Replication Agent for Oracle uses the pds_username to connect to Oracle and must have the following Oracle permissions:
create session – required to connect to Oracle.
select_catalog_role – required to select from the DBA_* views.
alter system – required to perform redo log archive operations.
alter on TABLE_NAME – required to replicate user-defined datatypes if table-level supplemental logging has not been enabled for the specified TABLE_NAME.
execute on DBMS_FLASHBACK – required to execute DBMS_FLASHBACK.get_system_change_number.
alter any procedure – required to manage procedures for replication.
create table – required to create tables in the primary database.
create procedure – required to create rs_marker and rs_dump proc procedures.
create public synonym – required to create synonyms for created tables in the primary database.
create sequence – required to support replication.
drop public synonym – required to drop created synonyms.
select on SYS.ARGUMENT$ – required to process procedure DDL commands.
SYS.ATTRIBUTE$ – required to process Oracle types.
select on SYS.CCOL$ – required to support table replication (column constraint information).
select on SYS.CDEF$ – required for table (constraint information) replication support.
select on SYS.COL$ – required for table (column information) replication support.
select on SYS.COLLECTION$ – required for VARRAY replication support.
select on SYS.COLTYPE$ – required to support table replication.
select on SYS.CON$ – required for table (constraint information) replication support.
select on SYS.IND$ – required to identify indexes.
select on SYS.INDCOMPART$ – required to identify indexes.
select on SYS.INDPART$ – required to identify indexes.
select on SYS.INDSUBPART$ – required to identify indexes.
select on SYS.LOB$ – required for LOB replication support.
select on SYS.LOBCOMPPART$ – required to support partitioned LOB replication.
select on SYS.LOBFRAG$ – required to support partitioned LOB replication.
select on SYS.MLOG$ – required to filter materialized view log tables.
select on SYS.NTAB$ – required to support table replication.
select on SYS.OBJ$ – required for processing procedure DDL commands in the repository.
select on SYS.PROCEDUREINFO$ – required for procedure replication support.
select on SYS.SEQ$ – required to support sequence replication.
select on SYS.SNAP$ – required to filter out materialized view tables.
select on SYS.TAB$ – required to support table replication.
select on SYS.TABCOMPART$ – required to support partitioned table replication.
select on SYS.TABPART$ – required to support partitioned table replication.
select on SYS.TABSUBPART$ – required to support partitioned table replication.
select on SYS.TS$ – required to identify tablespace encryption in Oracle 11g.
select on SYS.TYPE$ – required to process Oracle predefined and user-defined types.
select on SYS.USER$ – required for Oracle user identification.
The permissions for SYS.CON$ and SYS.CDEF$ are
required to handle the constraint information in the CREATE and ALTER
TABLE DDL operations.
In addition, the user who starts the Replication Agent for Oracle instance must have read access to the Oracle redo log files and the Oracle archive directory that contains the archive log files to be accessed for replication. If the Replication Agent is configured to remove old archive files, the user must have update authority to the directory and the archive log files. If Oracle redo logs or archived redo logs are stored within ASM, the user who starts Replication Agent for Oracle must have read access to the ASM disk devices that contain the redo log data.
Replication Agent for Oracle requires the alter system privilege to issue the alter system archive log command. If Replication Agent is configured to access only online Oracle redo logs, Replication Agent issues the alter system archive log sequence command when the online redo log is no longer needed for replication (as when all data from the log has been replicated). Regardless of online or archive log processing, Replication Agent uses the alter system privilege to issue the alter system archive log current command when Replication Agent is instructed to move processing to the end of the Oracle log. By issuing the alter system archive log current command, Replication Agent insures that the current redo log file does not contain old data. Replication Agent moves processing to the end of the Oracle redo log when requested by the move_truncpt options of the pdb_xlog init command. Replication Agent may also move processing to the end of the Oracle redo log during migration from one version of Replication Agent to another.
