I just created a role as
CREATE ROLE XXXX;
Then tried to grant a privilege, but getting error as below:
grant alter on schema.table_name to XXXX;
ORA-01917: user or role 'MACH_ALTER_ROAMXDB' does not exist
we have certain users have DBA role assigned. of course they can delete records from sys.aud$.
we are trying to make this go away. we found that in DBA role, there is a role called DELETE_CATALOG_ROLE controls this. if we revoke this role from DBA role, user no longer able to delete records from sys.aud$ but the problem is as a powerful user who has DBA role, they can always grant this back to DBA role, or grant delete from sys.aud$ table directly to themself.
can we create a second role which just like DBA role, but with less privileges?
how to create menu with submenu according to user,
For Example :
Menu1 have got 02 SubMenu :
SubMenu1 just user1 see.
SubMenu2 just for user2.
And user3 could access SubMenu1 and SubMenu2.
I want to change the DEFAULT_ROLE column to NO for following user 'P10_DEMO'.
SQL> show user
USER is "BALA"
SQL>
SQL>
SQL> select name from v$database;
[code]...
how to do this ?
I have a role in my Oracle 10g instance like below:
GRANT ALTER USER TO <role_name> WITH ADMIN OPTION;
And this works fine for any user who has:
GRANT <role_name> TO <user>;
What I need is to limit <user> to only have the ALTER USER privilege to a set of users. Preferrably where the set of users are identified by a column value in a table, something like:
WHERE PeopleTable.InList = "YES"
Or maybe where set of users are defined by their membership in another role.
GRANT ALTER USER TO <role_name> FOR USERS IN MEMBERS_LIST_ROLE;
I switch to Oracle11g express and create user
CREATE USER LEO
IDENTIFIED BY xy
DEFAULT TABLESPACE USERS
TEMPORARY TABLESPACE TEMP
PROFILE DEFAULT
[code]...
and after login i check
select * from SESSION_ROLES
and i have none role if I set role all works fine. Why I doesn't have DEFAULT ROLE after login.
In Oracle11g (R1 and R2) we can create the user in +ASM instance just like normal oracle database. But If the user already exist I get an error
CREATE USER test IDENTIFIED BY test
*
ERROR at line 1:
ORA-01920: user name 'TEST' conflicts with another user or role name
So, I would like to know if there is any data dictionary view which can tell me if the user already exist or not.
I have two tables.
First one is
STAFF
======
STAFFNUM NAME
======== ====
1 A
2 B
3 C
SUBJECT
=======
SUBCODE SUBNAME LECTURER
======= ======= ========
A1 ABC 1
A2 EFG 2
A3 HIJ 1
I did the following query
SELECT STAFF.STAFFNUM, STAFF.NAME, SUBJECT.LECTURER
FROM STAFF,SUBJECT
WHERE STAFF.STAFFNUM NOT IN SUBJECT.LECTURER
It will show me..
B and C is not teaching A1.
A and C is not Teaching A2.
B and C is not teaching A3.
This is not what I want.
What I want is to show who is not teaching any subjects.So the expected result is only C coming out.
I'm trying to move a complete tablespace with all associated schemas/users and data.
The command that I'm using is as follows:
impdp DP_USER/DP_USER directory=datapumps network_link=backup tablespaces=SDE
DP_USER has the IMP/EXP_FULL_DATABASE, as does the target of the database link.
The error that I get is the following:
Processing object type TABLE_EXPORT/TABLE/TABLE
ORA-39083: Object type TABLE:"SDE"."VERSION" failed to create with error:
ORA-01918: user 'SDE' does not exist
The SDE tablespace has objects from the SDE schema, but the SDE schema does not seem to be created along with the tablespace. How do I cause it to be?
I am importing a dump into 11g Database, the dump taken from Old Financial release 6 [EBIZ]
i given this command:
IMP FILE=EXPDUMP.DMP BUFFER=524288000 FULL=Y IGNORE=Y
Import user system and password given...
