1. Security Guide for Oracle Exadata
  2. User Security on Oracle Exadata
  3. Creating Oracle Exadata System Software Users and Roles
  4. Overview of Creating Exadata System Software Users

3.5.1 Overview of Creating Exadata System Software Users

Oracle Exadata System Software users are required when running ExaCLI in on-premise or Oracle Cloud environments. ExaCLI enables you to manage cells remotely from compute nodes. When you run ExaCLI on a compute node, you need to specify a user name to use to connect to the cell node. The Management Server (MS) authenticates the user credentials, then performs authorization checks on the commands issued by the user. If the user does not have the proper privileges to run a command, MS returns an error.

The password security key is encrypted using Password-Based Key Derivation Function 2 (PBKDF2) with HMAC-SHA1.

The high-level steps for creating users and roles for use with Oracle Exadata System Software are:

  1. Create roles using the CREATE ROLE command.
  2. Grant privileges to roles using the GRANT PRIVILEGE command.
  3. Create users using the CREATE USER command.
  4. Grant roles to users using the GRANT ROLE command.

You can also revoke privileges from roles using the REVOKE PRIVILEGE command. To revoke roles from users, use the REVOKE ROLE command.

Parent topic: Creating Oracle Exadata System Software Users and Roles