FUJ00089756
FUJ00089756
Peak Incident Management System
Call Reference PC0208119 Call Logger Mark Wright -- EDSC
Release Targeted At -- HNG-X 06.22 Top Ref PC0221150
Call Type Live Incidents Priority B -- Business restricted
Contact Mark Wright Call Status Closed -- Administrative Response
Target Date —:10/03/2012 Effort (Man Days) 0
Summary SSC Database users do not have correct permissions
All References Type Value
Product Baseline UNIX_SUPPORT_UTILS_ 0622 _V018
Product Baseline UNIX_SUPPORT_UTILS_0622_D018-D017
Release PEAK PC0216786
Release PEAK PC0221150
Product Baseline UNIX _SUPPORT_UTILS_0622_V018-V017
DevintRel-Director Live Supp. Test
Collections Name User Date
RP-release_planning Sarah Payne 14-May-2012 17:00:59
Impact
5 ee ‘ User Date
Dave Haywood 06-May-2015 09:44:56
1. SSC users affected have more access than is required to database resources. This is contrary to security
policy.
i Coa There is currently no "cost" to this issue.
3. Perceived Impact: The customer is not aware of this problem or change.
4. Scope: No actual impact/incidents of problems relating to this issue have been experienced yet (and not
: expected).
Progress Narrative
1-Feb-2011 11:57:35 User:Mark Wright
PC0208119 opened
betails entered are:-
lsummary:SSC Database users do not have correct permissions
call Type:L
call Priority:B
[target Release:HNG-X R3
Routed to:EDSC - _Unassigned_
Jbate:01-Feb-2011 11:57:35 User:Mark Wright
[Start of Response]
Development have delivered scripts to allow SSC users to perform
they have been delivered to work against an SSC role which SSC u:
lamending to match how our users are set up in live.
Please see email details below describing in more detail:
h) The user creation scripts provided by development offer the option
2) When we created SSC users for BDB/BRS etc.
Horizon databases
4) We could change the role grants from appsup to ssc and ensure we u:
lose any permissions that are in the appsup role and not the
(migrated) and the new databases like BDB which is ridiculous
5) We could grant you the ssc role as well and a call could be passed
ssc? is chosen as the group but that seems wrong as well
Itt all comes down to user administration and the incorrect assumption
lictailed documentation other than the current doc which says just add
servers ? head, brick wall and all that
levelopment for formal review and rethink
Regards, Andrew
ertain tidyup tasks (like clear failed recoveries).
3 have not been granted as SSC users have
kither SSC user creation/configuration needs to be amended to make sure we have ALL required permissions of the scripts will need
we used ?appsup? as that is what esc have always been and what they migrated as on
3) It became clear that there is also an ssc role which we now know is a requirement for the scripts you refer to
role.
je can certainly add the ssc role to all users on BDB/BRS in the short term but I would need to be sure that a call was with
However
the APPSUP role.
to create each user type (unxadm, appsup, ssc)
?ssc? for any future user creations but you would then
We also then have a difference between the DAT databases
to development to include in the user creation script when
that adding a user is obvious and doesn?t need some more
the user with the relevant roles and on the relevant
FUJ00089756
FUJ00089756
rom: Wright Mark
sent: 01 February 2011 11:37
Gibson Andrew R
cc: Calvert Wayne; Chambers Anne 0
subject: RE: ssc role
It thought the original issue was why have the SSC users not had the SSC role granted? If it is a bug in the creation scripts then
les, needs dev to fix but I thought something was said the other day about the SSC users not being set up correctly at the start?
From: Gibson Andrew R
sent: 01 February 2011 11:35
Ito: Chambers Anne 0
cc: Calvert Wayne; Wright Mark
subject: RE: ssc role
It suspect you can have both but either way you need a development fix as they produce the user creation script which does the
latabase bit ? if they have to produce a fix, I?d advise making one of the roles suitable rather than having a mix of grants
lacross both roles
from: Chambers Anne 0
sent: 01 February 2011 11:31
Gibson Andrew R
Calvert Wayne; Wright Mark
ase role
Unfortunately development write their scripts explicitly to use ssc. So I think we're stuck with it unless they deliver new
scripts (which would not be a popular or quick option).
hen we go off piste we use appsup. Can we have both??
GRO. and
thal $"""GRO
lexté
currently SSC CANNOT use these scripts.
