Security :: ORA-01932 - ADMIN Option Not Granted For Role

Aug 23, 2011

When i try to grant role to user , i get following error.

SQL>
SQL> GRANT MAINTAIN_TEO TO CEE_WIRELINE;
GRANT MAINTAIN_TEO TO CEE_WIRELINE
*
ERROR at line 1:
ORA-01932: ADMIN option not granted for role 'MAINTAIN_TEO'
SQL>

View 1 Replies


ADVERTISEMENT

PL/SQL Package Can't See Tables Granted Via Role

Mar 12, 2010

A Package cannot query a table that the package owner has permission to query via a role specifically:

There are schema_1 and schema_2

schema_1 owns package_1
schema_1 has select, update, insert on schema_2 via role_1
schema_1 CAN query schema_2
package_1 cannot access schema_2

(288/22 PL/SQL: ORA-00942: table or view does not exist)

How can this be resolved?

View 6 Replies View Related

Security :: Any Role Where Exp_full_database Role Is Contained In It?

Aug 13, 2013

Is there any Role where 'exp_full_database' role is contained in it? or it is compulsory to grant to the user for exporting objects.,

View 2 Replies View Related

Security Role And Auto Permissions

May 13, 2013

I have created and role in my database and assign privileges as per following query.

Select 'Grant select on'||' user.'||object_name||' '||'to MyRole ;' from all_objects
where object_type in ('TABLE','VIEW')
and owner='username';

After granting role to new user everything work fine.I want to know a way to sync role with any newly created object.

Should I create a job that may execute above sql store results in a file and then execute to ensure all privileges are up to date for role or there any other optimal way exist ?

View 4 Replies View Related

Security :: How To Change DEFAULT-ROLE Of A User

Jul 13, 2011

I want to change the DEFAULT_ROLE column to NO for following user 'P10_DEMO'.

SQL> show user
USER is "BALA"
SQL>
SQL>
SQL> select name from v$database;

[code]...

how to do this ?

View 8 Replies View Related

Forms :: Role Based Menu Security

May 2, 2010

Direct me on step by step to create secure menu based on roles.

View 2 Replies View Related

Security :: Additional Sysoper In Job Role Separation Environment

Aug 24, 2012

I have successfully set up a (test) environment for single-instance Grid Infrastructure and Oracle database using job role separation. So I have the recommended grid and oracle users, and the oinstall, dba, oper, asmadmin, asmdba and asmoper groups. I have the following directory structure for my Oracle Bases and Oracle Homes:

/u01/app/11.2.0/grid - GI home
/u01/app/grid - GI base
/u01/app/oracle - DB base
/u01/app/oracle/product/11.2.0/db_1 - DB home

Platform is OEL5, 11.2.0.1 GI and DB.

This all works fine.

What I now want to do (since what I'm trying to do is make this environment as secure as practical) is set up an additional sysoper operating system account, so that that user can connect to carry out sysoper tasks, amongst other things stopping and starting the instance.

So (as the oracle user) I do the following:

$ sqlplus / as sysdba
SQL> create user test identified by passwrod;
SQL> grant sysoper to test;
SQL> exit

As root I do the following:

$ useradd -g oper testoper
$ su - testoper

Now as testoper:

$ sqlplus 'test/password as sysoper'

SQL> shutdown immediate
Database closed.
Database dismounted.
ORACLE instance shut down.
[code].........

As you can see, shutdown works, but startup doesn't. I have registered an SR with Oracle on this, but they're not being useful. The suggestion was that I should give testoper the to install secondary group. But this is not a secure solution as this now gives testoper privileges to do things in OB / OH that it really shouldn't be able to do. No other suggestions have been forthcoming. The reason for the suggestion however is the ownership / permissions on the Grid OH oracle executable:

[root@db03 ~]# ls -la /u01/app/11.2.0/grid/bin/oracle
-rwsr-s--x 1 grid oinstall 184286237 Aug 22 11:15 /u01/app/11.2.0/grid/bin/oracle

As you can see, it has group oinstall, so you can see why giving the user oinstall group would work. But in my view this is not satisfactory.

One thing that occurred to me is that in this environment I should arguably in fact be using srvctl to stop / start instances. But that means setting up a user with asmoper role (presumably) rather than oper. That user would then (again presumable) be able to stop and start other GI resources, which is not what I want.

View 2 Replies View Related

Security :: Oracle11g Express - Default Role For User?

