We are trying to set up Oracle Database as policy store but I am getting the following error message.
smreg su command failed.
Please fix the error and reconfigure the Policy Store.
I could see that tables has been created. While trying to execute smreg -tu command, I have noticed the below error message.
[08/30/2018][16:13:53][16:13:53.136][Start processing SQL statement.][CSmRecordset::Execute][CDb.cpp:305][insert into smrootconfig5 (rootconfigoid, enableusertracking, dynamicprefs, majorversion, minorversion, smmode) values ('1c-67b3c2b0-9e28-11d3-95e7-00c04f7468ef', 0, ' ', 7, 0, 0)][08/30/2018][16:13:53][16:13:53.173][SQL Error.][-1][CSmDbConnectionODBC::CheckForError][CSmDbODBC.cpp:1436][[NS][ODBC Oracle Wire Protocol driver][Oracle]ORA-01950: no privileges on tablespace 'USERS'][HY000]..
Failed to create the super user account.
It is trying to create the superuser account in "USERS" table space. May I know the reason for the same as we have created dedicated table space and the tables has already been created(by the installer wizard) in the dedicated table space?
Could we have the steps how the tablespace was created and how an admin user has been assigned to the tablespace.
Ideally, I'd do the following steps in Oracle DB
Reference : Validate with the first two sections (Pre-Requisite) in the link below.
Configure an Oracle Policy Store - CA Single Sign-On - 12.52 SP1 - CA Technologies Documentation
Ensure you have checked SSO support matrix that the particular Oracle DB is on supported version.
Oracle 12c comes out with a new patch, and in that new patch, there are significant security account, right and permission changes, which may not work the same way as previous releases.
I also do not see the advantage of using Oracle DB as policy store, comparing with CA directory in term of both performance as well as difficulty level.
Hi Hubert and Hongxu,
Thanks for providing the step by step information.
Actually, my DBA team has provided all the required privileges for new account (including quota) to the newly created table space. But, he missed to set the new table space as default table space for the account.
So, the tables are getting created in 'USERS' table space. As no space is required to create a table, it is getting created without any issue but as the space is required for inserting data into the table, it is showing the error message as "no privileges on tablespace 'USERS" (Currently, no quota is set for new user in the 'USERS' table space).
I have asked DBA team to correct the same. Hope, I will not get any issue once they fix the same.
Thanks for your response. We are already in the process of migrating to CA Directory.
Dhilip, That's right. Please ask your DBA to check if the above Oracle user has the "Unlimited Tablespace" privilege granted for that tablespace.
Thanks for your support. As per our company standards, using unlimited table space is not allowed. So, I have asked our DBA team to set the SIZE as 20G. Also, I have asked them to enable AUTOEXTEND. I hope this should be sufficient. Let me know if there any concerns.
Also, currently I have successfully set up policy store & super user account using configuration wizard.