[End of Response]
lkesponse code to call Live Incidents/Defects(L) as Potential Problem Identified (38)
jDate:01-Peb-2011 11:58:42 User:Mark Wright
[the Call record has been transferred to the team: BIF
jDate:02-Feb-2011 11:15:27 User:Saheed Salawu
new Business Impact has been added:
Ithis stops support action and needs doing not to delay incident resolution. It is an MSC catchup
[Date:02-Feb-2011 11:39:17 User:Lorraine Guiblin
[the Call record has been assigned to the Team Member: Steve Parker
JDate:02-Feb-2011 11:45:02 Use
Reference Added: MSC 04302
Parker
jDate:02-Feb-2011 13:43:46 User:Steve Parker
[the Call record has been transferred to the team: Hosts-Des
JDate:03-Feb-2011 09:10:46 User:Steve Goddard
[the Call record has been assigned to the Team Member: Andy Beardmore
Jate:04-Feb-2011 1:
[Start of Response]
er:Mark Wright
FUJ00089756
FUJ00089756
finis is NOT an MSC catchup, It is a generic role issue with SSC Database users which affects the running of development delivered
scripts rather than this single instance of an executable.
[End of Response]
IResponse code to call type L as Category 40
Pending ~- Incident Under Investigation
jbate:04-Feb-2011 1:
[OP Reference set to:
6:31 User:Mark Wright
DevintRel=Director Live Supp.Test
[Date:04-Feb-2011 11:46:32 User:Mark Wright
Reference Deleted: MSC 04340293352
jatc:26-dun-2011 06:08:54 User:Saheed Salawu
[fhe Business Impact has been update
lfhis stops support action and needs doing not to delay incident resolution.
Date: 01-Aug-2011 17:44:22 User:Andy Beardmore
srd line support should have the SSC role granted as per DES/APP/HLD/0020 v2.0. Host Development to investigate the user creation
scripted used by ISD.
Date:16-Aug-2011 10:08:07 User:Andy Beardmore
the optional role 'APPSUP' is extremely powerful. The original BRDB design was that 3rd line support should be given the 'SSC*
role (which is select any table + select catalogue) and only given the optional role 'APPSUP' temporarily (by Security Ops
luthorisation) if required to make emergency amendments in BRDB Live. Since then Host-Dev have delivered a series of auditable
amendment tools for known SSC data amendment operations in Live, and these are assigned by role to individual SSC user accounts.
¢ such SSC should not require the APPSUP role in BRDB, unless there is an unforeseen update required to Live.
transferring to Steve Parker for review/assessment.
lDate:16-Aug-2011 10:08:48 User:Andy Beardmore
{the Call record has been transferred to the team: BIF
fhe Call record has been assigned to the Team Member: Steve Parker
pate:17-Aug-2011 10:54:00 User:John Simpkins
[Start of Response]
[his is getting confused, this incident is about the SSC role which ISD need to give to the SSC in order to run a script provided
to the SSC by development.
these are script executed from the command-line.
[End of Response]
Response code to call type L as Category 40
Pending -- Incident Under Investigation
Date: 7-Aug-2011 10:55:31 Uscr:John Simpkins
[the Call record has been transferred to the team: APOP-Host—Dev
[fhe Call record has been assigned to the Team Member: Andy Beardmore
jbate:17-Aug-2011 11:37:03 User:Saheed Salawu
can SSC please have a meeting with Andy Beardmore and Andy Gibson to clarify exactly what else is really required to be done with
this Peak. It appears the original issue has been fixed. A conversation will clarify any wider issue
bate:43-Sep-2011 13:21:08 Uscr:Steve Goddard
the Call record has been transferred to the team: Hosts-Des
[fhe Call record has been assigned to the Team Member: Andy Beardmore
Date:30-Sep-2011 14:20:02 User: Mail Manager_
lexternal Progress Update Received via Email.
originator : “Beardmore Andy" <Andy.Beardmore@
lArrival Date : 30 Sep 2011 13:10:34 =
subject : PCO208119
charset="iso-8859-1"
content-Transfer-Encoding: quoted-printable
3 per the previous PEAK comments, the role 'APPSUP' is extremely
powerful and should only be used under extreme circumstances and under
SC supervision. As such the Branch Database design was that 3rd line
support users should be given the 'SSC' role, which is effectively read =
access, ie. ‘select_any table + select catalogue’. SSC team members =
should only have to achoiccess BRSS for normal support investigations, =
luniess the information has not replicated in time. SSC should only =
lsiven the optional role ‘APPSUP' temporarily (by Security Ops
Juuthorisation/emergency MSC) if required to make emergency data
amendments in BRDB Live.
