1. view the default user account

 SQL> select username from dba_users;

2. lock all users and set their password to expired

 SQL> select ‘alter user ‘|| username || ‘ password expire account lock;’ from dba_users;

3. A locked user can only be accessed by altering the user to an unlocked state

 SQL> alter user scott account unlock;

4. As a DBA, you can change the password for a user

 SQL> alter user <username> identified by <new password>;

5. Run this query to display users that have been created by another DBA versus those created by Oracle.For default users,there should be a record in the DEFAULT_PWD$ view.So,if a user doesn’t exist in DEFAULT_PWD$,then you can assume it’s not a default account.

 SQL> select distinct u.username
,case when d.user_name is null then ‘DBA created account’
else ‘Oracle created account’
from dba_users u
,default_pwd$ d
where u.username=d.user_name(+);

6. You can check the DBA_USERS_WITH_DEFPWD view to see whether any Oracle-created user accounts are still to the default password

 SQL> select * from dba_users_with_defpwd;

7. Creating a User with Database Authentication

 SQL> create user user_name identified by password
default tablespace users
temporaty tablespace temp
quote unlimited on users;
SQL> grant create session to user_name; #to make the user useful
SQL> grant create table to user_name; #to be able to create tables.
SQL> grant create table,create session to user_name identified by password; #you can also use the GRANT . . . IDENTIFIED BY statement to create a user.

8.Creating a User with OS Authentication

Oracle strongly recommends that you set the OS_AUTHENT_PREFIX parameter to a null string

 SQL> alter system set os_authent_prefix=’’ scope=spfile;
SQL> create user user_name identified externally;
SQL> grant create session to user_name;
$ sqlplus / #when user_name logs in to the database server,this user can connect to SQL*Plus.

9. You can alter your current user’s session to point at a different schema via ALTER SESSION statement

 SQL> alter session set current_schema = hr;

10. Assiging Default Permanent and Temporary Tablespaces

 SQL> alter user user_name default tablespace tb_name temporary tablespace temp_name;

11. Modifying Password

 SQL> alter user user_name identified by new_password;

12. SQL*PLUS password command

 SQL> passw user_name
Changing password for user_name
New password:

13. Modifying Users

 SQL> alter user user_name account lock;
SQL> alter user user_name quota 500m on users;

14. Dropping Users. Before you drop a user,I recommend that you first lock the user.Locking the user prevents others from connecting to a locked database account.

 SQL> alter user user_name account lock;
SQL> select username,lock_date from dba_users;
SQL> alter user user_name account unlock;
SQL> drop user user_name;
SQL> drop user user_name cascade; #the prior commend won’t work if the user owns any database objects.Use the CASCADE clause to remove a user and have its objects dropped.

15. Password Strength. You can enforce a minimum standard of password complexity by assigning a password verification function to a user’s profile. Oracle supplies a default password verification function that you create by running the following script as the SYS schema

 SQL> @?/rdbms/admin/utlpwdmg
SQL> alter profile default limit PASSWORD_VERIFY_FUNCTION ora12c_verify_function;
SQL> alter profile default limit PASSWORD_VERIFY_FUNCTION null; #disable the password function.

16. