Security :: Create Or Modify User Information In OID Using DBMS_LDAP?
Aug 25, 2010
I am trying to create a custom package that creates users as well as modify user information in OID using DBMS_LDAP package. I was able to create the package but I am stuck on specifying the orcladmin password for the procedure DBMS_LDAP.simple_bind_s(my_session,'orcladmin','orcladminpwd');
I need to get the orcladmin password dynamically. Is there a way to achieve this?
We are planning to provide our application users the ability to add new users / modify their own OID information.
I am using Oracle Internet Directory to store user information and OID delegation administratibe services for user entry. An an admin I created a privileges group called admins. Users belonging to this group can create user, delete users, edit users, and edit groups. I created 'User A' and assigned him to the group. Now 'User A' creates 'User B' and assignes him to the group. However when 'User B' creates 'User C' he gets the error [LDAP: error code 50 - Insufficient Access Rights].
This happens even though 'User B' belongs to the admin group which has the privilege to create users.
i have been trying to create a user with full access on default Tablespace so that i can access all the objects without any restrictions for the new user.
I have a database in which a user xxxx is assigned a password 'bbbbb'.I want to change the password to the one which was used before which was 'aaaaa'.But when I change the password it was saying "Password cannot be Reused".So I checked in user profile and found out that password_reuse_time=unlimited and password_reuse_max=5.
So what I did was change the password 6 times to something else(Since it is 5) and then tried changing it to 'aaaaa' but still it is saying "Old password cannot be reused".
I am using 'Novell Sentinel Log Manager' to collect/fetch logs from my Oracle 11g R2.To enable auditing, first I did following:
login as sys, then SQL> create user testuser identified by "testuser"; SQL> grant connect to testuser SQL> grant dba to sharf SQL> grant CREATE SESSION to testuser; SQL> grant select on v_$session to testuser; SQL> grant select on v_$version to testuser; SQL> grant select on SYS.DBA_AUDIT_TRAIL to testuser; SQL> grant select_catalog_role to testuser; SQL> grant select any dictionary to testuser;
Now logon/logof of user 'testuser' are logged , as well as if testuser drops a table or creates a table, its also logged . but when 'testuser' insert a new record, this information does not logged ;( while I need to know exactly what was added SQL> insert into emp (empid, name, salary) values (10002, 'Ron', 6000)
likewise if 'testuser' modify/update an existing record it also does not logged. SQL> update emp set salary=700 where empid=10001;
which sql statements I have to execute to start auditing 'insert' and 'update', so that I know what was added/inserted and exactly what was updated/ changed/modify by user 'testuser'.
I am trying to setup logon/logoff auditing for our databases which reside in 9i and 10G on sun solaris servers. I am asked to turn on auditing sending the audit data to syslog! How exactly do you do that?
I want to know what if any person don't know the password of SYS, can he create password file, becauase i dont know the password of sys users, generally login with '/ as sysdba',
Provide me the script which would track all the users security violations like ... say for example i want to find which users logged in and what he did in database prospective.
We are trying to implement the following security to our database.
As of now, the access rights are same for all the windows users logging into the Oracle application with the same Oracle user Id.
But now, we want to improve our security by granting different levels of rights to the users based on their Network Id even though they use the same Oracle User Id to log into the application.
We are not looking for the users to be identified externally.
(CREATE USER "OPS$ORACLE-BASE.COMTIM_HALL" IDENTIFIED EXTERNALLY; GRANT CONNECT TO "OPS$ORACLE-BASE.COMTIM_HALL"; )
I have created a table A say columns a,b,c,d,E. I have created a application to insert and update and delete rows in to this table.I want to capture when some user inserts , update, delete the rows.
I am new to Oracle APEX, and have a few questions regarding the user information.
I've created a new workspace on my local APEX installation, created some users in the workspace, and divided them into roles as "Managers" and "Employees". I am the only Dev and Admin of the workspace, and the users (Managers and Employees) I have created are viewers.
I'd like to create database tables in the workspace where some field would refer to the user ID of the created user as a foreign key, and their role. Similarly, I'd like to create pages where a particular region is displayed only if the logged in user is a "Manager". How can I access the user data and the role data using SQL?
I see following tables in my workspace, so which table contains the user information:
I have a trigger program to track updated information's on perks column. I am failing to finish systime in my trigger program.
SQL> desc user_track; Name Null? Type ----------------------------------------- -------- ---------------------------- EID NUMBER ENAME VARCHAR2(15) OLD_PERKS NUMBER NEW_PERKS NUMBER UNAME VARCHAR2(15) ACTION_DATE DATE ACTION_TIME DATE
SQL> create or replace trigger tri_track 2 After UPDATE ON EMP 3 FOR EACH ROW 4 BEGIN 5 insert into user_track(EID,ENAME,OLD_PERKS,NEW_PERKS ,UNAME,ACTION_DATE,ACTION_TME) values 6 (:old.eid, :old.ename , :old.perks, :new.perks,user, sysdate, to_char(sysdate , 'HH24:MI:SS') 7 from dual; 8 end; 9 /
User A contains tables, views, LOB's, types, procedures, triggers, sequences, indexes, synonyms. User B wants to have read-only privilege on the objects of User A.
I can provide select on privilege on tables and views. How about providing read-only privileges to other objects?
I have enabled Auditing in my oracle Database but I am not able to see any database for the operations of sys user or any other user in my "SYS.AUD$" and "SYS.FGA_LOG$" tables.
Value for the parameter "AUDIT_TRAIL" is set to "db,extended".
I am working as "SYS" user and I have shutdown and again startup the database but neither there was any information in both the tables nor I can see any files at the destination specified by "AUDIT_FILE_DEST".
CREATE OR REPLACE TRIGGER TRIGGER1 BEFORE INSERT ON table1 FOR EACH ROW
[code]......
Here , I Want To Insert The Data From My User To Test User . In This Situation When I Execute The Above Trigger It Shows The Error PL/SQL: ORA-00942: table or view does not exist
Quote: SESSIONS_PER_USER Each instance maintains its own SESSIONS_PER_USER count. If SESSIONS_PER_USER is set to 1 for a user, the user can log on to the database more than once as long as each connection is from a different instance.
[URL].....
Of course the following is not working even when resource_limit is TRUE
ALTER PROFILE DEFAULT LIMIT SESSIONS_PER_USER 2;
How can I restrict a user to have limited sessions say 2 sessions across 4 node cluster? Presently I am checking the sessions logged in using sql+ and no connection pooling of front end etc. is involved.
The application user owns the application schema which owns all the database objects in this schema. Now 50 of our developers need access to this application schema but giving away the password for the application user is risk as "Drop user application cascade" and wipe off all the objects. The option i have is to create 50 separate users with tablespace as application and grant all rights to application schema.
How to know what object/tab privileged a user have ? without connecting that user and using USER_TAB_PRIVS by connecting on that user I mean on DBA table .
I need to create PROCEDURE to create user in oracle
CREATE OR REPLACE PROCEDURE "CREATE_USER_ORACLE8" ( USER_ID in VARCHAR2, PASSWORD in VARCHAR2, ROLES in VARCHAR2, nReturnCode OUT NUMBER ) BEGIN [code].......
Compilation errors for PROCEDURE NOG.CREATE_USER_ORACLE8
Error: PLS-00103: Encountered the symbol "BEGIN" when expecting one of the following:
; is with authid deterministic parallel_enable as Line: 9 Text: BEGIN
i want that the customer execute PROCEDURE (user_id,password,PROCEDURE )
