IsaModePromoteOptions

Description

The IsaModePromoteOptions enumeration contains parameters of mode activation of role division between information security administrator (ISA) and application administrator (AA). It is used by the IMetabasePolicy.PromoteToIsaMode property.

Available Values

Value Brief description
0 None. ISA does not have permissions to update users.
1 GrantDbSecurityAdmin. ISA will have the "Applying User Permissions at DBMS Level", which means he can update users. Application administrator can also update users.
2 RestrictAdminAccess. Users that have privilege as AA has (Creating and Deleting Users) cannot open repository objects, the privilege "Read and Write Permission for All Objects" will be ignored. On an attempt to open repository object a message will be displayed that the user does not have enough permissions to execute the operation.
4 RestrictIsaAccess. Users that have privilege as ISA has (Changing Security Label and Access Control List of Any Object) cannot open repository objects, the privilege "Read and Write Permission for All Objects" will be ignored. On an attempt to open repository object a message will be displayed that the user does not have enough permissions to execute the operation.

See also:

Metabase Assembly Enumerations