I want to change the DEFAULT_ROLE column to NO for following user 'P10_DEMO'.
SQL> show user
USER is "BALA"
SQL>
SQL>
SQL> select name from v$database;
[code]...
how to do this ?
I switch to Oracle11g express and create user
CREATE USER LEO
IDENTIFIED BY xy
DEFAULT TABLESPACE USERS
TEMPORARY TABLESPACE TEMP
PROFILE DEFAULT
[code]...
and after login i check
select * from SESSION_ROLES
and i have none role if I set role all works fine. Why I doesn't have DEFAULT ROLE after login.
i have been trying to create a user with full access on default Tablespace so that i can access all the objects without any restrictions for the new user.
View 7 Replies View RelatedIs there any Role where 'exp_full_database' role is contained in it? or it is compulsory to grant to the user for exporting objects.,
View 2 Replies View RelatedWe have enable the alter log for audit purpose so the password will be display in the log which is not security. I try to use "password" to change password but very user got the error below.
SQL> password
Changing password for RUDEE
Old password:
New password:
Retype new password:
ERROR:
ORA-00604: error occurred at recursive SQL level 1
ORA-20014: -6502 ORA-06502: PL/SQL: numeric or value error
ORA-06512: at line 27
Password unchanged
When i try to change the user account password, i get following error.
alter user bala
identified by Ju4hlsd2;
ERROR at line 1:
ORA-20178: ORA-20176: ORA-28003: password verification for the specified password failed
ORA-20007: Password cannot consist of sequences of 3+ characters from the userid
how to set the password based on the error.
I have created and role in my database and assign privileges as per following query.
Select 'Grant select on'||' user.'||object_name||' '||'to MyRole ;' from all_objects
where object_type in ('TABLE','VIEW')
and owner='username';
After granting role to new user everything work fine.I want to know a way to sync role with any newly created object.
Should I create a job that may execute above sql store results in a file and then execute to ensure all privileges are up to date for role or there any other optimal way exist ?
Direct me on step by step to create secure menu based on roles.
View 2 Replies View RelatedWhen i try to grant role to user , i get following error.
SQL>
SQL> GRANT MAINTAIN_TEO TO CEE_WIRELINE;
GRANT MAINTAIN_TEO TO CEE_WIRELINE
*
ERROR at line 1:
ORA-01932: ADMIN option not granted for role 'MAINTAIN_TEO'
SQL>
I have successfully set up a (test) environment for single-instance Grid Infrastructure and Oracle database using job role separation. So I have the recommended grid and oracle users, and the oinstall, dba, oper, asmadmin, asmdba and asmoper groups. I have the following directory structure for my Oracle Bases and Oracle Homes:
/u01/app/11.2.0/grid - GI home
/u01/app/grid - GI base
/u01/app/oracle - DB base
/u01/app/oracle/product/11.2.0/db_1 - DB home
Platform is OEL5, 11.2.0.1 GI and DB.
This all works fine.
What I now want to do (since what I'm trying to do is make this environment as secure as practical) is set up an additional sysoper operating system account, so that that user can connect to carry out sysoper tasks, amongst other things stopping and starting the instance.
So (as the oracle user) I do the following:
$ sqlplus / as sysdba
SQL> create user test identified by passwrod;
SQL> grant sysoper to test;
SQL> exit
As root I do the following:
$ useradd -g oper testoper
$ su - testoper
Now as testoper:
$ sqlplus 'test/password as sysoper'
SQL> shutdown immediate
Database closed.
Database dismounted.
ORACLE instance shut down.
[code].........
As you can see, shutdown works, but startup doesn't. I have registered an SR with Oracle on this, but they're not being useful. The suggestion was that I should give testoper the to install secondary group. But this is not a secure solution as this now gives testoper privileges to do things in OB / OH that it really shouldn't be able to do. No other suggestions have been forthcoming. The reason for the suggestion however is the ownership / permissions on the Grid OH oracle executable:
[root@db03 ~]# ls -la /u01/app/11.2.0/grid/bin/oracle
-rwsr-s--x 1 grid oinstall 184286237 Aug 22 11:15 /u01/app/11.2.0/grid/bin/oracle
As you can see, it has group oinstall, so you can see why giving the user oinstall group would work. But in my view this is not satisfactory.
One thing that occurred to me is that in this environment I should arguably in fact be using srvctl to stop / start instances. But that means setting up a user with asmoper role (presumably) rather than oper. That user would then (again presumable) be able to stop and start other GI resources, which is not what I want.
I just created a role as
CREATE ROLE XXXX;
Then tried to grant a privilege, but getting error as below:
grant alter on schema.table_name to XXXX;
ORA-01917: user or role 'MACH_ALTER_ROAMXDB' does not exist
we have certain users have DBA role assigned. of course they can delete records from sys.aud$.
we are trying to make this go away. we found that in DBA role, there is a role called DELETE_CATALOG_ROLE controls this. if we revoke this role from DBA role, user no longer able to delete records from sys.aud$ but the problem is as a powerful user who has DBA role, they can always grant this back to DBA role, or grant delete from sys.aud$ table directly to themself.
can we create a second role which just like DBA role, but with less privileges?
how to create menu with submenu according to user,
For Example :
Menu1 have got 02 SubMenu :
SubMenu1 just user1 see.
SubMenu2 just for user2.
And user3 could access SubMenu1 and SubMenu2.
