Thanks for the info, Courtney. I couldn't access the slide share due to
company policies on various sites but am reading through the doc on private
roles.
Dave
On 7/22/2019 8:20:45 AM, Courtney Llamas <courtney.llamas@xxxxxxxxxx> wrote:
What you need to look at is the Private Roles. These allow grants to jobs,
credentials, etc. It’s been a while, but I have an example in this deck
starting on slide 37
https://www.slideshare.net/CourtneyLlamas/oracle-enterprise-manager-security-a-practitioners-guide
[https://www.slideshare.net/CourtneyLlamas/oracle-enterprise-manager-security-a-practitioners-guide]
Not sure if its changed much, but the docs are included here
https://docs.oracle.com/en/enterprise-manager/cloud-control/enterprise-manager-cloud-control/13.3.1/emsec/emsec-13.3-sp-oracle-enterprise-manager-cloud-control-security-guide.pdf
[https://docs.oracle.com/en/enterprise-manager/cloud-control/enterprise-manager-cloud-control/13.3.1/emsec/emsec-13.3-sp-oracle-enterprise-manager-cloud-control-security-guide.pdf]
On Jul 19, 2019, at 2:06 PM, Dave Herring <gdherri@xxxxxxxxx
[mailto:gdherri@xxxxxxxxx]> wrote:
The issue is with permissions/access to the OEM Job scheduling system, not
database / DBMS_SCHEDULER.
I believe I found a potential solution - create a role under Setup -> Security
-> Role, then on each Job update to allow access by this role, then lastly
grant this role to each Administrator as I create them (well, do for one and
everyone else is a "Create like").
If there's a better way (other than retro-fitting the existing environments to
NOT create and schedule all OEM jobs as SYSMAN) by all means share. Thx.
Dave
On 7/19/2019 1:23:13 PM, Mladen Gogala <gogala.mladen@xxxxxxxxx
[mailto:gogala.mladen@xxxxxxxxx]> wrote:
Version 12.1.0.4? I seem to be a bit behind the latest development. What’s
going to happen next? Someone will invent a telephone with a camera which can
connect to Internet?
However, try granting your admins SCHEDULER_ADMIN role and CREATE JOB and
MANAGE SCHEDULER privileges. That should allow the newly minted admins to
perform administrative functions on DBMS_SCHEDULER.
Regards
On 7/19/19 1:57 PM, Dave Herring wrote:
I've got a bit of a newb question related to view-access of other admin's jobs
in OEM. The environment is 12.1.0.4 where all target jobs are created under
SYSMAN account. I'd like to grant a new slew of admins the ability to view
these jobs, both the definition in the Job Library along with scheduled and
execution history. I don't see anything that explicitly grants this during
Administrator creation so perhaps I'm missing something. Is it possible to do
this?
Thx.
Dave
