About the OracleNetAdmins Group

7.2 About the OracleNetAdmins Group

To use Oracle Net Manager, you must be a member of the OracleNetAdmins group or the OracleContextAdmins group.

Oracle Net Configuration Assistant establishes these access rights for these groups during Oracle Context creation.

Parent topic: Managing Oracle Net Services

The following procedure describes how to add a user to the OracleNetAdmins group using the ldapmodify command:

Create an Lightweight Directory Interchange Format (LDIF) file that specifies that you want to add a user to the OracleNetAdmins group.

You can use the following sample LDIF file. Use the appropriate DN for cn=OracleNetAdmins and the user that you want to add.
```
dn: cn=OracleNetAdmins,cn=OracleContext,...
changetype: modify
add: uniquemember
uniquemember: DN of user being added to group
```
Enter the following command at the command line to refresh the file:
```
$ ldapmodify -h directory_host -p port -D binddn -q -f ldif_file
```
In the preceding command, directory_host is the directory server host, port is the listening TCP/IP port for the directory server, binddn is the directory administrator or user DN, and ldif_file is the input file name. If the port is not specified, then the default port of 389 is used. The -q option prompts for a single bind password.

Parent topic: About the OracleNetAdmins Group

The following procedure describes how to remove a user from the OracleNetAdmins group with the ldapmodify command:

Create an LDIF file that specifies that you want to delete a user to the OracleNetAdmins group.

You can use the following sample LDIF file. Enter the appropriate DN for cn=OracleNetAdmins and the user that you want to delete.
```
dn: cn=OracleNetAdmins,cn=OracleContext,...
changetype: modify
delete: uniquemember
uniquemember: DN of user being deleted from group
```
Enter the following command to delete the user:
```
$ ldapmodify -h directory_host -p port -D binddn -q -f ldif_file
```
In the preceding command, directory_host is the directory server host, port is the listening TCP/IP port for the directory server, binddn is the directory administrator or user DN, and ldif_file is the input file name. If the port is not specified, then the default port of 389 is used. The -q option prompts for a single bind password.

Parent topic: About the OracleNetAdmins Group

The following procedure describes how to add a group as an owner of an OracleNetAdmins group:

Create an LDIF file, as follows:
1. Specify the group you want to add as an owner.
  
  You can use the following sample LDIF file. Enter the appropriate DN for cn=OracleNetAdmins and the DN of the group that you want to add.
```
dn: cn=OracleNetAdmins,cn=OracleContext,... 
    changetype: modify 
    add: owner 
    owner: DN of group to add
```
  For example, the following LDIF syntax changes the ownership from the OracleNetAdmins group to another group named ExampleSecurityAdmins. The group can be either inside or outside Oracle Context.
```
dn: cn=OracleNetAdmins,cn=OracleContext,... 
     changetype: modify 
     add: owner 
     owner: cn=ExampleSecurityAdmins 
```
2. (Optional) Specify the group to delete as an owner.
```
dn: cn=OracleNetAdmins,cn=OracleContext,... 
    changetype: modify 
    delete: owner 
    owner: DN of group to delete
```
Enter the following command at the command line to refresh the file:
```
$ ldapmodify -h directory_host -p port -D binddn -q -f ldif_file
```
In the preceding command, directory_host is the directory server host, port is the listening TCP/IP port for the directory server, binddn is the directory administrator or user DN, and ldif_file is the input file name. If the port is not specified, then the default port of 389 is used. The -q option prompts for a single bind password to be entered.

Parent topic: About the OracleNetAdmins Group