I have a role in my Oracle 10g instance like below:
GRANT ALTER USER TO <role_name> WITH ADMIN OPTION;
And this works fine for any user who has:
GRANT <role_name> TO <user>;
What I need is to limit <user> to only have the ALTER USER privilege to a set of users. Preferrably where the set of users are identified by a column value in a table, something like:
WHERE PeopleTable.InList = "YES"
Or maybe where set of users are defined by their membership in another role.
GRANT ALTER USER TO <role_name> FOR USERS IN MEMBERS_LIST_ROLE;
Provide me the script which would track all the users security violations like ... say for example i want to find which users logged in and what he did in database prospective.
View 1 Replies View RelatedHow datafile is created with 640 file permission by oracle software.(I know for security reasons it is created with 640 permission)
example:
-rw-r----- 1 orasd dba 104865792 Mar 15 01:17 users01.dbf
I want to change the datafile permission as below. how to change the default value of the datafiles permission from (640) to (644) internally while creating the datafile from oracle side.
example:
-rw-r--r-- 1 orasd dba 104865792 Mar 15 01:17 users01.dbf
I want to know about that is it possible to change the default label that i.e. "oracle As form service" after run a form.
View 4 Replies View RelatedWe are trying to implement the following security to our database.
As of now, the access rights are same for all the windows users logging into the Oracle application with the same Oracle user Id.
But now, we want to improve our security by granting different levels of rights to the users based on their Network Id even though they use the same Oracle User Id to log into the application.
We are not looking for the users to be identified externally.
(CREATE USER "OPS$ORACLE-BASE.COMTIM_HALL" IDENTIFIED EXTERNALLY;
GRANT CONNECT TO "OPS$ORACLE-BASE.COMTIM_HALL";
)
We have the database user called c88888 and is locked yesterday. I came to this with the following query.
select * from dba_users where username like 'C88888';
Due to invalid password the user was locked. Can we track who hit the database with the wrong password?
As per the bellow the default XML storage has been changed in 11gr2.
docs.oracle.com/cd/E11882_01/appdev.112/e10492/whatsnew.htm
Quote:
Oracle Database 11g Release 2 (11.2.0.2) New Features in Oracle XML DB
The following Oracle XML DB features are new in Oracle Database 11g Release 2 (11.2.0.2).
Default Storage Model for XMLType
The default XMLType storage model is used if you do not specify a storage model when you create an XMLType table or column. Prior to Oracle Database 11g Release 2 (11.2.0.2), unstructured (CLOB) storage was used by default. The default storage model is now binary XML storage.
We have a application which works fine on r1 but not on r2 due to this change, we are going to investigate resolving the issue on the application in the future, in the mean time we need to be able to use the CLOB storage.
Does any one know where we can change this functionality back to the pre 11gR2 change?
How can I change the default runtime logo in forms 6i.
View 1 Replies View RelatedThe Background colour of the canvas is "gray" i want to change it to default.
View 4 Replies View Relatedby default backup area is FRA, It can be change by db_recovery_file_dest FRA contains archivelog ,backupset,datafile,onlinelog folders..
NOW, i specially want to change backup dest. of archvelog to C: (suppose i have C , D, E, F , G) - (i know for archivelogs its log_archive_dest_N command can backup copies to other location but it also goes to default FRA )
backupset to D:
datafile to E:
onlinelog to F:
controlfile to G:
ALL SHOULD CONTAIN ONLY 1 DESTINATION NOT 2 FOR BACKUPS
I have a table called cust_file, his table consists of a lot of columns (one of these columns called cus_tax) and have a lot of data,I use oracle 11g, I want to change the default value of the column cus_tax to be equal 1, I wrote
ALTER TABLE cust_file MODIFY(cus_tax DEFAULT 1); table alteredbut
after I inserted new data to test the operation, I found that the new record has a value
= null for the column cus_taxthen
I tested using the following query select
data_default from all_tab_columns where table_name='CUST_FILE' and column_name='CUS_TAX'; no rows selected...
Change the default value of the column cus_tax.
User A contains tables, views, LOB's, types, procedures, triggers, sequences, indexes, synonyms. User B wants to have read-only privilege on the objects of User A.
I can provide select on privilege on tables and views. How about providing read-only privileges to other objects?
I have enabled Auditing in my oracle Database but I am not able to see any database for the operations of sys user or any other user in my "SYS.AUD$" and "SYS.FGA_LOG$" tables.
Value for the parameter "AUDIT_TRAIL" is set to "db,extended".
I am working as "SYS" user and I have shutdown and again startup the database but neither there was any information in both the tables nor I can see any files at the destination specified by "AUDIT_FILE_DEST".
i am trying to chnage the default port number of listener but facing problems in instance registration. i did as follows:
1. stop the listener as lsnrctl stop (default listener).
2. chnage the listener.ora and tnsnames.ora with desire port numbers (1526) as follows:-
[code]
LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
[code]...
but i didnt get the reason of aforsaid error and my instance is not registering
I need query to retrive the default tablespace of the current user, when the user is not a dba, i.e. user doesn't have access to dba_users table.
View 2 Replies View RelatedI am a new to Oracle, Installed Oracle 11g express edition. Also I had installed Oralce SQL Developer tool but i don't know the user name and password to connect.
what is my default instance? what is my default user name and password? How to connect ?
A question about the WMSYS user that comes with the default installation :
I've locked it because it has the DBA role. The question is :Will this impact the database?