Itt is a security breach if any user write access is not audited on
lsranch Database, hence the emergency MSC for any APPSUP role activity =
FUJ00089756
FUJ00089756
flust have session logs attached under the MSc. Host-Dev previously =
rovided scipts, such as the Transaction Correction Tool, are written to =
jrun under the SSC role and also write to the audit logs.
ssc users created on BRDB should only have the SSC role, and the user ~
creation script should be amended by Host-Dev to reflect this. A =
separate script giving/revoking emergency MSC access via APPSUP can be =
ldclivered, logging this to the hostaudit directory. In parallel Host-Dev
should investigate any Host-Dev delivered script to ensure they are all
lexecutable by the SSC role. SSC should investigate any of their own =
scripts to ensure they have sufficient permissions under the SSC role,
aking into account they should primarily perform their work on BRSS. =
lany day to day scripts should not access BRDB directly. Any scripts =
Inceding more than the SSC role should be questioned, except those that
ould run under MSC APPSUP. Once the investigation is complete, all
RDB SSC users with APPSUP should have the role removed by ISD (via MSC) =
land ensure they do have the SSC role.
tf anyone is in disagreement with the above course of action, then I'll =
set up a meeting with yourselves and Security when I'm down in BRAQ1 =
next week.
regards,
landy Beardmore, Senior Software and Solution Design Archit
Application Services
7 (external) (internal)
lb Please Gonsider the environment - do you really need to print this =
Jemail?
jbate:12-Oct-2011 16:37:06 User:Andy Beardmore
ja) All OPS$<SSC> users should have the roles DB MONITOR and APPSUP removed. They also need the SSC role enabled as a DEFAULT. In
leffect they should end up as for example:
PS: "I RESOURCE
[the SSC role has execute permissions to the Host-Dev delivered packages mentioned in the PEAK and resource, monitor (and hence
connect and select any table) and select any dictionary.
aweep up MSC will be required at some point for get these account changes made into live
lb) Host-Dev to amend the create db user.sh script to:
create user ops\$${USERNAME} default tablespace ${DAREA} quota unlimited on ${DAREA}
jcemporary tablespace ${DTEMP} identified externally ;
rant ${role) to ops\$$ (USERNAME) ;
lzrant RESOURCE to ops\$$ {USERNAME};
lz) ISD to create SSC users via call:
/usr/Local/bin/create_db user.sh -1 BRDB1 -u <username> -q ssc -d BRDB_SSC_DATA -t BRDB_TEMP2
jand first line support users via call:
/usr/local/bin/create db user.sh -i BRDB1 -u <username> -g db monitor -d USERS -t BRDB_TEMP2
) Branch Support Guide to provide details of creating ISD&SSC users as above (-g db monitor for ISD) and procedure for these
requesting APPSUP access (MSC) and logging logfiles.
[transferring to Host-Dev for changes to the create db user.sh script.
Date:42-Oct-2011 16:37:41 User:Andy Beardmore
the Call record has been transferred to the team: BDB-Host~Dev
fhe Call record has been assigned to the Team Member: Andrew Aylward
bate:25-Oct-2011 09:53:00 User:Andrew Aylward
fhe Business Impact has been update
H. Cost: There is currently no "cost" to this issue. The users affected have more access than is required.
2. Perceived Impact: The customer is not aware of this problem or change.
8. Scope: No actual impact/incidents of problems relating to this issue have been experienced yet (and not expected).
Date:25-Oct-2011 09:53:42 Uscr:Andrew Aylward
fhe call Target Release has been moved to Proposed For -- liNG-X 06.22
Idaté:25-Oct-2011 09:53:59 User:Andrew Aylward
Product. HNG-X Platforms -- Branch Database Server - Main (BDB) (version unspecified) added.
bate:25-Oct-2011 09:54:02 User:Andrew Aylward
product HNG-x Platforms -- Branch Database Server - Main (BDB) updated to Subject.
FUJ00089756
FUJ00089756
fdate:25-Oct-2011 0:
4:25 User:Andrew Aylward
DEVELOPMENT IMPACT OF FIX:
SPECIFY THE HNG-X PLATFORMS IMPACTE
- Done.
Are all the platforms in the same deployment group?
lA: Yes (DC_DATABASE)
[TECHNICAL SUMMARY:
lwhis change is to change the script used by POA UNIX and POA ORACLE DBA when creating new SSC/Support users.
