Table of Contents

Search

  1. Preface
  2. Introduction to Dynamic Data Masking Administration
  3. Authentication
  4. Connection Management
  5. JDBC Client Configuration
  6. ODBC Client Configuration
  7. Access Control
  8. Logs
  9. High Availability
  10. Server Control
  11. Performance Tuning

Administrator Guide

Administrator Guide

Non-Privileged User

Non-Privileged User

A non-privileged user is a user that does not belong to the Dynamic Data Masking administration group.
In the Management Console tree, domain, database, and security rule set nodes have authorization properties. Authorization properties define which operations a non-privileged user can perform on Management Console tree nodes.
Non-privileged users cannot edit the Management Console Dynamic Data Masking Server node or the Server node children, such as service nodes, logger nodes, and appender nodes. A non-privileged user can have ownership, read, or read and write privileges on domain, database, and security rule set nodes in the Management Console tree.
The following table describes the authorizations a non-privileged user can have on a database, domain, or security rule set node in the Management Console tree:
Authorization
Description
Ownership
The LDAP user or group owns the node. A node owner has full access control to the node.
A node owner can perform the following operations on the node:
  • Set Authorizations
  • Read operations
  • Write operations
Read
The LDAP user or group has read privileges on the node.
A user with read privileges can perform the following operations on the node:
  • View the node details
  • View the children of the node
Read authorizations are required on the source node for the copy node operation.
Read and Write
The LDAP user or group has read and write privileges on the node.
A user with read and write privileges can perform the following operations:
  • View the node details
  • View the children of the node
  • The read privilege is required on the source node for the copy node operation.
  • Add
  • Edit database and security rule set node details
  • Copy (destination node)
  • Move (source and destination node)
  • Remove (parent and child nodes)
  • Edit domain, database, and security set names (parent and child nodes)

0 COMMENTS

We’d like to hear from you!