Once its started and getting error
+"ALTER USER "PERFUSER" QUOTA UNLIMITED ON "OTHERD""+
IMP-00003: ORACLE error 1918 encountered
ORA-01918: user 'PERFUSER' does not exist
[Code]....
what is the wrong,,
I have created all the data files same like Old Database. so while importing All the USERs will created, if its correct then why this "*ORA-01435 : User does not exist*" coming...
Is there any Role where 'exp_full_database' role is contained in it? or it is compulsory to grant to the user for exporting objects.,
View 2 Replies View RelatedIm facing the problem whenever I try to drop a user. Following thing that I m trying..
system@vahan> drop user knp cascade;
Error at line 1:
ORA-00604: error occured at recursive SQL level 1
ORA-00942: table or view does not exist
ORA-06512: at line 7
But what I noticed is that user HIEL has a connect role but YONC does not. (Result set is below) Have searched for information but did not find what I was looking for. I did read something about backward compatibility.I'm leaning towards that thought since the other user YONC does not have this role.
Database: 11g R1
SQL> select * from dba_role_privs where grantee in ('YONC', 'HIEL') order by grantee;
GRANTEE GRANTED_ROLE ADM DEF
--------------------------- --------------------------- --- ---
YONC WCAIMS_INQUIRY NO YES
YONC ENDUSER NO YES
HIEL WCAIMS_CSR_ADDR NO YES
[code].........
i have user with the name 'Rob' and this user has been assigned a role 'MY_SRC_ROLE' . I developed a table under rob schema and granted access to this table via role GRANT DELETE, INSERT, SELECT, UPDATE ON rob.emp TO MY_ SRC_ ROLE; I have 100 more users & they have been granted this role 'MY_SRC_ROLE'. These 100 users can now access emp table via Role 'MY_SRC_ROLE' without any issues. Now i took a datapump export & performed datapump import on target server which is also HP Unix with 11.20.3 .
On target server i have user 'JACK' and a role called 'MY_WORK_ROLE'. 5000 users have been granted 'MY_ WORK_ ROLE' on this server. I have used remap tablespace clause & remap schema clause in datapump import script. Once i performed an import , due to schema remap , i can see JACK now owns table 'emp', however grants are still not there, I tried searching on Google & oracle documentation, if somehow we can remap ROLE GRANTS also while doing datapump imp, but i couldn't find supporting syntax. can i assume datapump import is not capable to handle this particular scenario ? I was able to do it by manipulating sqlfile and replacing role name in that but i am looking for a sol. within datapump itself. how can grants assigned to ROLE 'X' be transferred to 'Role Y' via datapump import.
is there a way to create a role just like DBA role?
View 6 Replies View RelatedCan i user exist when cursor will using For Cursor .
View 15 Replies View Relatedwhat is the role of SGA and PGA in oracle . And want kind of functionality they provide the oracle. i not understand what is system global Area and Program global Area (SGA and PGA).
View 7 Replies View RelatedIf iam create a new role in scott/tiger user why not creating. can any one explan me.
SQL> create role test_role;
create role test_role
*
ERROR at line 1: ORA-01031: insufficient privileges
How can i find out or list all the privileges that were given to a role with sqlplus cmd?
View 2 Replies View RelatedI have a stored procedure which when executed creates a user and grants some roles to the user and also makes certain roles DEFAULT using "alter user"
The issue comes when i execute the procedure.
I have a User who has a role and this role has the "alter user" privilege, for example lets say that the user1 has the role ABC, and role ABC has the "alter user" privilege.
SQL> grant alter user to ABC;
Grant succeeded.
SQL> grant ABC to user1;
Grant succeeded.
Now, when i run the stored procedure as the user1, it gives me an error on a line saying "insufficient privileges", when i check the line, its this line:
alter user user1 DEFAULT ROLE "ROLE1", "ROLE2"
But as far as i know the user1 has the "alter user" privilege
I want to make those two roles ROLE1, ROLE2 DEFAULT because i don't want the other roles ROLE3,ROLE4 to be default, as you know if there are many roles and if we alter user with default for certain roles other roles become DEFAULT=NO.
So i get the error at "alter user" statement though the user has the "alter user" privilege, what do you think might be wrong?
OR is there anyway to grant roles to the user with default=NO option?
I have created a role, when i try to grant privilege to that role, it give me insufficient privilege error. After granting privileges to this role, i have to grant this role to other. what type of privileges should i have.