LIST OF KNOWN DIMENSIONS DESIGN PARTS AFFECTED BY THE CHANG!
I BRDB SOFTWARE INSTALLATION POSTMIG08_0622_<REL>
I BRDB_HNGX POSTMIGO® CHANGES 0622 <REL>
DEPENDENCIES:
lo: Are there any other PEAKs or CPs with interdependencies on the proposed fix?
: No. There may be an MSC required in future, but not at this stage.
jo: Are there any clone peaks to take the delivery to a different deployment group? If yes is there any order in which they must
Ibe deployed?
: No.
: Any other dependencies such as Infrastructure changes or technical/configuration changes that will not be included in the
Development fix?
2 No.
DEPLOYMENT DETATL:
lo: Does the fix include procedures that are known not to be packagable by Integration in an automatic
(DPVB) ?
if so, please comment on the nature and technical complexity of such procedures.
lA: Nothing complex. A simple software install on the BDB platform is required.
: Does the fix require a reboot?
lA: No.
lo: Does the fix apply to a clustered database? If so must the deployment be done to all at the ¢
: Yes. However will not affect the entire cluster. It is run on only one node.
lly deployable baseline
DEV EFFORT IN MANDAYS:
ji day(s) likely effort including development, testing and packaging.
IMPACT ON USER:
lo: Benefit of making the fix.
Users created by IRE Support Teams will have correct privileges.
What does the user have to do to get this problem?
N/A
How does it affect them when it occurs?
N/A
How many branches in the estate are likely to be affected by this issue
None. The users referred to in this Peak are not related to the counter.
IMPACT ON OPERATIONS:
lo: Will the absence of a fix for this issue impact the ability of the operationa team to support the HNGX system?
IA: No.
]ZAVE RELEVANT KELS BEEN CREATED OR UPDATED?
lo. None believed to be required.
HMPACT ON TEST:
lo: What independent test coverage/scenarios does development recommend? (This will often be about the level of regression testing
required.)
: None, other than creating a new user and then asking SSC to test that user's access to required tables.
What CIT test coverage does development recommend?
None.
: What Development test scenarios are needed?
JA: Determined within the Host team. Will test execution and regression.
: What Development test scenarios manual/automated should be promoted to CIT?
lA: None.
IRISKS (of releasing and of not releasing proposed fix):
lo: What live problems will there be if we do not issue this fix?
None. Users affected by this change are not Counter related.
What are the risks of this fix having unexpected interactions with other areas?
None.
Is this a high-risk area in which changes have caused problems in the past?
No.
Should we consider a pilot rollout and of what sort?
: No.
Date: 25-Oct-2011 09:55:20 User:Andrew Aylward
Defect cause updated to 7 : Design - High Level Design
jbate:25-Oct-2011 09:56:20 User:Andrew Aylward
ction placed on Team:ReIMngmntForum
FUJ00089756
FUJ00089756
fpate:25-Oct-2011 15:06:15 User:John Boston
[the call Target Release has been moved to:Targeted At -- HNG-X 06.22
PIF 25/10/11 - Agreed target of 06.22. Please proceed.
JDate:25-Oct-2011 15:06:23 User:John Boston
ction has been removed from the call
jDate:04-Jan-2012 11:54:33 User:Andrew Aylward
[the Call record has been assigned to the Team Member: Vishnu Ramachandran
loate:04-dan-2012 12:04:53 User:Andrew Aylward
this change involves updating the SSC User Creation script originally written by Wing (in association with Andy B.) to create ssC
lisers with a default password and a role that would apply to them.
the plan is as such: -
la) All OPS$<SSC> users should have the roles DB MONITOR and APPSUP removed. They also need the SSC role enabled as a DEFAULT. In
effect they should end up as for example:
PSI relevant! RESOURCE
relevant! 5c
fhe SSC role has execute permissions to the Host-Dev delivered packages mentioned in the PEAK and resource, monitor (and hence
connect and select any table) and select any dictionary.
lA sweep up MSC will be required at some point to get these account changes into LIVE ... sensitivity to the needs of $sc when
lpproaching this.
