Appendix C: Oracle Tables and Views for Oracle Inventory Collection

FlexNet Manager Suite 2020 R2 (On-Premises)
In general, Oracle recommends collecting database data using any user account that has the following privileges:
  • CREATE SESSION
  • SELECT ANY TABLE
  • For database version 9.1 and higher: SELECT ANY DICTIONARY.
Suggested system-supplied user accounts depend on whether Oracle Database Vault is in use:
  • When Oracle Database Vault is not in use: SYS or SYSTEM are good choices
  • When Oracle Database Vault is in use:
    • Use PARTICIPANT or OWNER authorization on 'Oracle Data Dictionary' realm
    • Use DV_SECANALYST role for querying views supplied by Oracle Database Vault.
If you do not want to collect inventory data as either the SYS or the SYSDBA user, you may need to create a user account to collect Oracle inventory (for details, see the Credentials for... topic for your preferred method of Oracle inventory collection, earlier in this chapter). The database user must have at least read-only access to the following tables and views on each inventoried database instance.
Important: The following list may not be valid for all versions of Oracle Database. For example, several of the following tables/views do not exist in versions prior to Oracle Database 11. If you attempt to grant privileges to a table/view that does not exist in your version of Oracle Database, the result will contain an error message, which can be ignored.

Tables/views accessible for all users (PUBLIC)

  • GV$INSTANCE
  • GV$PARAMETER
  • V$ARCHIVE_DEST_STATUS
  • V$BLOCK_CHANGE_TRACKING
  • V$CONTAINERS
  • V$DATABASE
  • V$DATAGUARD_CONFIG
  • V$INSTANCE
  • V$LICENSE
  • V$OPTION
  • V$PARAMETER
  • V$SESSION.

Tables/views accessible for SYS, or with SYSDBA privileges

  • DBA_ADVISOR_TASKS
  • DBA_AUDIT_TRAIL
  • DBA_AWS
  • DBA_CPU_USAGE_STATISTICS
  • DBA_CUBES
  • DBA_DV_REALM
  • DBA_ENCRYPTED_COLUMNS
  • DBA_FEATURE_USAGE_STATISTICS
  • DBA_FLASHBACK_ARCHIVE_TABLES
  • DBA_FLASHBACK_ARCHIVE_TS
  • DBA_FLASHBACK_ARCHIVE
  • DBA_INDEXES
  • DBA_LOB_PARTITIONS
  • DBA_LOB_SUBPARTITIONS
  • DBA_LOBS
  • DBA_MINING_MODELS
  • DBA_OBJECT_TABLES
  • DBA_OBJECTS
  • DBA_RECYCLEBIN
  • DBA_REGISTRY
  • DBA_SEGMENTS
  • DBA_SQL_PROFILES
  • DBA_SQLSET_REFERENCES
  • DBA_SQLSET
  • DBA_TAB_PARTITIONS
  • DBA_TAB_SUBPARTITIONS
  • DBA_TABLESPACES
  • DBA_TABLES
  • DBA_USERS
  • MODEL$
  • REGISTRY$HISTORY
  • ROLE_SYS_PRIVS
  • USER_ROLE_PRIVS
  • USER_SYS_PRIVS.
In addition, the following procedure needs EXECUTE privileges:
  • UTL_INADDR.

Tables/views accessible in the {OEMOWNER} schema, typically using the account SYSMAN

  • MGMT$DB_DBNINSTANCEINFO
  • MGMT$TARGET
  • MGMT$TARGET_MEMBERS
  • MGMT$TARGET_PROPERTIES
  • MGMT_ADMIN_LICENSES
  • MGMT_FU_LICENSE_MAP
  • MGMT_FU_REGISTRATIONS
  • MGMT_FU_STATISTICS
  • MGMT_INV_COMPONENT
  • MGMT_INV_CONTAINER
  • MGMT_LICENSE_CONFIRMATION
  • MGMT_LICENSE_DEFINITIONS
  • MGMT_LICENSED_TARGETS
  • MGMT_LICENSES
  • MGMT_TARGET_TYPES
  • MGMT_TARGETS
  • MGMT_VERSIONS.

Tables/views in special schemata, typically using the SYS account (and addressing the correct schema name)

  • APPLSYS.FND_APP_SERVERS
  • APPLSYS.FND_NODES
  • APPLSYS.FND_PRODUCT_INSTALLATIONS
  • APPLSYS.FND_APPLICATION_TL
  • APPLSYS.FND_USER
  • APPLSYS.FND_RESPONSIBILITY
  • APPS.FND_USER_RESP_GROUPS
  • CONTENT.ODM_DOCUMENT
  • DMSYS.DM$MODEL
  • DMSYS.DM$OBJECT
  • DMSYS.DM$P_MODEL
  • GSMADMIN_INTERNAL.SHA_DATABASES
  • LBACSYS.LBAC$POLT
  • LBACSYS.OLS$POLT
  • MDSYS.SDO_GEOM_METADATA_TABLE
  • ODM.ODM_MINING_MODEL
  • ODM.ODM_RECORD
  • OLAPSYS.DBA$OLAP_CUBES.
Tip: In general, Flexera does not recommend creating a special user account just for collecting inventory, because of the implicit high maintenance effort. This is because a user can only be granted access to tables/views that exist at the moment of granting rights. This means:
  • Continuous efforts/monitoring to ensure that the special “scanning user” account has been created on all database instances
  • Repeated effort to keep the grants accurate on all existing database instances
  • Repeated investigations into whether a missing table access is due to a non-existent table or due to missing grants of rights to the scanning user.
Remember: If you choose to create a custom user for database inventory collection, the grant of access to tables/views should be repeated regularly to cope with any database changes that may have occurred since the previous grant. This is particularly the case, for example, around any database patches or upgrades.

FlexNet Manager Suite (On-Premises)

2020 R2