Feedback
Did this article resolve your question/issue?

   

Article

Database Security Admins based on _oslocal Authentication Domain fail

Information

 
TitleDatabase Security Admins based on _oslocal Authentication Domain fail
URL NameDatabase-Security-Admins-based-on-oslocal-Authentication-Domain-fail
Article Number000137422
EnvironmentProduct: Progress
Version: 9.x
Product: OpenEdge
Version: 10.x, 11.x
OS: All supported platforms
Question/Problem Description
Adding a Database Security Administrator fails if none of the listed users is an internal database user (_USER) with:
'At least one security-administrator must be defined as a user.'

An OS authenticated user updating the Sec Admins list using the DataAdmin.DataAdminService API fails with error:
Update permission denied (14328) 
Steps to Reproduce
Clarifying Information
Error Message
Defect/Enhancement Number
Cause
Sec Admins do not have to be an internal _oeusertable, _user database user:

OpenEdge Data Management: Database Administration, Designating a security administrator
"Security administrators can also be users defined outside of the _User table accounts. In fact, if you never
define a user in the _User table accounts, all your security administrators can all be users defined in user
accounts outside the database."

Once the first _user record is created, _oeusertable database security is enabled.
Once security is enabled (i.e. any accounts have been created in the _user table) only a valid defined account can be granted Security Admin permissions.
Resolution
Define the Security Admin user with a _USER record.
Workaround
Notes
References to Other Documentation:
OpenEdge Getting Started: Identity Management

Progress Articles:

000011323, How are user names or user ids handled when connecting to a database?  
Last Modified Date4/4/2019 2:24 PM
Attachment 
Files
Disclaimer The origins of the information on this site may be internal or external to Progress Software Corporation (“Progress”). Progress Software Corporation makes all reasonable efforts to verify this information. However, the information provided is for your information only. Progress Software Corporation makes no explicit or implied claims to the validity of this information.

Any sample code provided on this site is not supported under any Progress support program or service. The sample code is provided on an "AS IS" basis. Progress makes no warranties, express or implied, and disclaims all implied warranties including, without limitation, the implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample code is borne by the user. In no event shall Progress, its employees, or anyone else involved in the creation, production, or delivery of the code be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample code, even if Progress has been advised of the possibility of such damages.