Role Dialog

User Guide > User Guide > Administering Users, Groups, Roles, and Profiles > Creating Users, Groups, Roles, and Profiles > Role Dialog

Was this helpful?

Role Dialog

You use the Role dialog to create or modify user roles. A role allows you to associate privileges with applications. Only users who have been granted access to a role can perform the actions that role enables.

You can access this dialog to create a new role in the following ways:

• From the Roles folder context menu: New Role

• From an existing role node context menu: New Role

• From the Database menu tab: Role, New Role (see Database Tab)

For more information, see Create a Role.

You can access this dialog to modify an existing role from an existing role node context menu: Modify.

The Role dialog contains the following pages:

• General—see General Page (Role)

• Privileges—see Privileges Page (Role)

• Grantees—see Grantees Page (Role)

• Access—see Access Page (Role)

• Options—see Options Page (Role)

The dialog contains the following controls:

OK button

Creates the specified role

Cancel button

Closes the dialog without saving any changes

General Page (Role)

The General page of the Role dialog lets you define core user role configuration information. The General page contains the following fields:

Name

Specifies a name for the role

Note: You cannot create a role if the role name is disallowed. Disallowed names include all privileged names (for example, db_admin).

Set DBMS Password

(Actian Vector 3.0 or higher) Specifies that user authentication is achieved through the DBMS. The first time this option is selected for a user, a warning message appears.

Selecting this option makes it unnecessary to add an operating system user every time a new user needs access to a database. A user who is appropriately defined in the database can access the database using a valid Actian Vector user name and password. The user does not need to be defined at the operating system level or in a global directory.

Note: Selecting this option prevents the user from connecting to a DBMS server that is not configured to perform DBMS authentication.

For complete information, see “DBMS Authentication” in the Actian Vector User Guide.

New Password

Specifies the password for the user. This field is enabled only if the Set DBMS password option is selected.

Confirm Password

Confirms the password for the user. This field is enabled only if the Set DBMS password option is selected.

Privileges Page (Role)

The Privileges page of the Role dialog lets you assign privileges that are applied to the user role, regardless of the database to which users are connected. For any privilege, select the Active By Request check box to apply the privilege to users.

You can assign the following privileges to a user role:

Create Database

Enables users to create and destroy databases

Set Trace Flags

Enables users to access tracing and debugging features

Security Administrator

Enables users to perform security-related operations, such as impersonating other users, and to avoid certain security checks, such as database privilege checks

Operator

Enables users to perform database backups and other maintenance operations

Auditor

Enables users to query the security audit log

Maintain Locations

Enables users to manage database and file locations

Maintain Security Audit

Enables users to control what information is written to the security audit log

Maintain Users

Enables users to perform various user-related functions, such as creating users and roles

Grantees Page (Role)

The Grantees page of the Roles dialog lets you assign users to the role.

Note: To assign a user to the role, you must create the user first. For more information, see Create a New User.

For new roles, no users are selected. For existing roles, any users currently assigned are checked.

Access Page (Role)

The Access page of the Role dialog lets you specify the non-granted databases that users have access to. This provides access to databases that are not public and for which the selected default role is not granted access.

The Access page lists all the non-granted databases in the installation. Selecting a check box grants the user role access to that database. Selecting “The role has access to the entire installation” checks all of the non-granted databases.

Options Page (Role)

The Options page of the Role dialog contains all other miscellaneous configuration information. The Options page contains the following fields pertaining to security auditing:

All Events

Specifies whether security auditing is enabled for all events

Query Text

Specifies whether security auditing is enabled for query text

Last modified date: 04/24/2023