Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Temp File Service 'hsitempfile' database user, what permissions does it require?

Alan_Vidmar
Star Contributor
Star Contributor

‎06-03-2020 12:11 PM

We're trying to implement the Temp File Service portion of the API server and have run into an issue with the 'hsitempfile' database user not existing. The API Server MRG makes no mention of needing an additional database account for this service. Can I please get information of what permissions are necessary for this account?

Exception: ORA-01918: user 'hsitempfile' does not exist

Thanks,

Alan

 

Labels:
4 REPLIES 4

Jeremy_Meyers
Confirmed Champ
Confirmed Champ

‎06-04-2020 12:58 PM

Hello Alan,

Thanks for reaching out to us about this issue. We will be reaching out to you to resolve this issue.

Thank you,

Jeremy

0 Kudos

David_Juhlin
Elite Collaborator
Elite Collaborator
In response to Jeremy_Meyers

‎03-28-2024 12:46 PM

Is this documented in an MRG somewhere?  I don't like having to use a too-powerful user account in the api server, and especially when it has to sit in a public DMZ.  I understand that when the TempFS is first established, a sufficiently-powerful account is needed to create the user/schema etc. but once created, can we use a different account, and what access does it really need?  I understand 'security by obscurity' but we can better manage accounts/access if we know what is truly needed.

0 Kudos

AdamShaneHyland
Employee
Employee
In response to David_Juhlin

‎03-29-2024 06:40 AM

Hi @David Juhlin ,

 

At this time the documentation is not available for your request.  You are correct in your understanding that there are permissions required for creating the hsitempfile schema (e.g. creating the tables) and then there are permissions needed for the general usage of the service (e.g. selecting, inserting, updating and removing rows from the tables).  

 

Unfortunately I don't have an answer for you at this time.  Further investigation would be required to determine the specific permissions required and if you could use a different account (or simply change the permissions on the account) after the initial implementation. 

 

While I can't say this for certain, you can likely reference the Hyland Identity and Access Management MRG under the Operational Database for the User Id ...

 

https://support.hyland.com/r/Other/Identity-and-Access-Management-Services/3.0/Identity-and-Access-M...

 

458dcca1220d49098e4b531b74f3d9d4

 

TempFS and the Operational Database implementation are similar.

 

If you are interested in a more definitive answer, I would recommend working with your first line of support.

 

Best wishes.

0 Kudos

Tia_Brott-Silke
Star Contributor
Star Contributor

‎04-01-2024 06:15 AM

Alan - don't hold me to this as we are still implementing this in Oracle for our 23 upgrade so it hasn't bee fully proven but here is what we have:

 

CREATE USER "hsitempfile" IDENTIFIED BY "xxxxxx"; (xxxxx = db user password)

GRANT UNLIMITED TABLESPACE TO "hsitempfile";
GRANT CREATE SESSION TO "hsitempfile";
GRANT CREATE TABLE TO "hsitempfile";
GRANT SELECT_CATALOG_ROLE TO "hsitempfile";

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC