1. view the default user account

 SQL> select username from dba_users;

2. lock all users and set their password to expired

 SQL> select ‘alter user ‘|| username || ‘ password expire account lock;’ from dba_users;

3. A locked user can only be accessed by altering the user to an unlocked state

 SQL> alter user scott account unlock;

4. As a DBA, you can change the password for a user

 SQL> alter user <username> identified by <new password>;

5. Run this query to display users that have been created by another DBA versus those created by Oracle.For default users,there should be a record in the DEFAULT_PWD$ view.So,if a user doesn’t exist in DEFAULT_PWD$,then you can assume it’s not a default account.

 SQL> select distinct u.username
,case when d.user_name is null then ‘DBA created account’
else ‘Oracle created account’
from dba_users u
,default_pwd$ d
where u.username=d.user_name(+);

6. You can check the DBA_USERS_WITH_DEFPWD view to see whether any Oracle-created user accounts are still to the default password

 SQL> select * from dba_users_with_defpwd;

7. Creating a User with Database Authentication

 SQL> create user user_name identified by password
default tablespace users
temporaty tablespace temp
quote unlimited on users;
SQL> grant create session to user_name; #to make the user useful
SQL> grant create table to user_name; #to be able to create tables.
SQL> grant create table,create session to user_name identified by password; #you can also use the GRANT . . . IDENTIFIED BY statement to create a user.

8.Creating a User with OS Authentication

Oracle strongly recommends that you set the OS_AUTHENT_PREFIX parameter to a null string

 SQL> alter system set os_authent_prefix=’’ scope=spfile;
SQL> create user user_name identified externally;
SQL> grant create session to user_name;
$ sqlplus / #when user_name logs in to the database server,this user can connect to SQL*Plus.

9. You can alter your current user’s session to point at a different schema via ALTER SESSION statement

 SQL> alter session set current_schema = hr;

10. Assiging Default Permanent and Temporary Tablespaces

 SQL> alter user user_name default tablespace tb_name temporary tablespace temp_name;

11. Modifying Password

 SQL> alter user user_name identified by new_password;

12. SQL*PLUS password command

 SQL> passw user_name
Changing password for user_name
New password:

13. Modifying Users

 SQL> alter user user_name account lock;
SQL> alter user user_name quota 500m on users;

14. Dropping Users. Before you drop a user,I recommend that you first lock the user.Locking the user prevents others from connecting to a locked database account.

 SQL> alter user user_name account lock;
SQL> select username,lock_date from dba_users;
SQL> alter user user_name account unlock;
SQL> drop user user_name;
SQL> drop user user_name cascade; #the prior commend won’t work if the user owns any database objects.Use the CASCADE clause to remove a user and have its objects dropped.

15. Password Strength. You can enforce a minimum standard of password complexity by assigning a password verification function to a user’s profile. Oracle supplies a default password verification function that you create by running the following script as the SYS schema

 SQL> @?/rdbms/admin/utlpwdmg
SQL> alter profile default limit PASSWORD_VERIFY_FUNCTION ora12c_verify_function;
SQL> alter profile default limit PASSWORD_VERIFY_FUNCTION null; #disable the password function.

16. Limiting Database Resource Usage

 SQL> alter system set resource_limit=true scope=both;

17. Assigning Database System Privileges

 SQL> select destinct privilege from dba_sys_privs;
SQL> grant create session to user_name #minimally a user needs CREATE SESSION to be able to connect to the database.
SQL> revoke cteate table from user_name; #to take away privileges.
SQL> grant create table to user_name with admin option; #allows you to grant a system privilege to a user and also give that user the ability to administer a privilege.You can do this with the WITH ADMIN OPTION clause.

18. Assigning Database Object Privileges

 SQL> grant insert,update,delete,select on object_owner to user_name;
SQL> grant insert(id,name,desc) on table_name to user_name #grants INSERT privileges to specific columns in the table.
SQL> grant insert on object_owner to user_name with grant option; #if you want a user that is being granted object privileges to be able to subsequently grant those same object privileges to other users,then use the WITH GRANT OPTION clause.

19. Grouping and Assigning Privileges

 SQL> create role role_name;
SQL> grant select any table to role_name;
SQL> grant role_name to user_name;

Oracle Study Note : Users and Basic Security的更多相关文章

  1. Oracle Study Note : Tablespace and Data Files

    1.how to create a tablespace that employs the most common features create tablespace tb_name #create ...

