Security :: Grant Privs To ROLES?
Feb 18, 2013
I am working on the roles and privs. I want to provide the privs on any object to any user through the roles. not a direct grant.I am having 150 users and 50 roles, I want to do this using the script is few strokes. for this I have tried to create a script but I am not able to make that.
For example There is 2 user scott and test
A. test is having select privs on scott.emp.
B. Test is having insert,delete,update privs on scott.emp;
c. DB is having 2 roles
scott_edit - insert,delete,update privs on tables
scott_read - select privs on tables
I want to revoke separate privs from test and want to given only scott_edit and scott_read (which(roles) is having all privs)
View 2 Replies
ADVERTISEMENT
Jan 18, 2012
When I use Forms_ddl('set role My_Role IDENTIFIED BY PWD'); in form's "When-New-From-Instance" to grant a role to a user.
What should I do for the same for a report?
Is there any way to grant roles to a session on the time of connection?
View 6 Replies
View Related
Nov 24, 2010
I am trying to create a script where a user can be granted all the roles that another user has. I created a script:
create user yyyyy identified by zzzz default tablespace ahspace temporary tablespace temp_data;
grant connect to yyyyy;
declare
cursor grantpriv is
select granted_role from dba_role_privs where grantee='xxxxx'; -- existing user
cursor_name integer;
statement varchar2(200);
Begin
cursor_name :=dbms_sql.open_cursor;
[Code]....
View 3 Replies
View Related
Oct 31, 2012
I would like to know what happens when we fire:
grant all on any table to user_name;
and
grant all on table_name to user_name;
Actually I was performing "grant all on table_name to user_name;" to grant the privilege but 1 of my friends suggested "grant all on any table to user_name;"
View 5 Replies
View Related
Feb 24, 2011
How can I list all the roles and privileges of roles in Oracle? Can I get the details of the activities they perform?
View 12 Replies
View Related
Mar 13, 2011
Is it possible to grant a user a percentage amount of a specified tablespace ? for instance granting a user called userx 5% of USERS tablespace. How can I do that ?
View 3 Replies
View Related
Jun 28, 2011
When i try to grant all privilege to a object i get error
SQL> GRANT ALL PRIVILEGES ON tab1 TO PUBLIC;
GRANT ALL PRIVILEGES ON tab1 TO PUBLIC
*
ERROR at line 1:ORA-01929: no privileges to GRANT
how to check the user has privilege to use grant privilege or grant all privileges to object and what privileges exist in ALL PRIVILEGES.
View 5 Replies
View Related
Dec 10, 2010
I am a java developer and would like to install data locally in my computer for testing purpose.
I login as sysdba in sqlplus, created a user.
In the installation documentation it said :
This user should have at least the following privileges.
CREATE TABLE, CREATE VIEW, CREATE PROCEDURE, CREATE PUBLIC SYNONYM, CREATE USER, CREATE ROLE, CREATE SEQUENCE, CREATE SESSION CREATE TRIGGER, AND CREATE TYPE.
If you choose, you can grant DBA role to this user.
Note: Coeus Schema owner should have CREATE USER and ALTER USER right explicitly granted to it, not through a role like DBA.
1)How to grant all this prvileges to that user ?
2)How this user will have CREATE USER and ALTER USER right explicitly granted to it, not through a role like DBA ?
View 5 Replies
View Related
Mar 13, 2006
Developers they use Toad and in that they want to use session browser option so that they can see the SQL running and open Cursor,other session specific details...So what grant/ permissions can be given to them so that the Schema they logged on can access those information.
View 4 Replies
View Related
Jul 9, 2011
grant insert,update,delete,select on staging_tb1 to public;
What is public here? i know something about public user like it is users exist in the database .
View 5 Replies
View Related
Sep 14, 2010
SQL> connect USER/Pass
ERROR:
ORA-28031: maximum of 148 enabled roles exceeded
Getting the error like this..!
SQL> show parameter max_enable
NAME TYPE VALUE
-----------
max_enabled_roles integer 150
SQL> alter system set max_enabled_roles=200 scope=spfile;
[code]....
Still am not able to connect to the db
View 8 Replies
View Related
Jun 17, 2011
There are over 100 objects like tables,procedures,packages,triggers in my database.I am looking for a script/sql which should list out synonyms and grant privs on it.
View 1 Replies
View Related
Mar 18, 2013
I have granted select privs on below tables to an exisiting user.grant select on WEB.ALMSTAT to nms...I would like to view the privs that i have granted to nms user?
*"In production, nms user will need the ability to read the following tables:*
*WEB.ALMSTAT*
*NET.ASSET*
*NET.LOCATIONNAME"*
View 2 Replies
View Related
May 8, 2012
I did an export using the following parfile (see below) I want to import all the objects associated with this schema into another DB but I want don't want to over-write any of the permissions such as grants.
Is there a way I can get the grants into a sql file before I do the import. If so, provide an example.
cat exp_par
DUMPFILE=exp.dmp
LOGFILE=exp.log
DIRECTORY=DBBACKUP
schemas=t1
View 1 Replies
View Related
Feb 27, 2011
I have granted execute, select, insert, update, delete privilege on objects to roles. Now i want to check status. we have around 2000 objects.
