Siebel Installation Guide for UNIX: Servers, Mobile Web Clients, Tools > Installing the Siebel Database Server and Configuring the Siebel Database >

Creating Table Owner and Administrator Accounts

Create the table owner and administrator accounts according to the guidelines provided for each database platform in this section.

NOTE:  For each database platform described in this section, if you are planning to use Siebel Marketing, also grant drop table, drop index, create table, and create index rights at the database level within the OLTP schema to the table owner or the database user ID used for Siebel Marketing. For more information, see the Siebel Marketing Installation and Administration Guide.

CAUTION:  It is strongly recommended not to change the name of the Siebel administrator account, SADMIN. This account must be created for you to log onto Siebel Business Applications as the Siebel administrator. For information about changing the password for this account, see the Security Guide for Siebel Business Applications.


Your database administrator must manually create the Siebel table owner account (default: SIEBEL), the Siebel administrator account (default: SADMIN), and the sse_role group. The database administrator must then add the Siebel administrator account to the sse_role group at the operating system level.

You can add users to the installation group sse_role group and permit them to use administrative commands to start, stop or otherwise administer the Siebel Server or components. However, you must change the permissions on the directory to enable write access, using the following command:

chmod -R 775 $SIEBEL_ROOT

NOTE:  On Solaris, the sse_role group cannot be created using the admintool, due to the use of an underscore in the name. Instead, use the command groupadd sse_role to create the sse_role group and ignore the warning: groupadd: sse_role name should be all lower case or numeric.

After your database is created and before it is configured, execute the grantusr.sql script against your database server to grant the appropriate privileges to these users. The grantusr.sql script must be run before you configure the Siebel Database. The grantusr.sql script is located in the $SIEBEL_ROOT/dbsrvr/db2udb subdirectory.

Your database administrator should review and run this script, which performs the following functions:

  • Grants the appropriate permissions to the Siebel table owner account that will own all the database objects for your Siebel deployment.
  • Creates a role (sse_role) with create session privileges.

You cannot create the LDAPUSER account by running grantusr.sql. This account must belong to the sse_role group and be created by the database administrator or the UNIX network administrator, as appropriate. For more information about LDAP security adapter authentication, see the Security Guide for Siebel Business Applications.

To run the grantusr.sql script on DB2 UDB

  1. Run the grantusr.sql script, using an account with DBA privileges.

    The usual DB2 System Administration account will be called db2inst1 for this procedure.

  2. Enter the following commands:

    db2 connect to DB2database_alias user instance_owner_username using password

    db2 -vf $SIEBEL_ROOT/dbsrvr/db2udb/grantusr.sql


    • DB2database_alias = The DB2 alias you use
    • instance_owner_username = The login ID of the instance owner
    • password = The password for the database instance (length and allowable characters depend on the rules of your underlying RDBMS platform)
    • $SIEBEL_ROOT = The full path to the Siebel root directory

      The script prompts you for the default table space in which your Siebel objects are to be created.

  3. Enter the table space name you recorded in the copy you made of Deployment Planning Worksheet.


Before configuring the Siebel Database, your database administrator must review and modify (if necessary) the grantusr.sql script. The administrator must then execute the grantusr.sql script against your Siebel Database to create the Siebel table owner (default: SIEBEL), Siebel administrator account (default: SADMIN), LDAPUSER account, and the role sse_role, and grant them the appropriate privileges.

Before executing grantusr.sql, the database administrator should copy the following command in the script, so it is defined once for each table space (for data or indexes) in your Siebel implementation:

alter user SIEBEL quota unlimited on table_space_name;

If necessary, the quota value can be adjusted to an appropriate value for each corresponding table space.

The grantusr.sql script is located in the $SIEBEL_ROOT/dbsrvr/oracle subdirectory.

The grantusr.sql script performs the following functions:

  • Creates the role sse_role and grants create session privilege to this role.
  • Creates the user SIEBEL (the Siebel table owner) and grants other appropriate privileges to SIEBEL.
  • Creates the users SADMIN (the Siebel administrator) and LDAPUSER and grants the role sse_role to them.

The default user name and password for the logon are listed in the grantusr.sql script. If you want another logon, edit the grantusr.sql script and change all the references to your preferred name. However, keep in mind that the length and allowable characters for the login ID and password depend on the rules of your underlying RDBMS platform. For instructions, see your Oracle documentation.

To run the grantusr.sql script on Oracle

  1. Run the grantusr.sql script from SQL*Plus, using an account with DBA privileges, and using the following command:


    NOTE:  You must specify the full path to the file above.

  2. Type the table space name listed in Deployment Planning Worksheet.
Siebel Installation Guide for UNIX: Servers, Mobile Web Clients, Tools