Preface
Starting Data Archive
- Starting the ILM Application Server
- Configure Proxy Server Settings
- Logging In to Data Archive
System Configuration
- System Configuration Overview
- Conf.properties File
- System Profile
- Email Notification
  - Test Email Server Configuration Job
  - Setting Up Email Notification
- Environment Variables
Database Users and Privileges
- Database Users and Privileges Overview
- Database Users
- IBM DB2 Privileges
- SAP Application Retirement Privileges
  - ZINFA_RETIREMENT_PREPARATION Role
Source Connections
- Source Connections Overview
- Source Database Requirements
- Connection Properties
  - General Connection Properties
- IBM DB2 Source Connections
- Binding Packages on IBM DB2
- Generic JDBC Source Connections
  - Uploading JDBC Driver JAR Files
  - Generic JDBC Connection Properties
- Informix Source Connections
- Legacy Adapter Connection
- Microsoft SQL Server Source Connections
  - Creating an SSL Connection
- MongoDB Source Connections
- Netezza Source Connections
- Oracle Source Connections
- PowerExchange ODBC Connections
- Salesforce Source Connections
- Sybase Source Connections
- Teradata Source Connections
- Creating a Source Connection
- Copying a Source Connection
- Database User Password Changes
  - Properties File
  - Changing Database User Passwords
Target Connections
- Target Connections Overview
- Target Database Requirements
- Connection Properties
  - General Connection Properties
- IBM DB2 Target Connections
- Informix Target Connections
- Microsoft SQL Server Target Connections
  - Creating an SSL Connection
- Data Vault Target Connections
  - Archive Store Properties
- Oracle Target Connections
- Teradata Target Connections
- Netezza Target Connections
- Creating a Target Connection
- Copying a Target Connection
- Database User Password Changes
  - Properties File
  - Changing Database User Passwords
Archive Store Configuration
- Archive Store Configuration Overview
- EMC Centera and EMC Atmos Configuration
- Hitachi Content Platform Configuration
- Hadoop Distributed File System Configuration
- Microsoft Azure Storage Configuration
Datatype Mapping
- Datatype Mapping from Source to Archive Overview
- Datatype Mapping Interface
- Data Vault Datatypes
- IBM DB2 Source Databases
- Custom Datatypes
- SAP Datatypes
- Unsupported Datatype Mappings
- Mapping a Custom Datatype to an Archive Datatype
- Out-of-Range Data Replacement
  - Configuration for Out-of-Range Data Replacement
  - Examples for Out-of-Range Data Replacement
Database Optimization
- Database Optimization Overview
- IBM DB2 Native Utilities
- Teradata Native Utilities
SAP Application Retirement
- SAP Application Retirement Overview
- SAP Application Retirement Architecture Options
- Setting Up SAP Application Retirement
- Step 1. Install the SAP Java Connector
- Step 2. Apply the SAP Transports
- Step 3. Assign Roles
- Step 4. Configure Conf.Properties
- Step 5: Set up the FTP or NFS Connection
  - Creating the FTP Connection
  - Creating the NFS Mount
z/OS Source Data Retirement
- z/OS Source Data Retirement Overview
- Implementation Example
- Prerequisites
- Step 2. Create PowerExchange Data Maps
- Step 3. Configure PowerExchange ODBC Data Sources on the Data Archive Server
  - Configure ODBC Data Sources on Linux or UNIX
  - Configure ODBC Data Sources on Windows
- Step 4. Import z/OS Metadata
- Step 5. Define and Run the Retirement Project
Seamless Data Access
- Seamless Data Access Overview
- Seamless Access for IBM DB2
  - Create Seamless Data Access Script Job
    - Create Seamless Data Access Script Job Parameters
  - Configuring Seamless Access for IBM DB2
- Seamless Access for Oracle
- Seamless Access for PeopleSoft
- Seamless Access for PeopleSoft on IBM DB2
Data Discovery Portal
- Data Discovery Portal Overview
- Search Data Vault
  - Setting up Search Data Vault
  - Maintaining Search Indexes
- Search Within an Entity in Data Vault
  - Step 1. Define Search Options
    - Editing Search Options
  - Step 2. Specify Number of Records in Results
    - Editing the Default Maximum Records in Results Value
- Masking Sensitive Information in Data Vault
  - Enabling Dynamic Data Masking
- Integration with E-Discovery Solutions
  - In-Place Preservation for Data Vault Through Exterro Fusion
    - Integrating Data Archive and Exterro Fusion
    - Troubleshooting Legal Holds Applied from the Exterro Fusion Interface
- Accessing Archive Data from an External Application
Security
- Security Overview
- Users
  - User Properties
  - Password Management
- User Management
