Users and Permissions
This topic provides answers to some frequently asked questions on HCL OneDB™ Explore users and permissions.
What’s the difference between monitoring/admin credentials and Read/SQL/Admin permissions?
The monitoring and admin credentials are used by the HCL OneDB Explore server itself as part of the JDBC connection whenever it needs to connect to the database server. The Read, SQL, and Admin permissions are those that are assigned to users in the tool and therefore control what users can see and do in the UI.
-
Monitoring and admin credentials
When you click Add Server from a group dashboard page to add a new Informix database server to OneDB Explore, you are asked to provide the HCL OneDB Explore tool with not only the host and port, but also user and password information that will be used when establishing a JDBC connection to that database server instance.
The monitoring credentials are used by the HCL OneDB Explore server whenever it needs to query for data to be displayed in the UI or by the HCL OneDB Explore agent data it monitors your database server instance.
The admin credentials are used whenever a user in the UI requests that an administration action be performed on the database server, for example creating a dbspace, editing an onconfig parameter, or deploying an agent. The user provided for the admin credentials should be a DBSA and needs access to the sysadmin database and permissions to run SQL Admin API commands on the database server.
The required privileges for the monitoring and admin users can also be found in Adding Severs and Groups.
It is required that you provide monitoring credentials when adding your Informix database server information to HCL OneDB Explore. Admin credentials need only be provided if you want to use HCL OneDB Explore to run administrative actions on your database server or if you want that server to be used as a repository database.
-
Read, SQL, and Admin permissions
The Read, SQL, and Admin permissions are the permissions assigned to the users that are created in HCL OneDB Explore itself. These permissions determine what kinds of access that a user has on various Informix servers and groups in the UI and also which REST services that user is authorized to run. Therefore, these permissions control what each user can see or do in the tool.
Read permission provides the ability to view information about a server. SQL permission provides the ability to run any SQL query or statement (including DML) against the database server on its Schema Manager page in the UI. Admin permission provides the ability run administrative actions on the server, for example creating a dbspace or editing and onconfig parameter. Read, SQL, and Admin permissions are mutually exclusive, so be sure to grant each user the full set of permissions that they will need.
Read, SQL, and Admin permissions can be granted to OneDB Explore users by a System Administrator user in HCL OneDB Explore on the System Settings > User Management page or on the Permissions page for any server or group.
What privileges are required on the HCL OneDB database server?
The required privileges for the monitoring and admin users can be found in Adding Severs and Groups.
Is there any relationship between the users I create in HCL OneDB Explore and OS users?
There is no relationship between the users you create in HCL OneDB Explore and the operating system users on the host machine it is running on. Users that are created in OneDB Explore are users that are specific to the HCL OneDB Explore tool. They have no relationship to operating system users or even HCL OneDB database server users.