Oct 4, 2012

I switch to Oracle11g express and create user

CREATE USER LEO
IDENTIFIED BY xy
DEFAULT TABLESPACE USERS
TEMPORARY TABLESPACE TEMP
PROFILE DEFAULT

[code]...

and after login i check
select * from SESSION_ROLES

and i have none role if I set role all works fine. Why I doesn't have DEFAULT ROLE after login.

View 1 Replies View Related

SQL & PL/SQL :: Connect Role In Dba-role-privs?

Oct 10, 2012

But what I noticed is that user HIEL has a connect role but YONC does not. (Result set is below) Have searched for information but did not find what I was looking for. I did read something about backward compatibility.I'm leaning towards that thought since the other user YONC does not have this role.

Database: 11g R1

SQL> select * from dba_role_privs where grantee in ('YONC', 'HIEL') order by grantee;
GRANTEE GRANTED_ROLE ADM DEF
--------------------------- --------------------------- --- ---
YONC WCAIMS_INQUIRY NO YES
YONC ENDUSER NO YES
HIEL WCAIMS_CSR_ADDR NO YES

[code].........

View 4 Replies View Related

Export/Import/SQL Loader :: Assigned To ROLE X Be Transferred To Role Y Via Datapump Import

Oct 18, 2013

i have user with the name 'Rob' and this user has been assigned a role 'MY_SRC_ROLE' . I developed a table under rob schema and granted access to this table via role GRANT DELETE, INSERT, SELECT, UPDATE ON rob.emp TO MY_ SRC_ ROLE; I have 100 more users & they have been granted this role 'MY_SRC_ROLE'. These 100 users can now access emp table via Role 'MY_SRC_ROLE' without any issues. Now i took a datapump export & performed datapump import on target server which is also HP Unix with 11.20.3 .

On target server i have user 'JACK' and a role called 'MY_WORK_ROLE'. 5000 users have been granted 'MY_ WORK_ ROLE' on this server. I have used remap tablespace clause & remap schema clause in datapump import script. Once i performed an import , due to schema remap , i can see JACK now owns table 'emp', however grants are still not there, I tried searching on Google & oracle documentation, if somehow we can remap ROLE GRANTS also while doing datapump imp, but i couldn't find supporting syntax. can i assume datapump import is not capable to handle this particular scenario ? I was able to do it by manipulating sqlfile and replacing role name in that but i am looking for a sol. within datapump itself. how can grants assigned to ROLE 'X' be transferred to 'Role Y' via datapump import.

View 2 Replies View Related

SQL & PL/SQL :: Trace Privileges Granted And Revoked History?

Nov 20, 2012

I have written a windows service which grants and revokes based on request. How to trace in oracle data dictionary if those privilages were granted and at what time to whom and by whom. I mean is there any table which can be queried for past privilages granted to users.

View 2 Replies View Related

Server Administration :: Granted Privileges But Not Able To See In DBA_SYS_PRIVS Table

Jul 4, 2011

I have been granting "ALTER ANY MATERIALIZED VIEW" to a role but not able to see the same granted in DBA_SYS_PRIVS.

I have used the image for the first time, so pasting the sql prompt output as well:

SQL> select * from v$version where banner like 'Oracle%';

BANNER
----------------------------------------------------------------
Oracle9i Enterprise Edition Release 9.2.0.5.0 - 64bit Production
SQL> grant ALTER ANY MATERIALIZED VIEW to OPS_1ST_LINE;

Grant succeeded.

SQL> select * from dba_sys_privs where grantee = 'OPS_1ST_LINE';

GRANTEE PRIVILEGE ADM
------------------------------ ---------------------------------------- ---
OPS_1ST_LINE CREATE SESSION NO
OPS_1ST_LINE ALTER ANY SNAPSHOT NO

SQL> commit;

Commit complete.

SQL> select * from dba_sys_privs where grantee = 'OPS_1ST_LINE';

GRANTEE PRIVILEGE ADM
------------------------------ ---------------------------------------- ---
OPS_1ST_LINE CREATE SESSION NO
OPS_1ST_LINE ALTER ANY SNAPSHOT NO

SQL> SELECT * FROM DBA_SYS_PRIVS WHERE PRIVILEGE = 'ALTER ANY MATERIALIZED VIEW';

no rows selected..why is this grant not been shown. Is "ALTER ANY MATERIALIZED VIEW" not present for Oracle 9i database.

