Siebel Database Account Authorizations

Before installing and configuring the Siebel database, the DBA must create the following database accounts:

Table owner (Siebel schema owner) account
The table owner is the Siebel schema owner, that is, the user account assigned to the schema that owns the Siebel database objects. Privileges required for this account include DBA administration (DBADM) privileges.
Siebel security group authorization account
Specify a security group ID, for example, SSEROLE, for client access to the Siebel database. The security group ID is also referred to as the secondary authorization ID.
Siebel administrator account
The Siebel administrator account, for example, SADMIN, must be added as a member of the Siebel security group.

Note: The password assigned to the table owner and Siebel administrator accounts must not be the same as the user name specified for these accounts. To increase the security of your Siebel implementation, it is also recommended that you change the password of the Siebel administrator account regularly. For information on this task, see Siebel Security Guide.

The following table lists the authorizations that the database accounts created for Siebel CRM might need. Your enterprise might have unique role names that it assigns with the authorities listed in this table. Therefore, the role names in the following table are examples only.

Task Role Authorization Required Task Command Example

Task	Role	Authorization Required	Task Command Example
Performing the following actions on Siebel tables: Delete Insert Select Update	Siebel group ID (for example, SSEROLE group).	Table privileges are granted automatically during the installation of the Siebel database.	`GRANT ALL ON TABLE S_SSA_ID TO SSEROLE;`
Setting the current SQL ID	Schema qualifier group or individual ID, for example, SIEBTO.	This user owns the schema objects (created by the database administrator) that are used during the installation of Siebel CRM.	`SET CURRENT SQLID=’SIEBTO’;`
Performing server functions, such as: Runstats Generate triggers	Siebel administrator group, for example, SADMIN.	This user is: A member of the generic user role A member of the Resource Access Control Facility (RACF) group, or of another security package group, selected to act as administrator A Siebel database administrator (SIEBDBA)	`RUNSTATS TABLESPACE D0010677.H0677000 TABLE(SIEBEL.S_CONTACT)FREQVAL COUNT 10` `CREATE TRIGGER SIEBEL.PTH0477` `NO CASCADE BEFORE INSERT ON` `REFERENCING NEW AS N` `FOR EACH ROW MODE DB2 SQLWHEN (` `N.ROW_ID IS NOT NULL)` `BEGIN ATOMIC` `SET N.PARTITION_COLUMN = RIGHT(N.ROW_ID, 2)`; `END`

Performing the following actions on Siebel tables:

Delete
Insert
Select
Update

Siebel group ID (for example, SSEROLE group).

Table privileges are granted automatically during the installation of the Siebel database.

GRANT ALL ON TABLE S_SSA_ID TO SSEROLE;

Setting the current SQL ID

Schema qualifier group or individual ID, for example, SIEBTO.

This user owns the schema objects (created by the database administrator) that are used during the installation of Siebel CRM.

SET CURRENT SQLID=’SIEBTO’;

Performing server functions, such as:

Runstats
Generate triggers

Siebel administrator group, for example, SADMIN.

This user is:

A member of the generic user role
A member of the Resource Access Control Facility (RACF) group, or of another security package group, selected to act as administrator
A Siebel database administrator (SIEBDBA)

RUNSTATS TABLESPACE D0010677.H0677000 TABLE(SIEBEL.S_CONTACT)FREQVAL COUNT 10

CREATE
TRIGGER SIEBEL.PTH0477

 NO CASCADE BEFORE INSERT
ON

REFERENCING NEW AS N

 FOR EACH
ROW MODE DB2 SQL

WHEN (

N.ROW_ID
IS NOT NULL)

BEGIN ATOMIC

SET N.PARTITION_COLUMN = RIGHT(N.ROW_ID, 2);

END