- System-Defined Roles
  - System-Defined Roles and Privileges
  - User Reports for System-Defined Roles
- Data Vault Access Roles
- Security Groups
  - Security Group Properties
  - Creating Security Groups
SSL Communication with Data Vault
- SSL Communication with Data Vault Overview
- Creating a Certificate and TrustStore
- Updating Conf.Properties
- Modifying the StartApplimation File
- Creating a Generic JDBC Source Connection
- Importing Data Vault Table Metadata with SSL Enabled
- Updating JReport Designer
LDAP User Authentication
- LDAP User Authentication Overview
- User Synchronization
  - Nested Group Synchronization for Users
- Data Archive Roles and LDAP Security Groups
  - Technical Names for System-Defined Roles
- Role Assignments
- Role Assignment Synchronization
  - Nested Group Synchronization for Role Assignments
- Sync with LDAP Server Job
  - Sync with LDAP Server Job Parameters
- Troubleshooting the Sync with LDAP Server Job
- Setting Up LDAP User Authentication
- LDAP User Authentication Maintenance
- Single Sign-On
Auditing
- Auditing Overview
- Audit Levels
- Configuring Audit Logs
- Archiving Audit Logs
- Viewing Audit Logs
- Exporting Audit Logs
- Purging Audit Logs
Running Jobs from External Applications
- Running Jobs from an External Application Overview
- Job Handler JSP
- Job Handler JSP Job Parameters
- Run Update Retention JSP
- Run Definition JSP
- Legal Hold API
- Step 1. Configure Security
- Step 2. Form the Legal Hold URL
- Step 3. Add the URL to the External Application Code
- Step 4. Form the URL that Calls GetJobStatus.jsp
  - Forming the URL that Calls GetJobStatus.jsp
  - Example
- Step 5. Add the URL to the External Application Code
- File Archive Transaction Restore API
- Step 1. Configure Security
- Step 2. Create the File Archive Transaction Restore API Definition
- Step 3. Form the File Archive Transaction Restore URL
  - File Archive Transaction Restore URL Syntax
  - Forming the URL for the File Archive Transaction Restore API
- Step 4. Add the URL to the External Application Code
- API Authentication
Salesforce Archiving Administrator Tasks
- Salesforce Archiving Administrator Tasks Overview
- Configure Salesforce Permissions
Upgrading Oracle History Data
- Upgrading Oracle History Data Overview
- Upgrading Oracle History Data Prerequisites
- Steps to Upgrade the History Data
- Step 1. Run the History Upgrade Scripts
  - History Upgrade Scripts Parameters
  - Running the History Upgrade Scripts
- Step 2. Run the Create History Table Job with the Original Source
  - Running the Create History Table Job
- Step 3. Update the Application Version for Source and Target Connections
  - Updating the Application Version for Source and Target Connections
- Step 4. Run the Create History Table Job with the Updated Source
  - Running the Create History Table Job
- Step 5. Run the Seamless Data Access Job for the Updated Source
  - Running the Seamless Data Access Job
- Step 6. Run the Create Indexes Job
  - Running the Create Indexes Job
- Step 7. Gather Database Statistics
Upgrading PeopleSoft History Data
- Upgrading PeopleSoft History Data Overview
- Upgrading PeopleSoft History Data Prerequisites
- Steps to Upgrade the History Data
- Step 1. Run the History Upgrade Scripts
  - Running the History Upgrade Scripts
    - Original Application Changes Script Example
    - Updated Application Changes Script Example
- Step 2. Run the Create History Table Job with the Original Source
  - Running the Create History Table Job
- Step 3. Update the Application Version for Source and Target Connections
  - Updating the Application Version for Source and Target Connections
- Step 4. Run the Create History Table Job with the Updated Source
  - Running the Create History Table Job
- Step 5. Run the Seamless Data Access Job for the Updated Source
  - Running the Seamless Data Access Job
- Step 6. Run the Create Indexes Job
  - Running the Create Indexes Job
- Step 7. Gather Database Statistics
Data Archive Maintenance
- Data Archive Maintenance Overview
  - Data Archive Component Integration
- Backing up Data Archive Components
- Maintaining the Data Vault Repository
Appendix A: Datetime and Numeric Formatting
- Datetime and Numeric Formatting Overview
- Datetime Format Strings
  - Datetime Format String Examples
- Numeric Format Strings
  - Numeric Format String Examples
Appendix B: Data Archive Connectivity
- Data Archive Connectivity Overview
- Native Connectivity
- DataDirect Connect JDBC Connectivity
- PowerExchange Connectivity
- Third-Party JDBC Connectivity

