User Accounts in the Recovery Appliance Environment

The central components of a Recovery Appliance environment are the protected databases, Recovery Appliance, and Cloud Control. Table 2-1 summarizes the most important user accounts in the environment.

Table 2-1 User Accounts in the Recovery Appliance Environment

Component	Account Type	User Name	Description
Cloud Control	Cloud Control super-user	`SYSMAN`	This application account exists by default. Its purpose is to administer Cloud Control itself, and is not directly related to managing a Recovery Appliance or protected databases.
Cloud Control	Cloud Control administrator	User-Specified	A Cloud Control user account that has been granted the roles and privileges needed to manage a specific protected database or a specific Recovery Appliance. Multiple Cloud Control administrative accounts may exist, depending on your business requirements.
Recovery Appliance	Recovery Appliance metadata database super-user	`SYS`	`SYS` can create Recovery Appliance user accounts, but typically is not otherwise used for managing Recovery Appliance.
Recovery Appliance	Recovery Appliance administrator	`RASYS`	This database account owns the Recovery Appliance schema, which includes the RMAN recovery catalog and the `DBMS_RA` PL/SQL package (see DBMS_RA Package Reference). The `RASYS` user name is fixed and cannot be changed. `RASYS` does not have the privileges required to create database user accounts.
Recovery Appliance	Recovery Appliance user account	User-Specified	This account has authority to send and receive backups for databases registered with the Recovery Appliance, and to manipulate recovery catalog metadata for these databases. This is also the account to use to send redo data from a protected database to the Recovery Appliance. Unlike `RASYS`, a Recovery Appliance user account has no administrative capabilities in the Recovery Appliance. Typically, a Recovery Appliance metadata database contains multiple Recovery Appliance user accounts. These accounts are created when configuring access for protected databases (see Configuring Recovery Appliance for Protected Database Access). Every Recovery Appliance user account owns a virtual private catalog. The catalog owner can access and modify only those rows in the recovery catalog that pertain to the databases to which it has been granted access. The catalog user name for this is referenced in an RMAN `CONNECT CATALOG` command.
Protected Database	Protected database backup administrator	User account with `SYSBACKUP` privileges (or `SYSDBA` for releases in which `SYSBACKUP` is not supported)	This account has the privileges to back up, restore, and recover a protected database. This is the database user name that is referenced in an RMAN `CONNECT TARGET` command.

Figure 2-2 depicts the relationship between RASYS and two Recovery Appliance user accounts. In this example, each Recovery Appliance user account owns a separate virtual private catalog. Note that RASYS, as owner of the Recovery Appliance schema, is also the owner of the RMAN recovery catalog.

Figure 2-2 RASYS and Recovery Appliance User Accounts

Description of "Figure 2-2 RASYS and Recovery Appliance User Accounts"