Users

Main points in this section

• Concept of users, schemas

• Manage Users
o Create user
o Alter user
o Drop user
• Login without password
• Privileges (System , Object)
• Login as another user, without knowing password
• Data Dictionary Views
o DBA_USERS
o DBA_TS_QUOTA
o V$SESSION
o DATABASE_PROPERTIES

If no temporary tablespace is specified, default temp

tablespace for the database is assigned.

revoke quota

Passwords are always automatically and transparently

encrypted during network (client/serverand server/server)
connections, by using a modified Data Encryption Standard
(DES) algorithm, before sending them across the network.

External Authentication

OS_AUTHENT_PREFIX=OPS$
OPS$ is default

REMOTE_OS_AUTHENT
Set this parameter to TRUE if you want
to let hackers get into to your database easily.
System and Object Privileges

Object privileges Permissions on schema objects such as

tables, views, sequences, procedures, and packages. To use
a schema object owned by another user, you need privileges
on that object.

System privileges Permissions on database-level operations,

such as connecting to the database, creating users,
altering the database, or consuming unlimited amounts of
tablespace.

Object privileges

• Table Object Privileges (select, insert, update,

delete, alter, index, references  can create a
foreign key that references to this table, debug  can
access trigger code on the table via a debugger)

• View Object Privileges (select, insert, update,

delete, debug, references)

• Sequence (select , alter)

• Stored procs, functions, packages (debug  can access

public and private variables, execute)

ALL means all privileges

Grant select on emp to public; (public is a special user
and not a role – when you grant a privilege to public it is
granted to all users)

Grant with Grant OPTION

System Privileges (170 in 10g, Query SYSTEM_PRIVILEGE_MAP)

• Database ( alter database, alter system)

• Indexes (create any index, alter any index, drop any
index)
• Jobs (create job, create any job)
• Execute any program
• Procedures (create procedure, create any procedure,
drop any procedure, execute any procedure)
• Profile (create, alter, drop)
 • Sequences (create sequence, create any sequence, drop
any sequence, alter any sequence, select any sequence)
• Session (create session, alter session)
• Table (create table, create any table, alter any
table, drop any table, select any table, insert any
table, update any table, delete any table, lock any
table)
• Tablespace (create, alter, drop, manage  online,
offline)

Grant with Admin option

How to login as another user

• Connect as a DBA User and get the encypted passord for
User SCOTT

sqlplus system/manager
select password from dba_users where username =
'SCOTT';

PASSWORD
------------------------------
F894844C34402B67

• Change the password for User SCOTT temporarilly

alter user scott identified by hello;

• Connect as User SCOTT with the temporary password

'hello' and do the necessary jobs as SCOTT

sqlplus scott/hello

• Reset the original password for SCOTT as a DBA

alter user SCOTT identified by VALUES

'F894844C34402B67';
Complying with Oracle Licensing Terms

HWM for users

Data Dictionary Views

DBA_USERS

DBA_TS_QUOTA

V$SESSION