oracle 10g admin workshops pptless 07
TRANSCRIPT
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
1/24
Copyright 2004, Oracle. All rights reserved.
Administering Users
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
2/24
7-2 Copyright 2004, Oracle. All rights reserved.
Objectives
After completing this lesson, you should be able to do
the following:
Create and manage database user accounts
Create and manage roles
Grant and revoke privileges
Control resource usage by users
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
3/24
7-3 Copyright 2004, Oracle. All rights reserved.
Database User Accounts
Each database user account has a:
Unique username
Authentication method
Default tablespace
Temporary tablespace
User profile
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
4/24
7-4 Copyright 2004, Oracle. All rights reserved.
Creating a User
Select Users from the Administration properties page.
Click the Create button.
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
5/24
7-5 Copyright 2004, Oracle. All rights reserved.
Profiles and Users
Users are assigned
only one profile at
any given time.
Profiles:
Control
resource
consumption
Manage
passwords
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
6/24
7-6 Copyright 2004, Oracle. All rights reserved.
Profiles and Users
Full Notes Page
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
7/24
7-7 Copyright 2004, Oracle. All rights reserved.
Authenticating Users
Password
External
Global
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
8/24
7-8 Copyright 2004, Oracle. All rights reserved.
Authenticating Users
Full NotesP
age
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
9/24
7-9 Copyright 2004, Oracle. All rights reserved.
Default and Temporary Tablespaces
and Locking
Default: Default location of database objects
Temporary: Used for sorting
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
10/24
7-10 Copyright 2004, Oracle. All rights reserved.
Database Users and Schemas
Schema Objects
Tables
Triggers
IndexesViews
Sequences
Stored program units
Synonyms
User-defined data types
Database links
The collection ofobjects owned by auser is the schema.
A user can beassociated with onlyone schema.
Username and schemaare often used
interchangeably.
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
11/24
7-11 Copyright 2004, Oracle. All rights reserved.
Checklist for Creating Users
Select a profile.
Select an authentication technique.
Assign a default tablespace and temporary
tablespace.
Grant privileges and roles to the user.
Decide on quotas for each tablespace.
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
12/24
7-12 Copyright 2004, Oracle. All rights reserved.
There are two types of user privileges:
System: Enables users to perform particular
actions in the database
Object: Enables users to access and manipulate aspecific object
Privileges
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
13/24
7-13 Copyright 2004, Oracle. All rights reserved.
System Privileges
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
14/24
7-14 Copyright 2004, Oracle. All rights reserved.
System Privileges
Full Notes Page
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
15/24
7-15 Copyright 2004, Oracle. All rights reserved.
Object Privileges
To grant object privileges:
Choose the object type Select objects
Select privileges
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
16/24
7-16 Copyright 2004, Oracle. All rights reserved.
Assigning Quota to Users
Users who do not have the unlimited tablespace
system privilege must be given a quota before they
can create objects in a tablespace. Quotas can be:
Unlimited A specific value in megabytes or kilobytes
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
17/24
7-17 Copyright 2004, Oracle. All rights reserved.
Assigning Roles to Users
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
18/24
7-18 Copyright 2004, Oracle. All rights reserved.
Users
P
rivileges
Roles HR_CLERKHR_MGR
Roles
Neena Girard Vance
Delete
employees
Select
employees
Update
employees
Insert
employees
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
19/24
7-19 Copyright 2004, Oracle. All rights reserved.
Easier privilege management
Dynamic privilege management
Selective availability of privileges
Can be granted through the operating system
Benefits of Roles
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
20/24
7-20 Copyright 2004, Oracle. All rights reserved.
Predefined Roles
CONNECT CREATE SESSION, CREATE TABLE, CREATEVIEW, CREATE SYNONYM, CREATE
SEQUENCE, CREATE DATABASE LINK,
CREATE CLUSTER, ALTER SESSION
RESOURCE CREATE TABLE, CREATE PROCEDURE,
CREATE SEQUENCE, CREATE TRIGGER,
CREATE TYPE, CREATE CLUSTER, CREATE
INDEXTYPE, CREATE OPERATOR
SCHEDULER_
ADMIN
CREATE ANY JOB, CREATE JOB, EXECUTE
ANY CLASS, EXECUTE ANY PROGRAM,
MANAGE SCHEDULER
DBA Most system privileges, several other roles. Donot grant to nonadministrators.
SELECT_
CATALOG_
ROLE
No system privileges but over 1600 object
privileges on the data dictionary
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
21/24
7-21 Copyright 2004, Oracle. All rights reserved.
Roles may be protected through authentication.
CREATE ROLE secure_application_role
IDENTIFIED USING ;
Secure Roles
Roles may also be secured programmatically.
Roles may be nondefault.
SET ROLE vacationdba;
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
22/24
7-22 Copyright 2004, Oracle. All rights reserved.
Summary
In this lesson you should have learned how to:
Create and manage user accounts
Create and manage roles
Grant and revoke privileges
Control resource usage by users
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
23/24
7-23 Copyright 2004, Oracle. All rights reserved.
Practice 7:
Administering Users
This practice covers the following:
Creating a profile to limit resource consumption
Creating two roles:
a. HRCLERK
b. HRMANAGER
Creating three new users, one manager, and two
clerks
-
8/9/2019 Oracle 10g Admin workshops PPTLess 07
24/24
7-24 Copyright 2004, Oracle. All rights reserved.
Practice 7 - Administering Users
Full Notes Page