By default, all the Software Library folders and entities that are offered with the product are viewable by all the Enterprise Manager users. Fine grained privileges provide a way to control user access to the different entities in the Software Library. Administrators by default do not have any Software Library privileges, it is for the Super Administrator to grant access, privileges to an Administrator.
Note:
To run any procedure on a Windows host which involves executing some Software Library entities (for example, directive scripts), you (the Windows user) must be granted the following privileges:
Act as part of the operating system
Adjust memory quotas for a process
Logon as batch job
Replace a process level token
If not, the execution of the directive steps in the procedure may fail.
Software Library user roles can be broadly classified as:
Designers are administrators who perform design time tasks such as setting up Software library, migrating entities, granting privileges to the Operators, deleting entities, and so on. They can perform both design time activities and run-time activities that the Operator can perform. Designers in Enterprise Manager Cloud Control can be granted Super Administrator role or the EM_PROVISIONING_DESIGNER role which allows him to create and maintain any Software Library entity.
Operators are administrators who can perform run-time activities like deleting entities, changing the maturity status, and so on. Operators are typically granted roles like EM_PROVISIONING_OPERATOR or EM_PATCH_OPERATOR and so on.
Any Enterprise Manager user requires, at the very least, a view privilege on an entity for the entity to be visible on the Software Library Home page. Users will not be able to see this entity until the Super Administrator or the owner of the entity grants them at least a view privileges on the entity.
Note:
All the folders and entities that are offered along with the product also known as the Oracle-owned entities, by default are viewable by all the Enterprise Manager users.
Administrator by default do not have any Software Library privileges, it is for the Super Administrator, to grant access, privileges to an Administrator. Table 22-1 describes all the available Software Library privileges that can be granted to a user or role.
Users and roles can be granted privileges on specific entities by the owner of the entity or the Super Administrator. For more details, see Oracle Enterprise Manager Administrator's Guide for Software and Server Provisioning and Patching.
Table 22-1 Software Library Privileges for Administrators
| Resource Type | Description |
|---|---|
|
View any Template Entity |
Ability to view any Template Entity |
|
Export Any Software Library Entity |
Ability to export any Software entity |
|
Edit any Software Library Entity |
Ability to edit any Software Library entity |
|
Manage Any Software Library Entity |
Ability to create, view, edit, and delete any Software Library entity |
|
Import Any Software Library Entity |
Ability to import any Software Library entity |
|
Create Any Software Library Entity |
Ability to create any Software Library entity |
|
View Any Software Library Entity |
Ability to view any Software Library entity |
|
View Any Assembly Entity |
Ability to view any Assembly entity |
|
Grant Any Entity Privilege |
Ability to grant view, edit, and delete privileges on any Software Library entity.This privilege is required if the user granting the privilege on any entity is not a Super Administrator or owner of the entity. |
Table 22-2 describes all the primary users of Software Library, and their associated privileges:
Table 22-2 Roles and Privileges
| Role | Software Library Privileges |
|---|---|
|
Super Administrator |
All Software Library Privileges |
|
|
Create Any Software Library Entity |
|
|
View Any Software Library Entity |
|
|
Create Any Software Library Entity View Any Software Library Entity |
|
|
Access Enterprise Manager |
Super Administrators have complete privileges on all the entities present in Software Library, and can exercise access control on the entities by granting one or more privileges, and later revoking the previously granted privilege to another user or role.
Designers by default are given create privileges, which allow them to create entities and manage them.
Operators by default are given view privileges, which allow them to view all the entities in Enterprise Manager Cloud Control.
Any Enterprise Manager user requires, at the very least, a view privilege on an entity for the entity to be visible on the Software Library console. The Super Administrator can choose to grant additional privileges described in Table 22-1 to the user or role. Users will not be able to see this entity till the Super Administrator grants them at least a view privilege on the entity.