Create a role definition for each set of users with different access rights

Before you create a new role definition, identify the specific rights associated with each role and define those rights if they do not already exist. For this sample scenario, you might create role definitions similar to the following:

  • Oracle_AppUsers with Windows Login access and an application right for a specific database application.
  • Oracle_DBAs with Windows Login access and desktop and network access rights on computers in a specific zone.
  • Oracle_Backup with console login allowed right and an application right that allow members of the group to run backup utilities with the privileges of the built-in Backup Operators group.