Before you create a new role definition, identify the specific rights associated with each role and define those rights if they do not already exist. For this sample scenario, you might create role definitions similar to the following:
- Oracle_AppUsers with
Windows Loginaccess and an application right for a specific database application.
- Oracle_DBAs with
Windows Loginaccess and desktop and network access rights on computers in a specific zone.
- Oracle_Backup with console login allowed right and an application right that allow members of the group to run backup utilities with the privileges of the built-in Backup Operators group.