CELLDIAG user for Exadata

I was doing some tasks off from my task list and one of the things exachk highlighted was that we should create user CELLDIAG on cells.

Beginning with Exadata Storage Server Software version 12.1.2.2.0,
the storage server user “CELLDIAG” is created during deployment which allows
access to diagnostics without using a more privileged user.
The benefit of creating and using the “CELLDIAG” user is improved security.
The impact of verifying that the “CELLDIAG” user is created is minimal,
as is the impact of creating the user if it does not exist.

Included steps are straightforward:

create user CELLDIAG password=”SomeGood42Password”;
create role celldiagrole;
grant privilege create on diagpack to role celldiagrole;
grant privilege list on diagpack to role celldiagrole;
grant privilege download on diagpack to role celldiagrole;
grant role celldiagrole to user CELLDIAG;

But when I started to create the user I hit an issue with a password:

CellCLI> create user CELLDIAG password="hello.World1!"

CELL-06007: Valid user passwords are 12 to 40 alphanumeric characters with at
least one digit, one lowercase letter and one uppercase letter.
A new password cannot be the same as the existing password.

No matter what combinations I tried it didn’t work. Until I noticed the part about alphanumeric! Sometimes not paying attention and not being native English speaker has it disadvantages.

So new try was much more successful:

CellCLI> create user CELLDIAG password="Hello12World";
User CELLDIAG successfully created.

And rest of the tasks even a Finnish guy like me could complete. 🙂

Simo

Recent Posts

Autonomous Database Audit Logs to Logging Service Part 1

I recently came across requirement to get OCI Oracle Autonomous Database audit logs to OCI…

3 weeks ago

Connecting to Autonomous Database Running on Google Cloud

Last time I showed how to provision Autonomous Database Serverless (ADB-S) on Google Cloud. This…

2 months ago

Can you believe it? Provisioning Autonomous Database in GCP!

I bet few years back folks didn't expect that by 2024 we would be able…

3 months ago

IP Address Insights with CLI

My previous post on IP Address Insights I mentioned it wasn't yet available with CLI…

7 months ago

Thoughts on Oracle Database@Azure

This will NOT be a technical walkthrough on Oracle Database@Azure but rather my opinions and…

7 months ago

OCI Vulnerability Scanning Setup

Many times when you work for someone, they already have their own vulnerability scanning throughout…

7 months ago