Administrator Guide

6.5 HotFix 1
- 6.5.1
- 6.5
- 6.4.4
- 6.4.3 HotFix 1
- 6.4.3

Back Next

System-Defined Roles and Privileges

Each role has a set of predefined privileges. Some roles include privileges of other roles. For example, the administrator role includes all privileges of the operator role.

The following table lists the system-defined roles and corresponding privileges:

System-Defined Role	Privileges
Administrator	Create, edit, enable, and disable users. Create, edit, and delete security groups. Edit the system profile. Edit the user profile. View, create, and edit archive source and target connections. Map datatypes from source connection to Data Vault. View the dashboard. Configure audit logs. Upload JDBC driver. All operator role privileges. All audit log viewer role privileges. All archive developer role privileges. Encryption user privileges. Select the status of a deviated table when you review the results of the integrated validation process.
Archive Security Administrator	Assign access roles to data in the Data Vault. Create and edit access roles. Assign access roles to users and groups. View security reports. Map datatypes from source connection to Data Vault. All discovery user role privileges.
Archive User	Create or modify archive projects. Restore from a database or Data Vault. All operator role privileges.
Archive Developer	Create and edit metadata in the Enterprise Data Manager. View and edit Data Discovery search options. All operator role privileges.
Audit Log Viewer	View, search, print, and export audit logs.
Discovery Technical User	View Data Discovery search results in the application view. View Data Discovery search results in the technical view. The role includes privileges to access the technical view when a XSL style sheet is available. If an entity has a configured style sheet and the user does not have this role, the user can only view the data through the style sheet. All discovery user role privileges.
Discovery User	Search the Data Vault and legal holds. Add or remove legal hold tags. Browse catalogs. Browse data. Export data to PDF files and schedule export jobs. Preview search conditions in Data Discovery. The following roles include all of the discovery user role privileges, in addition to the individual role privileges: Discovery technical user Export administrator Legal hold user Retention administrator Archive security administrator Tag administrator Tag viewer
Encryption User	Schedule the encrypt data in Data Vault job. Must be coupled with a role that can schedule jobs.
Export Administrator	Export data from Data Discovery searches to supported file types, such as XML, PDF, and comma separated text files. Users can export search results from Data Discovery when you browse data or search the Data Vault. Export data from audit logs to supported file types, such as XML, PDF, and comma separated text files. All discovery user role privileges.
Healthcare Information Management User	Access the release of information form in the Application Retirement for Healthcare accelerator. Submit the release of information form.
Healthcare Metadata Administrator	View, edit, and create materialized views in the Patient Archives. Applicable to users of the Application Retirement for Healthcare accelerator. The healthcare metadata administrator role is not given to any user by default, including the AMADMIN user.
Import Metadata	Import metadata from a database in the Enterprise Data Manager. Import metadata, either traditionally or using enhanced import, in the Enterprise Data Manager.
Legal Hold User	Manage legal hold groups. Apply or remove legal hold tags for records in the Data Vault. Schedule retention-related legal hold jobs. All discovery user role privileges.
Migration Administrator	Run and monitor and progress of the standalone jobs required for the retirement migration process, such as the Export Informatica Data Vault Metadata job, Migrate Data Archive Metadata job, and Import Data Vault Metadata job.
Operator	Monitor jobs. View archive and retirement project definitions. View metadata in the Enterprise Data Manager. View source and target connections. Map datatypes from source connection to the Data Vault Service. View the system profile. View the job log. Review the results of the integrated validation process. The following roles include all of the operator role privileges, in addition to the individual role privileges: Administrator Archive developer Archive user Retention administrator Scheduler
Report Admin	If you installed the Data Visualization component, this role allows the user to create, run, copy, and delete reports on data stored in the Data Vault. This role also allows the user to grant other users and access roles the run, copy, delete, and grant permissions.
Report Designer	If you installed the Data Visualization component, this role allows the user to create reports on data stored in the Data Vault. For the user to be able to run, copy, or delete a report, this role must be granted those permissions specifically by the Report Admin user or another user with the privilege to grant report permissions. Users can create and run reports only if they have the same Data Vault access role as the entity used to create the report. If you upgraded from a previous version of Data Archive, this role retains the same permissions it formerly had on any pre-existing reports.
Report Viewer	If you installed the Data Visualization component, this role allows the user to view and run reports on data stored in the Data Vault. In order to run reports, this role must be granted the run permission by the Report Admin or another user with the privilege to grant report permissions. Users can run reports only if they have the same Data Vault access role as the entity used to create the report. If you upgraded from a previous version of Data Archive, this role retains the same permissions it formerly had on any pre-existing reports.
Retention Administrator	Create and edit retention policies. Assign retention policies to records in the Data Vault. Schedule retention-related jobs. Perform data discovery searches and Data Vault restore searches based on retention policy and retention expiration date. Manage retention jobs. All discovery user role privileges. All operator role privileges.
Retention Viewer	View retention policy details (retention policy and expiration date). View table data. In order to export data from a search, this role must be coupled with the export administrator role.
SAP Portal User	If you installed the Data Visualization component, this user can access the SAP Archives under the Data Visualization menu. When you assign this role to a user, Data Archive launches the SAP Archives when the user logs in.
Scheduler	Schedule, resume, and terminate archive and retirement projects. Delete, manage, schedule, search, resume, terminate, and view jobs. All operator role privileges.
Tag Administrator	Create, edit, or delete tags. Add or remove tags from archived records. Schedule tag-related jobs. All discovery user role privileges.
Tag Viewer	View tags that are associated with archived records. All discovery user role privileges.

Rename Saved Search

Table of Contents

Administrator Guide

Administrator Guide

System-Defined Roles and Privileges

System-Defined Roles and Privileges