Require out put should be like this.
Object_name Object_Type Role_Granted
----------- ----------- ------------
Table1 Table ABC_ROLE
Table2 Table CDE_ROLE
PROCE1 PROCEDURE PROC_ROLE
Func1 FUNCTION FUN_ROLE
View 3 Replies
View Related
Aug 9, 2005
I'm not sure if this belong to this place. move it to the proper place.
I'm having an annoying problem: (I'm not sure if it is a problem)
- In a package body I'm trying to delete/update/insert/select the contents of a table in other schema.
- The respective synonym exists.
- I had created a role with the respective privileges over the synonym.
- I granted the role to the package's owner.
- I try to compile the package, but it keeps returning compilation errors. (Not table found)
- In standard SQL, I can delete/insert/update/select over the table.
- The only way to compile the package, without errors, is to grant the privileges directly to the package's owner.
Is it supposed to work in this way?
View 7 Replies
View Related
Jun 27, 2012
What is meant by Roles and privileges?
View 4 Replies
View Related
May 23, 2013
I am using Oracle9i Enterprise Edition Release 9.2.0.6.0 - 64bit Production.I have a table D_GEOGRAPHY_25729 in RDS schema and I have created a role ACC_D_TABLES logging as ADMIN.
Now I have given GRANT SELECT access for table D_GEOGRAPHY_25729 to role ACC_D_TABLES.
There is another schema TRANS in the same database which has the role ACC_D_TABLES. But after logging in this schema, I am not able to query directly from table D_GEOGRAPHY_25729. I need to use like below to access the table.
select * from RDS.D_GEOGRAPHY_25729 Having the correct role ACC_D_TABLES to TRANS schema, why should I use RDS.D_GEOGRAPHY_25729 ? Is it not possible without prefixing the RDS schema name?
It is possible when I create a public synonym for D_GEOGRAPHY_25729 in RDS schema, but if i do so everyone can access this table.
View 7 Replies
View Related
Feb 12, 2010
i want to get user (dba roles in combo box runt time).i have write down this code in when new form instance.
declare
rg_id recordgroup := find_group('RG') ;
ln_error number ;
begin
if not id_null(rg_id) then
ln_error := populate_group(rg_id) ;
if ln_error = 0 then
populate_list('BLOCK3.T' , rg_id) ;
else
message('Error in Populating Group') ;
end if ;
end if ;
end ;
attached file.when i run it gives the follwoing error. frm-41334-invalid record group.
record group query is: SELECT GRANTED_ROLE FROM DBA_ROLE_PRIVS WHERE GRANTEE='MTSYS'
View 6 Replies
View Related
May 2, 2010
I read that few privilegs can not be granted to roles like 'UNLIMITED TABLESPACE ' and they need to granted to user directly.
1. Is there any reason behind that few privileges cant be granted to roles or is it just oracle design.
2. what kind of privileges cant be assigned to roles.
View 7 Replies
View Related
Dec 18, 2012
I am looking for the below one.SQL for generating roles needs to be spooled by automated script.
View 4 Replies
View Related
May 19, 2011
I want to import schema1 from sourcedb to targetdb. For this I need to generate create sripts and grant scripts for roles related to schema. For example schema1 has role1; rol1 has rol2; rol2 has rol3 and some system privileges and object privileges. How can I generate this script from sourcedb?
View 1 Replies
View Related
Aug 19, 2011
Is there any default way to assign user roles to uses ?
Suppose I want assign to user different roles to different users on views, tables etc.
I wan to implement Access control list & Access request objects (ACL/ARO).
View 7 Replies
View Related
Jan 10, 2012
When I try to drop the roles in dbartisan tool, I get an error saying "Drop DDL for **_***********_ROLE has not been generated because it is a system object", but if i go to sql prompt and say "drop role rolename", it is working. How do I remove the role in dbartisan itself?
View 9 Replies
View Related
Oct 10, 2012
But what I noticed is that user HIEL has a connect role but YONC does not. (Result set is below) Have searched for information but did not find what I was looking for. I did read something about backward compatibility.I'm leaning towards that thought since the other user YONC does not have this role.
Database: 11g R1
SQL> select * from dba_role_privs where grantee in ('YONC', 'HIEL') order by grantee;
GRANTEE GRANTED_ROLE ADM DEF
--------------------------- --------------------------- --- ---
YONC WCAIMS_INQUIRY NO YES
YONC ENDUSER NO YES
HIEL WCAIMS_CSR_ADDR NO YES
[code].........
View 4 Replies
View Related
Apr 18, 2012
I am looking for a query which can select all existing Oracle predefined users and roles from db.I need it because one of my other scripts needs to know a given user name or role is a customised one or a system one.It looks like sys.user$ does not have any column that can be used to distinguish predefined users/roles.
I could find all the list of Oracle predefined users and roles by googling and hardcoded them in a query. I can also collect all the customised users and roles as well. However, I prefer a query which can automatically reports that and minimise the maintenance cost as new names and roles, either Oracle predefined or customised, may come out at anytime.
