Oracle Globally Distributed Database Users and Roles

Overview of Users and Roles

In Oracle Globally Distributed Database some types of users require certain roles and privileges.

For sharded databases there are three kinds of users:

Sharded database/GSM administrator - Grant this user the GSMADMIN_ROLE role. This role should be granted to one, or only a few accounts, that require elevated privileges to do administrative tasks. This role has a number of powerful privileges, including ALTER SYSTEM.
Sharded database schema owner - Grant this user the SHARDED_SCHEMA_OWNER role. This role should be granted only to accounts which own a sharded database schema. The role only has enough privileges to allow the account to manage their own schema for various sharded operations, for example, "select any table" would not be a privilege this role has.
Regular sharded database user - This type of user includes any account which has been created under ENABLE SHARD DDL; these users have no special privileges or roles except those needed to run a sharded application. The database administrator decides which privileges these accounts need, and grants them individually to the account.

Oracle Globally Distributed Database Roles

Oracle Globally Distributed Database provides a set of predefined database roles to help in sharded database administration.

Most of the Oracle Globally Distributed Database roles don't have many privileges, but they do have execute rights on certain Oracle-delivered procedures and packages which allow them to perform administrative tasks.

Predefined Role	Description
`GSMADMIN_ROLE`	Should be granted to Oracle Globally Distributed Database administrators, so that they can administer the Oracle Globally Distributed Database configuration
`SHARDED_SCHEMA_OWNER`	Provides privileges for Oracle Globally Distributed Database schema owners to perform administrative tasks on their own schema
`GSMCATUSER_ROLE`	Granted only the Oracle delivered account `GSMCATUSER` for internal use
`GSMROOTUSER_ROLE`	Granted only to Oracle delivered account `GSMROOTUSER` for internal use
`GSMUSER_ROLE`	Granted only to Oracle delivered account `GSMUSER` for internal use

For more information about database roles, see Predefined Roles in an Oracle Database Installation.

About the GSMUSER Account

The GSMUSER account is used by GDSCTL and shard directors (global service managers) to connect to databases in an Oracle Globally Distributed Database configuration.

This account need to be unlocked for both the CDB and PDB.

GSMUSER exists by default on any Oracle database. In an Oracle Globally Distributed Database configuration, the account is used to connect to shards instead of pool databases, and it must be granted both the SYSDG and SYSBACKUP system privileges after the account has been unlocked.

The password given to the GSMUSER account is used in the gdsctl add shard command. Failure to grant SYSDG and SYSBACKUP to GSMUSER on a new shard causes gdsctl add shard to fail with an ORA-1031: insufficient privileges error.

About the GSMROOTUSER Account

GSMROOTUSER is a database account specific to Oracle Globally Distributed Database that is only used when pluggable database (PDB) shards are present. The account is used by GDSCTL and global service managers to connect to the root container of container databases (CDBs) to perform administrative tasks.

If PDB shards are not in use, the GSMROOTUSER user should not by unlocked nor assigned a password on any database. However, in sharded configurations containing PDB shards, GSMROOTUSER must be unlocked and granted the SYSDG and SYSBACKUP privileges before a successful gdsctl add cdb command can be run. The password for the GSMROOTUSER account can be changed after deployment if desired using the alter user SQL command in the root container of the CDB in combination with the gdsctl modify cdb -pwd command.