SOT
    • Introduction
    • Release notes
      • 2025.03.00
        • RC2
        • RC1
      • 2025.02.01
        • SP10
        • SP9
        • SP8
        • SP7
        • SP6
        • SP5
        • SP3
        • SP2
        • SP1
      • 2025.02.00
        • SP25
        • SP24
        • SP23
        • SP22
        • SP21
        • SP20
        • SP19
        • SP18
        • SP17
        • SP16
        • SP15
        • SP14
        • SP13
        • SP12
        • SP11
        • SP10
        • SP9
        • SP8
        • SP7
        • SP6
        • SP5
        • SP4
        • SP3
        • SP2
        • SP1
    • Getting started
      • Getting access
      • Login
      • Main screen
      • Welcome dashboard
      • Detecting process anomalies
      • Analyzing data and detecting event sequences
      • Analyzing KPIs
    • How-tos
      • Monitors on production lines
        • Configuring the automatic login in the Smart Operations Toolkit
        • Configuring the automatic login to the identity provider with the Windows user
        • Setting cookies in the browser
        • Configuring the automatic logout in the Smart Operations Toolkit
        • Configuring the command line parameters in the browser
        • Known limitations and troubleshooting
      • Try out the APIs
    • Integration guide
      • Underlying concepts
        • Underlying concepts
        • Onboarding
        • Security
        • Communication
      • Integration journey
      • Example integrations
        • Node-RED
        • Power BI
      • Overview of APIs
    • Operations manual
      • Release
      • System architecture and interfaces
      • System requirements
        • Cluster requirements
        • Database requirements
        • Support for service meshes
      • Migration from previous SOT versions
      • Setup and configuration
        • Deployment process
        • Deployment with Helm
        • Advanced configuration
        • Integrations with external secret management solutions
        • Context paths
        • Service accounts and authorizations
        • Validation tests
        • Setup click once
        • Database user setup and configuration
      • Start and shutdown
      • Regular operations
        • User management & authentication
        • How to add additional tenants
        • How to access the cluster and pods
        • Automatic module role assignments in customer tenants
        • User credentials rotation - database and messaging secrets
      • Failure handling
        • Failure handling guidelines
        • Ansible operator troubleshooting
        • How to reach BCI for unresolved issues
      • Backup and restore
      • Logging and monitoring
        • The concept and conventions
        • ELK stack
        • ELK configurations aspects for beats
        • Proxy setup for ELK
        • Health endpoints configurations
      • Known limitations
      • Supporting functions
      • Security recommendations
        • Kubernetes
        • Security Best Practices for Databases
        • Certificates
        • Threat detection tools
    • Infrastructure manual
      • Release
      • System architecture and interfaces
        • RabbitMQ version support
      • System requirements
      • Migration from previous SOT infrastructure versions
      • Setup and configuration
        • Deployment process of the SOT infrastructure Helm chart
        • Deployment with Helm
      • Start and shutdown
      • Regular operations
        • RabbitMQ
          • User management & authentication
          • Disk size change
          • Upgrade performance with high performant disk type
          • Pod management policy
      • Failure handling
        • Connection failures
        • Data safety on the RabbitMQ side
        • Fix RabbitMQ cluster partitions
        • Delete unsynchronized RabbitMQ queues
        • How to reach BCI for unresolved issues
      • Backup and restore
      • Logging and monitoring
      • Known limitations
    • Training
    • Glossary
    • Further information and contact
Smart Operations Toolkit
  • Smart Operations Toolkit
    • Deviation Processor
    • Multitenant Access Control
    • Notification Service
    • Ticket Management
    • Web Portal
  • Shopfloor Management
    • Andon Live
    • KPI Reporting
    • Operational Routines
    • Shift Book
    • Shopfloor Management Administration
  • Product & Quality
    • Process Quality
    • AI Services
  • Machine & Equipment
    • Condition Monitoring
    • Device Portal
  • Enterprise & Shopfloor Integration
    • Information Router
    • Master Data Management

SOT Learning Portal

  • Smart Operations Toolkit
  • Operations manual
  • Setup and configuration
  • Database user setup and configuration

Database user setup and configuration

In general, the database users for external databases must be provided by an operator. The details about the database users and privileges that are required for each module can be found in the module’s operations manual.

Oracle privileges

The following three predefined SOT roles for Oracle each contain a set of privileges. The operator can decide, if he wants to use these Oracle roles to easily assign the permissions to the Oracle users for each module. Alternatively, the users need to have the respective privileges assigned directly. The required SOT roles for Oracle for each module user are documented in the respective Module Operations Manual and they are part of the helm chart of each module.

NEXEED_BASIC_ROLE

This role consists of the following privileges:

  • ALTER SESSION

  • CREATE PROCEDURE

  • CREATE SEQUENCE

  • CREATE SESSION

  • CREATE TABLE

  • CREATE TRIGGER

  • CREATE VIEW

  • CREATE SYNONYM

NEXEED_EXTENDED_ROLE

This role consists of the following privileges:

  • CREATE CLUSTER

  • CREATE DATABASE LINK

  • CREATE INDEXTYPE

  • CREATE JOB

  • CREATE MATERIALIZED VIEW

  • CREATE OPERATOR

  • CREATE SNAPSHOT

  • CREATE TYPE

  • DEBUG CONNECT SESSION

  • EXECUTE ON SYS.DBMS_CRYPTO

  • EXECUTE ON SYS.DBMS_SCHEDULER

  • QUERY REWRITE

  • EXECUTE ON DBMS_LOB

  • EXECUTE ON DBMS_SESSION

NEXEED_MONITORING_ROLE

This role consists of the following privileges:

  • SELECT ON DBA_DATA_FILES

  • SELECT ON DBA_FREE_SPACE

  • SELECT ON SYS.V_$PARAMETER

  • SELECT ON SYS.V_$PROCESS

  • SELECT ON SYS.V_$SESSION

  • SELECT ON SYS.V_$SESSTAT

  • SELECT ON V_$SQL

  • SELECT ON SYS.V_$SQL_PLAN

  • SELECT ON SYS.V_$SQL_PLAN_STATISTICS_ALL

  • SELECT ON SYS.V_$STATNAME

  • SELECT ON DBA_TEMP_FILES

MSSQL privileges

The required privileges for an MSSQL user for each SOT module are defined in the respective SOT operations manual. If it is not defined otherwise, the user requires DBO permissions on the database.

Contents

© Robert Bosch Manufacturing Solutions GmbH 2023-2026, all rights reserved

Changelog Corporate information Legal notice Data protection notice Third party licenses