User Group in 11gr2

Previous Article "errors caused by Oracle user group errors
"An error occurred due to the user group permissions in 11gr2. In this article, we will summarize the user groups in 11gr2.

 

User Group in 11gr2:

 

Description	OS group name	OS users assigned to this group	Oracle Permissions	Oracle group name
Oracle list and software owner	Oinstall	Grid, Oracle
Oracle Automatic Storage Management Group	Asmadmin	Grid	Sysasm	Osasm
ASM Database Administrator Group	Asmdba	Grid, Oracle	Sysdba of ASM	Osdba for ASM
ASM operator Group	Asmoper	Grid	Sysoper of ASM	Osoper for ASM
Database Administrator	DBA	Oracle	Sysdba	Osdba
Database Operator	Bytes	Oracle	Sysoper	Osoper

 

• Oracle List Group (generallyOinstall
  )

  Oinstall
  Members of the group are considered as "owners" of Oracle software and have write permissions on Oracle central list (orainventory. When Oracle software is installed on a Linux system for the first time, oui creates/Etc/orainst. Loc
  File. This file specifies the name of the Oracle List Group (default:Oinstall
  ) And the path of the Oracle central list directory.

  If the orainventory group does not exist, by default, the installer lists the master Group of the installation owner of the Cluster's grid infrastructure as the orainventory group. Make sure that all planned Oracle software installation owners use this group as the master group. For this guide, you mustGrid
  AndOracle
  The installation owner is configuredOinstall
  As the main group.

This is critical. In 11gr2, RAC is installed differently than 10 Gb. RAC is replaced with grid infrastructure. If a grid user is added, orainventory needs to be accessible by the oinstall user group in both components.

 

• Oracle Automatic Storage Management Group (generallyAsmadmin
  )

  This group is required. If you want the Oracle ASM administrator and Oracle Database Administrator to belong to different management permission groups, you can create this group separately. In the Oracle document,Osasm
  A group is an operating system group with permissions granted to its members. In the code example, A group is created to grant this permission. The group name isAsmadmin
  .

  Osasm
  Members of the Group can use SQLSysasm
  Identity to connect to an oracle ASM instance.Sysasm
  The permission is in Oracle ASM 11G
  Introduced in version 1st (11.1), now in Oracle ASM 11G
  In version 2nd (11.2), the permission has been obtained fromSysdba
  Permissions are completely separated.Sysasm
  Permissions are no longer granted to RDBMS instances. UseSysasm
  Permission substitutionSysdba
  Permissions are used to provide system permissions at the storage layer, which makes the division of responsibility between ASM management and database management clear and helps prevent different databases with the same storage from inadvertently overwriting files of other databases.Sysasm
  Permission allows you to mount and detach a disk group and perform other storage management tasks.

   

• ASM Database Administrator group (osdba for ASM, generallyAsmdba
  )

  The members of the ASM Database Administrator group (osdba for ASM) areSysasm
  A subset of permissions that has read and write permissions on the files managed by Oracle ASM. Grid infrastructure installation owner (Grid
  And all Oracle database software owners (Oracle
  Must be a member of this group, and all files that have the right to access the Oracle ASM management and have the databaseOsdba
  The user of the member relationship must be ASM'sOsdba
  Group member.

   

• ASM operator group (osoper for ASM, usuallyAsmoper
  )

  This group is optional. If you need to create a group of operating system users with limited Oracle ASM instance management permissions (sysoper permission of ASM, including the permission to start and stop Oracle ASM instances. By default,Osasm
  The group members will haveSysoper
  All permissions granted.

  Use the ASM operator group to create an ASM Administrator group (the Group has more permissions than the defaultAsmadmin
  To install grid infrastructure software, you must select the advanced installation type. In this case, oui prompts you to specify the group name. In this Guide, the group isAsmoper
  .

  If you want to have an osoper for ASM group, the grid infrastructure software owner of the cluster (Grid
  Must be a member of this group.

   

• Database Administrator (osdba, generallyDBA
  )

  Osdba
  Members of the Group can use SQLSysdba
  Identity to connect to an oracle instance. Members of this group can perform key database management tasks, such as creating databases, starting and disabling instances. The default group name isDBA
  .Sysdba
  System permissions allow access to database instances even if the database is not opened. This permission is beyond the control of the database itself.

  Do not confuseSysdba
  System permissions and database rolesDBA
  .DBA
  Roles not includedSysdba
  OrSysoper
  System permissions.

   

• Database operator group (osoper, usuallyBytes
  )

  Osoper
  Members of the Group can use SQLSysoper
  Identity to connect to an oracle instance. Members of this optional group have limited database management permissions, such as managing and running backups. The default group name isBytes
  .Sysoper
  System permissions allow access to database instances even if the database is not opened. This permission is beyond the control of the database itself. To use this group, select the advanced installation type to install the Oracle database software.

 

Oracle Technology Forum
Http://www.oraforum.net