Create Role cb_select;
Grant select on atable to cb_select; (Got error)
I have a role R.I want to see what privileges have been granted to this Role R. Where should i query?
Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit ProductionPL/SQL Release 11.2.0.3.0 - Production"CORE 11.2.0.3.0 Production"TNS for Solaris: Version 11.2.0.3.0 - ProductionNLSRTL Version 11.2.0.3.0 - Production
I am trying to find out what is the minimum Oracle User Role required for the GetSchema command to work using ODP.NET and the Oracle.DataAccess library.
Dim cn As New OracleConnection(ConnectionString) 'Oracle.DataAccess.Client.OracleConnection Return cn.GetSchema("Tables")
How CONNECT Role in oracle works.
I have my schema "SchemaABC" with ROLES created as CONNECT and RESOURCE. Also it doesn't have DBA role (to say).
SQL> Select * from User_Role_Privs;
USERNAME GRANTED_ROLE ADMIN_OPTION DEFAULT_ROLE OS_GRANTED
------------------------------ ------------------------------ ------------ ------------ ----------
SCHEMAABC CONNECT NO YES NO
SCHEMAABC RESOURCE NO YES NO
SQL>Currently we are able connect to this schema through code as well as from PL/SQL Developer. And uses it for all coding purposes like Create, Insert, Update, Stored Procedures, functions, triggers etc.
Now my question is, can this schema be changed to a role/privilege where all the above said activities can be done through code, but not from PL/SQL developer (making it to Read-only)? Yet, I will be using the same schema Name in code as well to connect from PL/SQL Developer.
I understand Connect role has big share in this. But if I remove the connect privilege(role), then will that work when I connect to it through code?
By using GNS with sub-domain ,we will get dynamic allocation of VIP's & Scan IP from DNS sub-domain. This makes easier addition & deletion of nodes in the cluster. But I have few doubt in GNS configuration without sub-domain.
In this configuration just GNS vip entry to be made in DNS to install Oracle 12C RAC with ASM flex.
1. What is the role of GNS vip without subdomain?
2. What is the necessity of GNS vip with ASM flex installation.
A Package cannot query a table that the package owner has permission to query via a role specifically:
There are schema_1 and schema_2
schema_1 owns package_1
schema_1 has select, update, insert on schema_2 via role_1
schema_1 CAN query schema_2
package_1 cannot access schema_2
(288/22 PL/SQL: ORA-00942: table or view does not exist)
How can this be resolved?
I am observing a strange behavior for the ROLES:
The DBA granted the RESOURCE role for my user USER1:
GRANT RESOURCE TO USER1;
The USER1 logged and activated the role RESOURCE.
CONN USER1/USER1
SET ROLE RESOURCE;
... it has some privileges in database ( UNLIMITED TABLESPACE for example that grant to him create table in any tablespace).
Now I created a new tablespace, but the user1 cannot use this new tablespace.So I will to revoke the RESOURCE for the USER1:REVOKE RESOURCE TO USER1;
It seems ok, but the user USER1 can still create tables in the new tablespace.I repared that UNLIMITED TABLESPACE still active, and the REVOKE RESOURCE just will have effect in the next LOGON of the USER1.
How can I REVOKE the ROLE and disable all the privileges from it immediately?
I want to find role dependency on another role.
1. If its a basic role (made of priviliges), what data dictionary view I should query?
2. If the role is made of some other role and additional priviliges, what query I should fire to find that?
3. Role is granted to which users?
Oracle Database 11g Enterprise Edition Release 11.1.0.6.0 - 64bit Production
PL/SQL Release 11.1.0.6.0 - Production
"CORE 11.1.0.6.0 Production"
Is there a way to grant EXECUTE on a group of procedures/functions/packages to a particular role , in a single statement ? Or we have to do it one by one... like
GRANT EXECUTE on event_main to role1,
GRANT EXECUTE on event_main2 to role1,
GRANT EXECUTE on event_main3 to role1,
I have a role mfg_grp .I want to know, to whom the role is granted and which objects and which privileges on those objects are assigned to this role.
View 4 Replies View Related