Skip to main content
Skip table of contents

migVisor User Creation Scripts Notes

migVisor provides user creation scripts to help speed up the initiation process and to provide clarity and transparency regarding the permissions and access required to run migVisor.

The scripts are provided per DB engine type and should be treated as a recommendation, reviewed, and used at the discretion of the security advisor of the organization.

DB2 LUW

Version

Date

Issue

Note

Doc

100

MIG-20317

Initial user creation script.

Resources

MongoDB

Version

Date

Issue

Note

Doc

101

MIG-4448

Added automation logic to support user creation on MongoDB sharded and replicaset cluster configurations.

100

MIG-3143

Initial user creation script.

Resources

MySQL

Version

Date

Issue

Note

Doc

101

INT-75

Added the following grant statements to prevent potential null results returned by specific EVENT object-type related queries:

  1. GRANT EVENT ON . TO 'mig_user'@'%'

  2. GRANT TRIGGER ON . TO 'mig_user'@'%'

Data Collection

100

-

Added versioning to initial user creation script.

Resources

Oracle

Version

Date

Issue

Note

Doc

103

MIG-7360

Added the following grants to migVisor database user:

  1. SELECT on sys.obj$ - Lists all objects in the database.

  2. SELECT on sys.user$ - Lists all users in the database.

  3. SELECT on sys.procedureinfo$ - Lists all PL/SQL objects in the database.

Data Collection

102

INT-152

Added the SELECT grant statement to the system.logstdby$skip_support view to allow migVisor to exclude Oracle maintained user objects.

101

AP-177

Simplified the user creation script by granting SELECT_CATALOG_ROLE to the mig_user user instead of providing privileges on individual catalog views.

Data Collection

100

-

Added versioning to initial user creation script.

Resources

Oracle CDB Common User

Version

Date

Issue

Note

Doc

101

AP-177

Simplified the user creation script by granting SELECT_CATALOG_ROLE to c##mig_comm_user user instead of providing privileges on individual catalog views.

Data Collection

100

-

Added versioning to initial user creation script.

Resources

PostgreSQL

Version

Date

Issue

Note

Doc

101

INT-34

Modified the permissions of read-only user by adding the following grants:

  1. pg_read_all_settings to mig_user - Reads all configuration variables, even those normally visible only to superusers.

  2. pg_read_all_stats to mig_user - Reads all pg_stat_* views and use various statistics-related extensions, even those normally visible only to superusers.

Data Collection

100

-

Added versioning to initial user creation script.

Resources

SQL Server

Version

Date

Issue

Note

Doc

102

AP-362

Added error handling for read-only databases. Adjusted the script syntax to enable its interaction with SQL Server 2005 sources.

101

AP-232

Simplified the user creation script by granting VIEW SERVER STATE, VIEW ANY DEFINITION and SELECT on dbo.sysaltfiles (SQL Server 2000 only) to mig_user user instead of providing privileges on individual catalog views.

Data Collection

100

-

Added versioning to initial user creation script.

Resources

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close