Oracle Database B10772-01 Administrator's Manual page 301

See Also:
"How Enterprise Users Are Mapped to Schemas"
"Managing Enterprise Domain Database Schema Mappings"
page 13-20
Administrative Groups
An identity management realm contains administrative groups that are related to
Enterprise User Security.
in the triangle labeled "Groups." Each administrative group includes an
Control Lists (ACLs)
directory may refer to these groups, which allows directory administrators access to
perform necessary administrative tasks. The administrative user who creates the
realm automatically becomes the first member of each of these groups, thus gaining
the associated privileges provided by each group, but can be removed.
The relevant administrative groups in a realm are described in
page 11-18.
Observe the following practices. Using other methods may
Note:
break the security configuration for Enterprise User Security objects
and may break enterprise user functionality as well.
Do not modify the ACLs for the objects contained in a realm
Oracle Context. Modified realm Oracle Context object ACLs are
not supported.
Use only Oracle tools, such as Enterprise Security Manager
Console, Enterprise Security Manager, and Database
Configuration Assistant, to modify Enterprise User Security
directory entries.
Figure 11–3 shows these administrative groups in a realm
that controls access to the group itself. ACLs elsewhere in the
Getting Started with Enterprise User Security 11-17
Introduction to Enterprise User Security
on page 11-20
Access
Table 11–2
on
on