Manage Global Role Administrators of a User-Extended Role

A global role administrator is any user granted the MANAGE ROLES system privilege. However, not all roles can be managed by global role administrators.

When creating a new role, if you specify at least one role administrator, global role administrators will be unable to manage the role. This is because the MANAGE ROLES system privilege is not automatically granted to the role during creation.

For this reason, it is recommended that role administrators not be specified when creating a new role. They should be added after the fact. This ensures that every role can be successfully managed by both role and global role administrators.

By default, at least one role administrator or global role administrator with a login password must exist at all times for each role. This minimum requirement is validated before you can remove the global role administrator or role administrator from a role, or remove a role administrator's administrative rights on a role. The minimum requirement is a configurable database option (MIN_ROLE_ADMINS).

Parent topic: User-Extended Roles
Related concepts
Manage Role Administrators of a User-Extended Role
Related tasks
Creating a User-Extended Role
Deleting a User-Extended Role
Converting a User-Extended Role to a User
Adding a Grantee to a User-Extended Role
Changing a Grantee's Administrative Rights on a User-Extended Role
Removing a Grantee From a User-Extended Role
Adding a Role to a User-Extended Role
Changing Administrative Rights on an Underlying Role of a User-Extended Role
Removing a Role from a User-Extended Role
Adding a System Privilege to a User-Extended Role
Changing Administrative Rights on a User-Extended Role Granted Privilege
Removing a System Privilege from a User-Extended Role
Viewing or Modifying Role-Based User-Extended Role Options
Generating User-Extended Role DDL Commands
Viewing or Modifying User-Extended Role Properties
Changing a User-Extended Role Password
Forcing a User-Extended Role to Change their Password
Unlocking a User-Extended Role Account
Changing a User-Extended Role Login Policy
Related reference
Role-Based User-Extended Role Privilege Summary