Neoview User Management and Security Administration Guide (R2.5)

ManualsBrandsHP ManualsSoftwareHP Neoview Release 2.5 Software

100

You may not delete the role ROLE.DBA, ROLE.MGR, or ROLE.SECMGR. (The only predefined

database role you can delete is ROLE.USER.) You also may not delete a role that is currently

granted to one or more users or a role that has database permission currently granted to it. Before

deleting a role, revoke the role from any user who has it, and revoke any database privileges

that had been assigned to the role.

Table 5-3 Deleting a Role

CommentRangeInitial ValueField Name (HPDM)Parameter Name (NCI)

name has 1–8

alphanumeric

characters, the first of

which must be

alphabetic.

ROLE.name

NANA (select from list)ROLE

For a description of the NCI DROP ROLE command, see “DROP ROLE Command (database

roles)” (page 117). For more information about deleting a role in HPDM, see the HPDM Online

Help.

Adding a Database User

You can use either the NCI CREATE USER command or the HPDM Add Database User dialog

to add a new database user or register a user already defined on an external directory server.

You can also use the HPDM Add Multiple Database Users dialog to register multiple users with

the same roles. Another benefit of using HPDM is that you can assign multiple roles to the same

database user in the same operation; the NCI CREATE USER command lets you specify only the

user's default role.

Most database users must be added or registered on Neoview by someone logged on in the role

ROLE.MGR. However:

• A user logged on as ROLE.MGR may not add or register a database user with the role

ROLE.SECMGR.

• A user logged on as ROLE.SECMGR may add or register only a user whose role is

ROLE.SECMGR.

Creation parameters vary according to whether the user will be locally or remotely authenticated.

Specifically, parameters related to passwords are relevant only to locally authenticated users,

because passwords of remotely authenticated users are managed on the external server.

If you wish to convert a locally authenticated database user to be a remotely authenticated

database user:

1. Make note of the existing user's role(s).

2. Drop the user.

3. Create the user on the external directory server, if he or she is not yet defined there.

4. Register the user on the Neoview platform.

5. Assign the user the same roles he or she previously had.

If you wish to convert a remotely authenticated database user to a locally authenticated database

user, you must:

1. Make note of the existing user's role(s).

2. Drop the user from the Neoview platform.

3. Add the user as a locally authenticated user on the Neoview platform.

4. Assign the user the same roles he or she previously had.

If you follow these steps, the new user will inherit all database objects and privileges pertaining

to the previous user.

User Management Tasks 99