Corporation Network Router User Manual
Introduction to Enterprise User Security
Getting Started with Enterprise User Security 11-17
Administrative Groups
An identity management realm contains administrative groups that are related to
Enterprise User Security. Figure 11–3 shows these administrative groups in a realm
in the triangle labeled "Groups." Each administrative group includes an Access
Control Lists (ACLs) that controls access to the group itself. ACLs elsewhere in the
directory may refer to these groups, which allows directory administrators access to
perform necessary administrative tasks. The administrative user who creates the
realm automatically becomes the first member of each of these groups, thus gaining
the associated privileges provided by each group, but can be removed.
The relevant administrative groups in a realm are described in Table 11–2 on
page 11-18.
See Also:
■ "How Enterprise Users Are Mapped to Schemas" on page 11-20
■ "Managing Enterprise Domain Database Schema Mappings" on
page 13-20
Note: Observe the following practices. Using other methods may
break the security configuration for Enterprise User Security objects
and may break enterprise user functionality as well.
■ Do not modify the ACLs for the objects contained in a realm
Oracle Context. Modified realm Oracle Context object ACLs are
not supported.
■ Use only Oracle tools, such as Enterprise Security Manager
Console, Enterprise Security Manager, and Database
Configuration Assistant, to modify Enterprise User Security
directory entries.