  2. Oracle Study之--Oracle 11gR2通过RMAN克隆数据库

    Oracle Study之--Oracle 11gR2通过RMAN克隆数据库 Purpose of Database Duplication A duplicate database is usefu ...

  3. Oracle Study之--Oracle 单实例11.2.0.1.0升级到11.2.0.3.0

    Oracle Study之--Oracle 单实例11.2.0.1.0升级到11.2.0.3.0 系统环境: 操作系统:RedHat EL6(64位) Oracle:    Oracle 11gR2 ...

  4. Oracle Study之-AIX6.1构建Oracle 10gR2 RAC(3)

    Oracle Study之-AIX6.1构建Oracle 10gR2 RAC(3) 一.配置共享存储 [oracle@aix203 ~]$lsdev -c disk hdisk0 Available ...

  5. Oracle Study之-AIX6.1构建Oracle 10gR2 RAC(4)

    Oracle Study之-AIX6.1构建Oracle 10gR2 RAC(4) 一.安装CRS补丁 在安装CRS之前,须要安装补丁p6718715_10203_AIX64-5L,否则在安装时会出现 ...

  6. Beginning Scala study note(5) Pattern Matching

    The basic functional cornerstones of Scala: immutable data types, passing of functions as parameters ...

  7. Beginning Scala study note(2) Basics of Scala

    1. Variables (1) Three ways to define variables: 1) val refers to define an immutable variable; scal ...

  8. 理解RHEL上安装oracle的配置参数 :/etc/security/limits.conf, /etc/profile, /etc/pam.d/login

    无论安装什么版本的Oracle,在安装之前,都需要配置 /etc/pam.d/login   /etc/profile   /etc/security/limits.conf这三个文件 那这三个文件究 ...

  9. Java Basic&Security Tools

    JDK Tools and Utilities Basic Tools These tools are the foundation of the JDK. They are the tools yo ...

随机推荐

  1. 如何激活phpstorm | phpstorm的下载

    2016年7月14日 phpsotrm 推送2016.2 更新 phpstorm的下载地址 https://www.jetbrains.com/phpstorm/download/#section=w ...

  2. HTTP协议——学习资料小结

    嗯,这几天回头再次的学习Servlet的知识点,觉得HTTP协议的内容是相当重要的,现在虽然知道浏览器与应用程序的交互离不开它,但是怎么将信息从浏览器传输到服务器的这个知识点还是一个盲点.于是从网上找 ...

  3. 09_platform-tools简介&常见adb指令

    SDK下面的文件夹说明add-ons 附加的附属的一些信息.docs Android开发的帮助文件.extras 支持的jar包,高版本兼容底版本.google usb的驱动.platforms 存放 ...

  4. 用命令实现Win7远程桌面关机和重启

    关机 shutdown -s -t 0 重启 shutdown -r -t 0 打开运行框(Win+R键),输入上述命令即可,后面的数字表示关机/重启延迟的时间 at 12:00 shutdown - ...

  5. CLRS:max_heap and min_heap operation (pseudocode)

    //max_heap heap_maximum:return A[1]    O(1); Extract_Heap_maximum:swap(A[1],A[heap.size])    adjust ...

  6. maven auto-config 多环境自动打包

    摘自:http://doc.okbase.net/bjhecwq/archive/118121.html maven有许多优秀的插件,最近在研究打包中替换多重环境的配置,同事介绍使用阿里的auto-c ...

  7. select 嵌套查询

    1. SELECT语句的子查询 语法:     SELECT ... FROM (subquery) AS name ... 先创建一个表: CREATE TABLE t1 (s1 INT, s2 C ...

  8. Face++云相册应用IOS源码

    该源码是一个不错的相册应用,Face++云相册应用源码,以人脸识别作为用户注册和登录的依据,登录后可以进入用户的云相册空间,并对相册进行上传图片或删除图片,另添加了分享功能. <ignore_j ...

  9. linux修改登陆后进入的默认目录

    如将root登陆后进入的路径由/root改为/opt/FriendlyARM/linux/u-boot-mini6410修改/etc/pssswd 修改行 root:x:0:0:root:/root: ...

  10. VS2008使用技巧及快捷键大全

    VS2008技巧,非常实用,非常提高效率. 1,Visual Studio 2008自带的1000多个 Windows 系统使用的各种图标.光标和动画文件在Visual Studio 2008的安装目 ...