
Creates the schema for a sample users database and populates the database with sample users.
The following Oracle schema file is provided in the policy_server_home\xps\db directory.
Creates the XPS schema for a policy store.
Hope this helps.
Tks a lot !
Enviada em: terça-feira, 13 de setembro de 2016 16:28
Para: Lincoln Ubirajara Gaeski Sant Anna <Lincoln.Anna@globalweb.com.br>
Assunto: Re: - Re: CA Single Sign-On schema and rights
CA Communities <https://communities.ca.com/?et=watches.email.thread>
Re: CA Single Sign-On schema and rights
reply from liuho03<https://communities.ca.com/people/liuho03?et=watches.email.thread> in CA Security - View the full discussion<https://communities.ca.com/message/241913420?commentID=241913420&et=watches.email.thread#comment-241913420>
Thanks a lot.
Please, do you know if we could run those one unique schema ?
For example, i have a user name “smadmin” in oracle, and want to upload sm_oracle_ps.sql, sm_oracle_logs.sql and xps schema under this unique user.
Do you know if it is possible ? Or I must to create separated schemas ( with diferente names ) and upload one-by-one ?
Yes, you can run them within one Oracle Database.
But that means you put all eggs in same basket. sm_oracle_ps.sql and xps schema belongs to policy store, and sm_oracle_logs.sql belongs to audit logging feature.