oracle 10g admin workshops pptless 07

8/9/2019 Oracle 10g Admin workshops PPTLess 07

1/24

Copyright 2004, Oracle. All rights reserved.

Administering Users


2/24

7-2 Copyright 2004, Oracle. All rights reserved.

Objectives

After completing this lesson, you should be able to do

the following:

Create and manage database user accounts

Create and manage roles

Grant and revoke privileges

Control resource usage by users


3/24


Database User Accounts

Each database user account has a:

Unique username

Authentication method

Default tablespace

Temporary tablespace

User profile


4/24


Creating a User

Select Users from the Administration properties page.

Click the Create button.


5/24


Profiles and Users

Users are assigned

only one profile at

any given time.

Profiles:

Control

resource

consumption

Manage

passwords


6/24


Profiles and Users

Full Notes Page


7/24


Authenticating Users

Password

External

Global


8/24


Authenticating Users

Full NotesP

age


9/24


Default and Temporary Tablespaces

and Locking

Default: Default location of database objects

Temporary: Used for sorting


10/24


Database Users and Schemas

Schema Objects

Tables

Triggers

IndexesViews

Sequences

Stored program units

Synonyms

User-defined data types

Database links

The collection ofobjects owned by auser is the schema.

A user can beassociated with onlyone schema.

Username and schemaare often used

interchangeably.


11/24


Checklist for Creating Users

Select a profile.

Select an authentication technique.

Assign a default tablespace and temporary

tablespace.

Grant privileges and roles to the user.

Decide on quotas for each tablespace.


12/24


There are two types of user privileges:

System: Enables users to perform particular

actions in the database

Object: Enables users to access and manipulate aspecific object

Privileges


13/24


System Privileges


14/24


System Privileges

Full Notes Page


15/24


Object Privileges

To grant object privileges:

Choose the object type Select objects

Select privileges


16/24


Assigning Quota to Users

Users who do not have the unlimited tablespace

system privilege must be given a quota before they

can create objects in a tablespace. Quotas can be:

Unlimited A specific value in megabytes or kilobytes


17/24


Assigning Roles to Users


18/24


Users

P

rivileges

Roles HR_CLERKHR_MGR

Roles

Neena Girard Vance

Delete

employees

Select

employees

Update

employees

Insert

employees


19/24


Easier privilege management

Dynamic privilege management

Selective availability of privileges

Can be granted through the operating system

Benefits of Roles


20/24


Predefined Roles

CONNECT CREATE SESSION, CREATE TABLE, CREATEVIEW, CREATE SYNONYM, CREATE

SEQUENCE, CREATE DATABASE LINK,

CREATE CLUSTER, ALTER SESSION

RESOURCE CREATE TABLE, CREATE PROCEDURE,

CREATE SEQUENCE, CREATE TRIGGER,

CREATE TYPE, CREATE CLUSTER, CREATE

INDEXTYPE, CREATE OPERATOR

SCHEDULER_

ADMIN

CREATE ANY JOB, CREATE JOB, EXECUTE

ANY CLASS, EXECUTE ANY PROGRAM,

MANAGE SCHEDULER

DBA Most system privileges, several other roles. Donot grant to nonadministrators.

SELECT_

CATALOG_

ROLE

No system privileges but over 1600 object

privileges on the data dictionary


21/24


Roles may be protected through authentication.

CREATE ROLE secure_application_role

IDENTIFIED USING ;

Secure Roles

Roles may also be secured programmatically.

Roles may be nondefault.

SET ROLE vacationdba;


22/24


Summary

In this lesson you should have learned how to:

Create and manage user accounts

Create and manage roles

Grant and revoke privileges

Control resource usage by users


23/24


Practice 7:

Administering Users

This practice covers the following:

Creating a profile to limit resource consumption

Creating two roles:

a. HRCLERK

b. HRMANAGER

Creating three new users, one manager, and two

clerks


24/24


Practice 7 - Administering Users

Full Notes Page

oracle 10g admin workshops pptless 07

Documents