We are reconfiguring and redesigning our virtual infrastructure and got a problem about security issues in the SSO installation of vcenter 5.1.
First of all we are using oracle databases with several schemata on each of them. We are using vCenter 5.0 U1 until today, therefore we didn´t get in contact with this special feature of SSO before.
We have prepared the three schemata for the new vcenter 5.1 installation as mentionned in the "Install and Upgrade guide", but, as we were using several other productive schemata on the same database, we granted the user privileges not to the whole database, but only to the schema RSA.
To our suprise we weren´t able to install the vCenter Single Sign On Service, because we have " sufficient privileges" for the user RSA_DBA in concern. Several installation tries after the first one, we granted the RSA_DBA the "privileges" to the whole oracle database, and we could install the service.
Up to now we have a logistic problem, because of several orders in our enterprise we are not allowed to install with full rights to the oracle database, because afterwards the user RSA_DBA is able to delete all schematas of the database.
Therefore my questions:
Has someone in the community managed to install the RSA as Oracle schema with only the privileges to the schema and not the whole database?
Is it possible to change the setup to bypass the privileges?