View 3 Replies View Related

Create A Role Like DBA Role?

Sep 20, 2012

is there a way to create a role just like DBA role?

View 6 Replies View Related

Windows :: System Admin Log In Error

Feb 6, 2013

i want to log-in my local machine database as a system administrator , but it is giving an error:

C:Windowssystem32>sqlplus /@myprodb as sysdba

SQL*Plus: Release 11.2.0.1.0 Production on Wed Feb 6 19:18:15 2013

Copyright (c) 1982, 2010, Oracle. All rights reserved.

ERROR: ORA-01031: insufficient privileges

Enter user-name:

C:Windowssystem32>sqlplus /@myprodb as sysoper

SQL*Plus: Release 11.2.0.1.0 Production on Wed Feb 6 19:19:28 2013

Copyright (c) 1982, 2010, Oracle. All rights reserved.

ERROR: ORA-01031: insufficient privileges

Enter user-name:

but

C:Windowssystem32>sqlplus sys@myprodb as sysdba

SQL*Plus: Release 11.2.0.1.0 Production on Wed Feb 6 19:20:45 2013

Copyright (c) 1982, 2010, Oracle. All rights reserved.

Enter password:

Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL>

and i have run cmd as administrator

View 20 Replies View Related

Deny Root / Admin Access To DB?

Apr 25, 2012

I am studying a way to block the access from the root(UNIX) or admin(WIN) users to the database.

Are there some way to block the access by the superusers?

View 3 Replies View Related

Application Express :: Cannot Log Into Apex Admin

Sep 16, 2013

Having an issue with logging into URL....  Just went through the install for APEX 4.2 for

Oracle 11.2.0.1 on Linux 2.6.32-358.el6.x86_64 #1 SMP Fri Feb 22 00:31:26 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux. 

Installed Apex with Embedded PL/SQL Gateway.Explicitly followed all the online instructions step-by-step, installation was success and config for EPG had no issues.  Changed the ADMIN pw as instructed.  Checked that EPG is running on port 8080.  Ran this script to grant connect: 

DECLARE  ACL_PATH VARCHAR2(4000);BEGIN  -- Look for the ACL currently assigned to '*' and give APEX_040200  -- the "connect" privilege if APEX_040200 does not have the privilege yet. SELECT ACL INTO ACL_PATH FROM DBA_NETWORK_ACLS  WHERE HOST = '*' AND LOWER_PORT IS NULL AND UPPER_PORT IS NULL;[code]....

that lets power users to connect to everywhere', 

'APEX_040200', TRUE, 'connect');  DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL('power_users.xml','*');END;/COMMIT;  

When I go to log in it says "Invalid Login Credentials".  I tried changing the admin pw several times but keep getting the same message.

View 1 Replies View Related

APEX ADMIN Access From Remote Machine

Oct 18, 2010

I have installed oracle 11g and configured Apex application on it. I am able to open the Admin window from my machine . URL.... and everything works fine. But when I try to open the link from other machine I get "Server not found" error.

I read the posts it says to enable Http for other servers . I dont find the way to do it .

View 2 Replies View Related

Application Express Listener :: GlassFish Admin Page

Jul 30, 2013

My configuration is GlassFish 4 (the same thing with Glass Fish 3.2) + win7 + Apex Listener 2.2 (the same thing with  Apex Listener 2.1) + Apex 4.2.2 I get blank page when trying to connect to APEX. But after loggin into GlassFish admin page (exactly login with username+password; just open admin page is not enough) in another browser tab I get proper Apex page with all images.

View 1 Replies View Related

Oracle 11g Installation - SYSTEM Admin Password Does Not Work

Aug 13, 2012

I have installed oracle several times in the past. This time I installed 11gr2 first time. I created default database during install and provided an admin password. Only thing I forgot to do was did not unlock the accounts using Password management button.

When I tried to login as SYS the admin password works fine but as SYSTEM admin password does not work. Used to be able to login as SYS, SYTEM with same admin password.

Now in SQLPLUS I unlocked the account but still can not change the password.

View 4 Replies View Related

Application Express :: 2 Schemas - Admin Password Reset

Feb 7, 2013

We have 2 apex schemas

APEX_030000
APEX_040200

Before executing the apxchpwd.sql, found the "alter session command" sets schema to APEX_030000. So we changed that to APEX_040200. Then we executed the sql script. It executed fine.