jb) Host-Dev to amend the create _db_user.sh script to:
create user ops\$${USERNAME} default tablespace ${DAREA) quota unlimited on ${DAREA}
temporary tablespace $(DIEMP} identified externally ;
grant ${role} to ops\$${USERNAME};
jzrant RESOURCE to ops\$$ {USERNAME} ;
Ic) ISD to create SSC users via call:
/usr/local/bin/create db user.sh -i BRDB1 -u <username> -g ssc -d BRDB_SSC_DATA -t BRDB_TEMP2
nd first line support users via call:
/ust/local/bin/create db user.sh -i BRDBI -u <username> -g db monitor -d USERS ~t BRDB_TEMP2
a) Branch Support Guide to provide details of creating ISD&SSC users as above (-g db monitor for ISD) and procedure for these
requesting APPSUP access (MSC) and logging logfiles.
jbate:02-Mar-2012 12:16:32 User:Vishnu Ramachandran
Product HNG-X Platforms -- Solaris Host (DAT) (version unspecified) added.
oate:02-Mar-2012 12:16:59 User:Vishnu Ramachandran
Product HNG-X Platforms -- Branch Support Server (BRS) (version unspecified) added.
Jbate:02-Mar-2012 12:17:12 User:Vishnu Ramachandran
product HING-X Platforms -- Network Persistent Store (NPS) (version unspecified) added.
bate
keference Adde
eference Adde:
02-Mar-2012 12:30:01 Uscr:PIT Automated Use
Product Baseline UNIX SUPPORT UTILS 0622 _vo18
Product Baseline UNIX SUPPORT UTILS 0622 V018-v017
bate:02-Mar-2012 12:33:22 User:Vishnu Ramachandran
[Start of Response]
/usr/local/bin/create_db user.sh has been fixed and delivered through baseline UNIX SUPPORT UTILS 0622 _V018-V017.
lan associated LIVE MSC will be raised at the back of this PEAK call to correct access rights of existing SSC support users
[End of Response]
Response code to call type L as Category 48 -- Pending -- Fix Released to PIT
[Date:02-Mar-2012 12:33:37 User:Vishnu Ramachandran
[the Call record has been transferred to the team: Dev-Int-Rel
lDate:02-Mar-2012 16:00:01 User:PIT Automated User
Reference Added: Product Baseline UNIX SUPPORT UTILS 0622 D018-D017
FUJ00089756
FUJ00089756
fbate:08-Mar-2012 12:
[Start of Response]
ssigning to Integrator
[End of Response]
Response code to call type L as Category 48 (Fix Released to PIT)
[fhe incident has been transferred to the Team: Dev-Int-Rel
the incident has been assigned to the Team Member: Rick Carter
4:07 Useribit Automated User
Jbate:08-Mar-2012 12:24:08 User:PIT Automated User
[Start of Response]
peak has been test installed in Integration. Moving to holding stack awaiting release
[End of Response]
Response code to call type L as Category 47 (Fix Processed by PIT)
[the incident has been transferred to the Team: Int-Rel
Date:08-Mar-2012 12:25:44 User:PIT Automated User
[Start of Response]
Fix processed by integration
[Bnd of Response]
Response code to call type 1 as Category 49 (Fix Available for Independent Test)
target Date updated: new value is 10/03/2012 18:30
[the incident has been transferred to the Team: Live Supp.Test
[Date:22-Mar-2012 14:42:41 User:Tyrone Cozens
Reference Added: 0216786
oate:04-Apr-2012 11:32:45 User:Graham Jennings
It am rejecting the peak / baseline on the basis that it changes new users access to a role that does not exist on all databases
(SSC Role does not exist on DWh, NPS, RDDS or RDMC DBs) and that it is changing / recommending removal of something not requested
in the original peak (removal of the general use of APPSUP / DBMONTTOR roles by the SSC). Tt also recommends these changes be
limplemented by MSC for existing SSC users.
lan email chain has been discussing these issues.
atest is that a meeting with Andy Beardmore (Dev/Design), Steve Parker (SSC), Mark Jarosz (Sec Architect) and Donna Munro (Sec
lops Mgr)is being arrange to discuss further. I suggest this peak is frozen until the outcome of the meeting has been decided.
jbate:04-Apr-2012 11:36:08 User:Graham Jennings
[the Call record has been transferred to the team: Hosts-Des
jDate:04-Apr-2012 12:12:17 User:Vishnu Ramachandran
[fhe Call record has been assigned to the Team Member: Andy Beardmore
[Date:05-Oct-2012 14
Reference Added: Rele.
