EUSM is the utility which comes Out-Of-Box with OID. This utility can be used for mapping enterprise users/roles to database objects for Enterprise User Security setup. Below are some of the commands most commonly used for EUS:
To List Enterprise roles in OID
eusm listEnterpriseRoles domain_name=<OID Domain> realm_dn=<oid realm> ldap_host=<hostname> ldap_port=<port> ldap_user_dn=<oid administrator> ldap_user_password=<oid admin password>
To List Mappings
eusm listMappings domain_name=<OID domain> realm_dn=<realm> ldap_host=<hostname> ldap_port=<port> ldap_user_dn=<oid admin> ldap_user_password=<oid admin password>
To List Enterprise Role Info
eusm listEnterpriseRoleInfo enterprise_role=<rdn of enterprise role> domain_name=<oid domain> realm_dn=<oid realm> ldap_host=<hostname> ldap_port=<port> ldap_user_dn="<oid admin>" ldap_user_password=<oid admin password>
To Create Enterprise Role
eusm createRole enterprise_role=<rdn of the enterprise role> domain_name=<oid domain> realm_dn=<oid realm> ldap_host=<hostname> ldap_port=<port> ldap_user_dn="<oid admin>" ldap_user_password=<oid admin password>
To Create User-Schema Mapping
eusm createMapping database_name=<SID of target database> realm_dn="<oid realm>" map_type=<ENTRY/SUBTREE> map_dn="<dn of enterprise user>" schema="<name of the shared schema>" ldap_host=<oid hostname> ldap_port=<port> ldap_user_dn="<oid admin>" ldap_user_password="<oid admin password>"
To Create Proxy Permission
eusm createProxyPerm proxy_permission=<Name of the proxypermission> domain_name=<oid domain> realm_dn="<oid realm>" ldap_host=<hostname> ldap_port=<port> ldap_user_dn="<oid admin>" ldap_user_password=<oid admin password>
To Grant Proxy permission to Proxy group
eusm grantProxyPerm proxy_permission=<Name of the proxy permission> domain_name=<oid domain> realm_dn="<oid realm>" ldap_host=<hostname> ldap_port=<port> ldap_user_dn="<oid admin>" ldap_user_password=<password> group_dn="<dn of the enterprise group>"
To Map proxy permission to proxy user in DB
eusm addTargetUser proxy_permission=<Name of the proxy permission> domain_name=<oid domain> realm_dn="<oid realm>" ldap_host=<hostname> ldap_port=<port> ldap_user_dn="<oid admin>" ldap_user_password=<oid admin password> database_name=<SID of the target database> target_user=<target database user> dbuser=<Database user with DBA privileges> dbuser_password=<database user password> dbconnect_string=<database_host>:<port>:<DBSID>
Enterprise role to Global role mapping in OID
eusm addGlobalRole enterprise_role=<rdn of the enterprise role> domain_name=<oid domain> realm_dn="<oid realm>" database_name=<SID of the target database> global_role=<name of the global role defined in the target database> dbuser=<database user> dbuser_password=<database user password> dbconnect_string=<database_host>:<port>:<DBSID> ldap_host=<oid_hostname> ldap_port=<port> ldap_user_dn="<oid admin>" ldap_user_password=<oid admin password>
