5.9.4 Add an Oracle DB user (UNIX)
Function
This plug-in adds new database users to the Oracle Database server for UNIX.
This plug-in starts SQL*Plus on the Oracle Database server (hereinafter referred to as the "database server") that is specified for the host name of the execution-target server (the plugin.destinationHost property), and then executes the "CREATE USER" statement.
As in the case of a "GRANT" statement in SQL*Plus, you can specify system privileges, object privileges, and role names for the database privilege property (the database.dbPrivilege property) by using commas to delimit items. If you specify a value for the database privilege, the "GRANT" statement is executed after the "CREATE USER" statement. You cannot specify "WITH HIERARCY OPTION" or "WITH GRANT OPTION" for the "GRANT" statement.
If you do not specify a value for the database privilege, database users who have no privileges will be added.
For services that use this plug-in, you must create a temporary file in a directory on the database server, store the database user password in the created file, and then specify the full path to the temporary file as path of the remote password file (the common.passwordFilePass property).
The following Oracle-related terms are used in this document:
- Oracle Database instance
An instance of the database that is installed on the database server.
Multiple instances can exist on the same database server. Each instance has a unique ID name (see "Oracle system identifier (SID)" below) and its own installation folder on the database server.
Oracle Database instances are bundles of database table areas, database user account information, and information about user privileges.
- SQL*Plus
A utility tool that is provided with Oracle Database.
This tool provides unique commands for operating and maintaining Oracle Database from the command line interface (CLI). It also provides a database client functionality for executing SQL statements.
- Oracle system identifier (SID)
A name that identifies an Oracle Database instance.
In Oracle online manuals, this name is referred to as the Oracle system identifier or SID.
- System privilege
See the specifications of Oracle Database.
- Object privilege
See the specifications of Oracle Database.
- Role
See the specifications of Oracle Database.
The following server is required for this plug-in:
- Oracle Database server (execution-target server)
A server on which Oracle Database is installed.
Use situation
This plug-in can be used to add new database users to Oracle Database instances that are running.
Prerequisites
For the most recent information about the prerequisite products in the system, the prerequisite products in the execution-target system, and the supported OSs for the prerequisite products in the execution-target system, see the Release Notes.
[Prerequisite products in the system]
JP1/Automatic Operation 11-00 or later
[Prerequisite products in the execution-target system]
(1) Oracle Database server
- Oracle 11g Standard/Enterprise
[Supported OSs for the prerequisite products in the execution-target system]
(1) Oracle Database server
- Red Hat Enterprise Linux Server 6 (32-bit x86), Red Hat Enterprise Linux Server 6 (64-bit x86_64)
- Red Hat Enterprise Linux Server 7 (64-bit x86_64)
Note, however, that these OSs must meet the requirements for Oracle Database.
[Conditions for using the prerequisite products in the execution-target system]
(1) Conditions related to the Oracle Database server
- Oracle Database has been installed normally.
- SQL*Plus has been installed.
- The Oracle Database instance corresponding to the specified Oracle system identifier (SID) is not running.
Cautions
(1) The Oracle system identifier (hereinafter referred to as the SID) that is specified for the property database.oracleSid is case sensitive. The SID cannot contain any of the prohibited characters below. In addition, Oracle might impose other limitations. For details on the limitations, see the specifications for Oracle Database.
Prohibited characters:
- Double quotation marks (") and single quotation marks (')
- Line feed characters (\n)
- Halfwidth spaces ( )
- Semicolons (;)
(2) The value specified for the database user ID property (database.dbUserId) must not contain any of the prohibited characters in (1) and must not exceed 30 bytes. In addition, this value must not conflict with reserved keywords. For details on reserved keywords and other prohibited characters, see the specifications for Oracle Database.
(3) The file (hereinafter referred to as the "password file") specified for the remote password file path property (database.passwordFilePath) must be a text file, and the password must be specified in the first line of the file. The password must not contain any of the prohibited characters in (1) and must not exceed 30 bytes. For details on other prohibited characters, see the specifications for Oracle Database. Note that this property is case sensitive.
(4) The value specified for the database privilege property (database.dbPrivilege) must not contain any of the prohibited characters in (1) other than halfwidth spaces. In addition, this value must not conflict with reserved keywords. For details on reserved keywords and other prohibited characters, see the specifications for Oracle Database. This property is not case sensitive. If you specify the name of a privilege that does not exist, the plug-in ends abnormally and database users who have no database privileges might remain. If necessary, delete such users.
(5) This plug-in references the "oratab" file that was created by the Oracle Database installer and then obtains information about the installation folder corresponding to the specified SID. If the plug-in cannot correctly obtain information about the actual installation folder (for example, because the "oratab" file has been changed from its state immediately after installation for some particular reason such as the update, transfer, or deletion of the file), this plug-in assumes that the Oracle Database instance corresponding to the SID (hereinafter referred to as the "target instance") does not exist or that Oracle Database has not been installed, and then ends abnormally.
(6) The encoding type set for the target instance must be the same as the encoding type set for the OS of the database server. If these encoding types are different, an error or incorrect operation might occur.
(7) If the password file cannot be read from the specified folder or the content of the password file is invalid, this plug-in ends abnormally. Note, this plug-in does not delete the password file when processing finishes, even if the plug-in ends normally.
(8) If this plug-in ends abnormally, an error code beginning with "ORA-" and a message might be output to the task log. In such cases, search for the error code on the manual website for Oracle Database.
Execution privilege
- Users who belong to the OSDBA group
Version
02.00.00
Plug-in tags
Control Database,Oracle Database
Plug-in name displayed in the task log
dbAddOracleUser_Unix
Return code
0: Normal
12: Error (Mistake by user) Invalid property
23: Error (Invalid environment) The environment requirements are not met.
27: Error (Check with the task log about the error detail) Unidentified error
41: Error (An error has been detected in the plug-in) Property not entered (An error has been detected in the component script)
Property list
The following table lists the properties:
|
Property key |
Property name |
Description |
Default value |
I/O type |
Required |
|---|---|---|---|---|---|
|
plugin.destinationHost |
Host name of the execution target server |
Specify the host name or IP address of the server on which this plugin will be executed. IPv6 addresses are not supported. |
-- |
Input |
R |
|
database.oracleSid |
Oracle database system identifer (SID) |
Specify the system ID (SID) for the target Oracle database instance. |
-- |
Input |
R |
|
database.dbUserId |
Database User ID |
Specify the user ID for a new database user. |
-- |
Input |
R |
|
common.passwordFilePath |
Password File Path (remote) |
Specify the full path of the text file that includes the password. |
-- |
Input |
R |
|
database.dbPrivilege |
Database privileges |
Use commas to separate the listed privilege names to be granted to the new database user. |
-- |
Input |
O |
|
common.returnValue |
Return value for the plugin |
The return value of this plugin stored. |
-- |
Output |
O |