User: Tyrone Cozens
BAK PCO221150
jbate:10-Apr-2013 11:20:18 User:Andy Beardmore
fhe initial motive for this PEAK was to ensure all SSC users had the SSC role assigned to be able to execute the data correction
toolset on BRDB. Initially the SSC users were manually set up incorrectly against the HNG-X BRDB HLD, being given the same
jpermissions as per Horizon, and had too many privileges via the APPSUP role. Host-Dev have delivered the live scripts to ensure
Inew SSC users have the correct permissions, but a follow-on MSC is required to adjust the privileges of existing users. Graham
Jennings rejected this response as the approach is not consistent across the older Horizon DB's. The fact is that HNG-X did not
include this change to these Horizon environments, so I believe this to be a mute point for this PEAK but more of an interest for
Pct and other Audits. As such I am transferring this PEAK to the new security architect Dave Haywood for further consideration of
tidying up any existing SSC users on BRDB with APPSUP role, only to have RESOURCE & SSC roles.
Jbate:10-Apr-2013 11:21:01 User:Andy Beardmore
the Call record has been transferred to the team: Architecture
[fhe Call record has been assigned to the Team Member: Dave Haywood
bate:02-gul-2014 10:05:56 User:Dave Haywood
lAccording to Andy Beardmore's last update, it appears that development have already delivered a fix to apply the correct
jpermissions to users accounts. Given that databases are being replaced as part of Belfast refresh, I assume that when users are
ladded to the new databases, the permissions they are granted by the updated scripts will be correct. Left Andy Beardmore a
foicemail to determine if the above assumption is correct. If it is correct, the call can then be closed on the basis Belfast
Refresh will correct this issue.
ldate:02-dul-2014 11:17:20 User:Dave Haywood
Spoke with Andy Beardmore. Only new users are given the correct permissions. Existing user permissions are copied into the new
builds and hence will not be corrected by Belfast Refresh. Suggest an audit of Live and Test is required to:
h) identify existing AD accounts of Oracle users
2) identify SSC users from (1)
3) run a one-time script (based on the permission scripts already delivered) to set the SSC user permiss
ons correctly
FUJ00089756
FUJ00089756
ihe above activity can be performed under MSC but must be trialled in the Test environment before being changed in hive fo ensure
Ino adverse side-effects are encountered. Given the existing permission change scripts for new users were delivered some years
ago, the probability of the change causing any unforseen issues is thought to be low.
bate: 06-May-2015 09:44:56 User:Dave Haywood
[the Business Impact has been updated:
iH. SSC users affected have more access than is required to database resources. This is contrary to security policy.
2. Cost: There is currently no "cost" to this issue.
3. Perceived Impact: The customer is not aware of this problem or change.
4. Scope: No actual impact/incidents of problems relating to this issue have been experienced yet (and not expected) .
bate:08-Jun-2015 11:04:58 User:Catherine Obeng
[Start of Response]
from DH's updated from 4th-Jul-2014, I am routing this call to UNIX/DBA to carry out the tasks in items 1 and 2 of DH’
recommendations.
could Unix or DBA team please advise if either of your teams is in a position to develop the one-time script to implement the
correct ORACLE user access (item 3).
Please route to TFS FAO: Unix / DBA.
[Bnd of Response]
Ikesponse code to call type L as Category 38 -- Pending -- Potential Problem Identified
Date:08-dun-2015 11:05:11 User:Catherine Obeng
[fhe Call record has been transferred to the team: EDSC
jat¢:08-dun-2015 11:15:41 User:Chad Daborn
the Call record has been assigned to the Team Member: Mark Wright
Date: 09-dun-2015 08:25:26 User:Mark Wright
[Start of Response]
bate: 2015-06-08 11:04:58 User:Catherine Obeng
[Start of Response]
From DH's updated from 4th-Jul-2014, I am routing this call to UNIX/DBA to carry out the tasks in items 1 and 2 of DH's
recommendations.
(could Unix or DBA team please advise if either of your teams is in a position to develop the one-time script to implement the
correct ORACLE user access (item 3).
Please route to T£S FAO: Unix / DBA.
[End of Response]
Response code to call type L as Category 38 -- Pending -- Potential Problem Identified
[End of Response]
Response code to call type L as Category 68 -- Final ~
Routing to Call Logger following Final Progress update.
Administrative Response
jate:09-Jun-2015 08:25:35 User:Mark Wright
CALL PCO208119 closed: Category 68 Type L
Root Cause Design - High Level Design
Logger Mark Wright -- EDSC
Subject Product HNG-X Platforms -- Branch Database Server - Main (BDB) (version unspecified)
Assignee Mark Wright -- EDSC
Last Progress 09-Jun-2015 08:25 -- Mark Wright