But now when we try to login to apex, and pressing enter after providing the username/pwd, it raises the following exception

Error Error in PLSQL code raised during plug-in processing.
ORA-06508: PL/SQL: could not find program unit being called

View 1 Replies View Related

NESTED ERROR When Making Admin Server A Windows Service?

May 6, 2013

I created a script to make my admin server a windows service. I successfully made it a service but when it starts it then shuts itself down. i ran a debug and found a error. I dont get what to do. I have tried changing the variables in the script and try it over and over again .....here is my script code and here is the error i got from debug output:

script

SETLOCAL
set DOMAIN_NAME=FRClassicDomain
set USERDOMAIN_HOME=C:/Oracle/Middleware/user_projects/domains/FRClassicDomain
set SERVER_NAME=FRweblogic

[Code]....

View 1 Replies View Related

Express Edition (XE) :: Connecting To As System Admin On Apex Website?

Sep 5, 2012

I'm trying to connect to the Apex website using SYSTEM or SYS. What is the workspace for system?

I logged into SQL command line and created this user using this line then grant dba to it

CREATE USER USER_HP_FULL IDENTIFIED BY w ACCOUNT UNLOCK DEFAULT TABLESPACE "USERS" TEMPORARY TABLESPACE "TEMP" PROFILE "DEFAULT";

Now, I know the username and password but I don't know the workspace. I want to log into the oracle application express website.

View 2 Replies View Related

Express Edition (XE) :: Display A List Of All User And Admin Accounts

Jan 28, 2013

I've installed XE and I want to know what accounts are active. If I log in to SQL*Plus as sys as SYSDBA how can I display a list of all user and admin accounts? I want to know who can log in.

View 3 Replies View Related

Application Express :: Restart Admin Login Credentials In 4.0 / Oracle 11gr2

Jul 26, 2012

We are unable to connect our admin account for some unknown reason. We keep receiving the following message "Invalid Login Credentials". We tried to change the admin credentials with sqlplus. We tried the usual procedure "apxchpwd" successfully, but we still cannot log in.We then tried to create a new admin2 account with the following pl/sql block.

SQL> connect APEX_030200 as sysdba
Enter password:
Connected.
[code]....

We cannot connect with either admin & admin2.

View 3 Replies View Related

ORA-28547 / Connection To Server Failed - Probable Oracle Net Admin Error

Jul 7, 2012

DB 10.2.0.4

After running shut abort it is giving below error while trying to connect sqlplus.

ORA-28547: connection to server failed, probable Oracle Net admin error

View 2 Replies View Related

Forms :: Installing Weblogic On Windows 7 X86 Machine / Restarting Admin-server Hangs

Jul 5, 2011

Im trying to install Weblogic/Forms on a Windows 7 x86 machine. Its for the developers to use.But when I run the config.bat and is creating the domain and installing Forms builder and the other stuff the installation hangs at: step restaring admin server started.

Log:

Stopping Derby Server...
Starting AdminServer
Starting the domain ...
DEBUG : Loading the 32 bit dll here
DEBUG : Loading DLL : D:/oracle/middleware/as_1/install/config/StartUtil.dll
DEBUG : Loaded DLL : D:/oracle/middleware/as_1/install/config/StartUtil.dll

View 1 Replies View Related

Application Express :: Restarting APEX After Installation Configuration - Cannot Access Admin Screen?

Jul 20, 2012

I installed and configures APEX in standalone mode about 2 weeks ago and played with it for short time. Now after 2 weeks I came back to start where I left off but APex_admin page would not come up.

I did following tasks as were found on Installed Apex on Oracle 11g. But cannot access admin screen

SQL> SELECT STATUS FROM DBA_REGISTRY
2 WHERE COMP_ID = 'APEX';
STATUS
-----------
VALID
SQL> conn sys as sysdba
Enter password:

[code]...

warning me that XDB requires username password to be sent through insecure manner (Basic authetication without a secure connection

View 1 Replies View Related

Security :: Oracle 11G And Advanced Security / FIPS 140-2 Compliant Encrypt Data At Rest

Dec 26, 2012

Any documentation supporting Oracle 11G and Advanced Security stating encryption at rest is FIPS 140-2 compliant?

View 3 Replies View Related

Security :: Enhance Security Of Windows And Recover Lost / Forgotten Password?