View 6 Replies
View Related
Jan 22, 2013
I have got single sign on working via the built in LDAP Directory authentication in APEX. But at the moment this is letting everyone who is within AD log inHow can I assign role permissions to each logged in user so some users have an admin role and see certain parts of the application / pages / navigation items while editors and readers have different permissions
And also to restrict access to certain pages within the application
View 3 Replies
View Related
Dec 26, 2012
Any documentation supporting Oracle 11G and Advanced Security stating encryption at rest is FIPS 140-2 compliant?
View 3 Replies
View Related
Nov 16, 2010
Lost Windows password? Forgot Windows password? Your PC was hacked? Therefore, it is a basic step for every Windows users to enhance the security of Windows password. In the networks, it is found that a number of user's passwords are easy to guess. Only the smallest groups are the most security conscious and select passwords that are mixed lowercase and uppercase letters, numbers and punctuation to create cryptic passwords. Adopting strong password is one of the most effective ways to ensure system security. Here are several methods for you to enhance the security of your passwords in Windows 7/2000/XP/Vista and so on. You'd better remember the methods below unless you want to reset Windows password from time to time.
1. Is random password a great password?
A common myth is that totally random passwords like Ht3&e#L%5d@$B are the best passwords. This is not true. While they may be strong passwords, they are usually difficult to remember, slow to type, and sometimes vulnerable to attacks against the password generating algorithm. It is easy to create passwords that are strong but much easier to remember by using a few simple techniques. For example, consider the password "Luck-73@Better?". This password utilizes uppercase and lowercase letters, two numbers, and three symbols. The password is 15 characters long and can be memorized with very little effort. Moreover, this password can be typed very fast. The portion"Luck" and "Better" alternate between left and right-handed keys on the keyboard, improving speed, decreasing typos, and decreasing the chances of someone being able to discover your password by watching you.
2. Create the long Windows password
Although a password may eventually be discovered through some means, it is possible to create a password that cannot be cracked in any reasonable time. If a password is long enough, it will take so long or require so much processing power to crack it. That is essentially the same as being unbreakable (at least for most hackers).
3. Create the Windows password constantly?
This may be good advice for some high-risk passwords, but it is not the best policy for every user. It is frustrating for a user to have to constantly think of and remember new passwords every 30 days. It may be better to focus on stronger passwords and better user awareness rather than limiting password age. A more realistic time for the common user may be 90-120 days.
4. Write down Windows password in a proper place
Sometimes it is necessary for some users losing and forgetting complex passwords easily to write down them somewhere proper. However, it is important to educate users on how to write down passwords properly. Obviously, a sticky note on the monitor is not a good idea, but storing passwords in a safe or even a locked cabinet may be sufficient.
5. 14 characters is the optimal password length
Each character that you add to your password increases the protection. Your passwords should be 8 or more characters in length; 14 characters or longer is the Optimal Password Length. Many systems also support use of the space bar in passwords, so you can create a phrase made of many words. It is not easier to forget and lose, as well as longer than a simple password, and harder to guess.
6. Try not to use the same Windows password for all accounts
Some users always make the same passwords for every account to make it easy to remember. In that case, when any one of them lost, your other information protected by that password will be in danger as well. It is serious to use different passwords for different systems and accounts.
7. Do not use some common words that other users maybe guess
Most of users prefer to use some common words to remember easily, for example, login name, birth date, driver's license, passport number, pets' name and other words contained their personal information someone knows. In that case, your Windows system will not be safe anymore. Moreover, do remember not to use some words spelled backwards, abbreviations, sequences or repeated characters and adjacent letters, such as, asdfgh, 123456, 888888, abcdef and so on.
You can smoothly use your Windows now because the strong and powerful Windows password is created successfully, Certainly, I believe that many users lost Windows password and forgot Windows password, then you need have to reset Windows password or recover Windows password. It is a big problem for plenty of Windows users that how to reset Windows password. how to recover Windows password and they are puzzled by resetting windows password, for instance, reset Windows 7 password, recover password Windows XP, remove Windows Vista password and other operating systems after they create the password with complex letters, numbers and symbols. However, it is unnecessary to worry and it is said that things will eventually sort themselves out. There are many ways to reset forgotten Windows password, including use windows password reset disk and windows password reset software, like Super Windows Password Reset, a professional windows password reset software which could enable you to logon to Windows smoothly without reinstalling system.
View 1 Replies
View Related
Aug 18, 2010
In Sybase, my application was using system tables to perform application login security. Those tables obviously don't exist in Oracle. I am looking for ways to provide the following functionality in an Oracle world:
1. How to determine 'x' days of inactivity based on "last login date"?
2. How to determine when a new user logs in for the first time and force them to change their password?
3. If we need to reset a users password, how can we require the user to change their password?
4. Is there any other option other than storing a user-id/password in the application code for locking a user's account if their account needs to be locked due to inactivity?
5. In the USER_USERS view there is a status column. What the different status's can be?
View 3 Replies
View Related
