Bookshelf Home | Contents | Index | PDF     

Siebel Installation Guide for Microsoft Windows: Servers, Mobile Web Clients, Tools > Installing the Siebel Database Server > Siebel Database Server Installation >

Creating Tableowner and Administrator Accounts

Create the tableowner and administrator accounts according to the guidelines provided for each database platform in this section.

Oracle

Before configuring the Siebel Database Server, your database administrator must review and modify (if necessary) the grantusr.sql script. The administrator must then execute the grantusr.sql script against your Siebel Database Server to create the Siebel tableowner (default: SIEBEL), Siebel administrator (default: SADMIN), LDAPUSER accounts, and the role SSE_ROLE, and grant them the appropriate privileges.

Before executing grantusr.sql, the database administrator should copy the following command in the script, so it is defined once for each tablespace (for data or indexes) in your Siebel implementation:

alter user SIEBEL quota unlimited on tablespace_name;

If necessary, the quota value can be adjusted to an appropriate value for each corresponding tablespace.

The grantusr.sql script is located in the SIEBEL_ROOT\DBSRVR\ORACLE subdirectory.

The grantusr.sql script performs the following functions:

  • Creates the role SSE_ROLE and grants create session privilege to this role.
  • Creates the user SIEBEL (the Siebel tableowner) and grants other appropriate privileges to SIEBEL.
  • Creates the users SADMIN and LDAPUSER and grants the role SSE_ROLE to them.

The default user name and password for the logon are listed in the grantusr.sql script. If you want another logon, edit the grantusr.sql script and change all the references to your preferred name. However, keep in mind that the length and allowable characters for the login ID and password depend on the rules of your underlying RDBMS platform. For instructions, see your Oracle documentation.

CAUTION:  It is strongly recommended not to change the name of the Siebel administrator account, SADMIN. This account must be created for you to log onto Siebel eBusiness Applications as the Siebel administrator. For information about changing the password for this account, see the Security Guide for Siebel eBusiness Applications.

To run the grantusr.sql script on Oracle

  1. Run the grantusr.sql script from SQL*Plus, using an account with DBA privileges, and using the following command:

    @c:\SIEBEL_ROOT\dbsrvr\oracle\grantusr.sql

    NOTE:  You must specify the full path to the file above.

  2. Type the tablespace name listed in Deployment Planning Worksheet.

DB2

Your database administrator must manually create the Siebel tableowner account (default: SIEBEL), the Siebel administrator account (default: SADMIN), and the SSE_ROLE group. The database administrator must then add the Siebel administrator account to the SSE_ROLE group at the operating system level.

After your database is created and before it is configured, execute the grantusr.sql script against your database server to grant the appropriate privileges to these users. The grantusr.sql script must be run before you configure the Siebel Database Server. The grantusr.sql script is located in the SIEBEL_ROOT\DBSRVR\DB2UDB subdirectory.

Your database administrator should review and run this script, which performs the following functions:

  • Grants DBA administration (DBADM) privileges to tableowner SIEBEL.
  • Grants CONNECT privileges to the SSE_ROLE.

You cannot create the LDAPUSER account by running grantusr.sql. This account must belong to the SSE_ROLE group and be created by the database administrator or the Windows network administrator, as appropriate. For more information about LDAP security adapter authentication, see Security Guide for Siebel eBusiness Applications.

CAUTION:  It is strongly recommended not to change the name of the Siebel administrator account, SADMIN. This account must be created for you to log onto Siebel eBusiness Applications as the Siebel administrator. For information about changing the password for this account, see the Security Guide for Siebel eBusiness Applications.

To run the grantusr.sql script on DB2

  1. Execute the grantusr.sql script from a DB2 Command Window, using an account with DBA privileges.

    The usual DB2 System Administration account will be called db2admin for this procedure.

    CAUTION:  Be sure to use the Command Window, not the Command Line Processor, to enter these commands, because the Command Line Processor window uses different syntax. The commands in this procedure do not work unless issued in a Command Window.

  2. Enter the following commands:

    db2 connect to DB2database_alias user instance_owner_username using password

    db2 -vf SIEBEL_ROOT\DBSRVR\DB2UDB\grantusr.sql

    where:

    DB2database_alias = The DB2 alias you use

    instance_owner_username = The login ID of the instance owner

    password = The password for the database instance (length and allowable characters depend on the rules of your underlying RDBMS platform)

    SIEBEL_ROOT = The full path to the Siebel root directory

    The script prompts you for the default tablespace in which your Siebel objects are to be created.

  3. Enter the tablespace name you recorded in the copy you made of Deployment Planning Worksheet and then exit.

Before starting configuration, proceed to Installing the Stored Procedures and User-Defined Functions on DB2.

MS SQL Server

Your database administrator must run the grantusr.sql script to set up minimum security so that the Siebel installation can start. Your database administrator should review, modify, and run the grantusr.sql script before you configure the Siebel Database Server. The grantusr.sql script is located in the SIEBEL_ROOT\DBSRVR\MSSQL subdirectory.

The grantusr.sql script performs the following:

  1. Creates logins for SADMIN (Siebel administrator), SIEBEL (Tableowner), and LDAPUSER.
  2. Creates users for each of these logins, except for SIEBEL, which will be turned into a dbo by the stored procedure sp_changedbowner.
  3. Grants SSE_ROLE to each user, except dbo.

To change the login or the name of the database, edit the grantusr.sql script to change all references to the login or the database name. (The length and allowable characters of the login ID and password depend on the rules of your underlying RDBMS platform. See your Microsoft documentation for instructions.)

CAUTION:  It is strongly recommended not to change the name of the Siebel administrator account, SADMIN. This account must be created for you to log onto Siebel eBusiness Applications as the Siebel administrator. For information about changing the password for this account, see the Security Guide for Siebel eBusiness Applications.

To run the grantusr.sql script on MS SQL Server

  1. Open grantusr.sql in MS Query Analyzer.
  2. Execute the script.
Tableowner and Administrator Account for Siebel Marketing

If you are planning to use Siebel Marketing, grant drop table, drop index, create table, and create index rights at the database level within the OLTP schema to the tableowner or the database user ID used for Siebel Marketing. For more information, see Siebel Marketing Installation and Administration Guide.

    
Siebel Installation Guide for Microsoft Windows: Servers, Mobile Web Clients, Tools