Nov 16, 2010

Lost Windows password? Forgot Windows password? Your PC was hacked? Therefore, it is a basic step for every Windows users to enhance the security of Windows password. In the networks, it is found that a number of user's passwords are easy to guess. Only the smallest groups are the most security conscious and select passwords that are mixed lowercase and uppercase letters, numbers and punctuation to create cryptic passwords. Adopting strong password is one of the most effective ways to ensure system security. Here are several methods for you to enhance the security of your passwords in Windows 7/2000/XP/Vista and so on. You'd better remember the methods below unless you want to reset Windows password from time to time.

1. Is random password a great password?

A common myth is that totally random passwords like Ht3&e#L%5d@$B are the best passwords. This is not true. While they may be strong passwords, they are usually difficult to remember, slow to type, and sometimes vulnerable to attacks against the password generating algorithm. It is easy to create passwords that are strong but much easier to remember by using a few simple techniques. For example, consider the password "Luck-73@Better?". This password utilizes uppercase and lowercase letters, two numbers, and three symbols. The password is 15 characters long and can be memorized with very little effort. Moreover, this password can be typed very fast. The portion"Luck" and "Better" alternate between left and right-handed keys on the keyboard, improving speed, decreasing typos, and decreasing the chances of someone being able to discover your password by watching you.

2. Create the long Windows password

Although a password may eventually be discovered through some means, it is possible to create a password that cannot be cracked in any reasonable time. If a password is long enough, it will take so long or require so much processing power to crack it. That is essentially the same as being unbreakable (at least for most hackers).

3. Create the Windows password constantly?

This may be good advice for some high-risk passwords, but it is not the best policy for every user. It is frustrating for a user to have to constantly think of and remember new passwords every 30 days. It may be better to focus on stronger passwords and better user awareness rather than limiting password age. A more realistic time for the common user may be 90-120 days.

4. Write down Windows password in a proper place

Sometimes it is necessary for some users losing and forgetting complex passwords easily to write down them somewhere proper. However, it is important to educate users on how to write down passwords properly. Obviously, a sticky note on the monitor is not a good idea, but storing passwords in a safe or even a locked cabinet may be sufficient.

5. 14 characters is the optimal password length

Each character that you add to your password increases the protection. Your passwords should be 8 or more characters in length; 14 characters or longer is the Optimal Password Length. Many systems also support use of the space bar in passwords, so you can create a phrase made of many words. It is not easier to forget and lose, as well as longer than a simple password, and harder to guess.

6. Try not to use the same Windows password for all accounts

Some users always make the same passwords for every account to make it easy to remember. In that case, when any one of them lost, your other information protected by that password will be in danger as well. It is serious to use different passwords for different systems and accounts.

7. Do not use some common words that other users maybe guess

Most of users prefer to use some common words to remember easily, for example, login name, birth date, driver's license, passport number, pets' name and other words contained their personal information someone knows. In that case, your Windows system will not be safe anymore. Moreover, do remember not to use some words spelled backwards, abbreviations, sequences or repeated characters and adjacent letters, such as, asdfgh, 123456, 888888, abcdef and so on.

You can smoothly use your Windows now because the strong and powerful Windows password is created successfully, Certainly, I believe that many users lost Windows password and forgot Windows password, then you need have to reset Windows password or recover Windows password. It is a big problem for plenty of Windows users that how to reset Windows password. how to recover Windows password and they are puzzled by resetting windows password, for instance, reset Windows 7 password, recover password Windows XP, remove Windows Vista password and other operating systems after they create the password with complex letters, numbers and symbols. However, it is unnecessary to worry and it is said that things will eventually sort themselves out. There are many ways to reset forgotten Windows password, including use windows password reset disk and windows password reset software, like Super Windows Password Reset, a professional windows password reset software which could enable you to logon to Windows smoothly without reinstalling system.

View 1 Replies View Related

Security :: Moving Application Security To Oracle From Sybase

Aug 18, 2010

In Sybase, my application was using system tables to perform application login security. Those tables obviously don't exist in Oracle. I am looking for ways to provide the following functionality in an Oracle world:

1. How to determine 'x' days of inactivity based on "last login date"?

2. How to determine when a new user logs in for the first time and force them to change their password?

3. If we need to reset a users password, how can we require the user to change their password?

4. Is there any other option other than storing a user-id/password in the application code for locking a user's account if their account needs to be locked due to inactivity?

5. In the USER_USERS view there is a status column. What the different status's can be?

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved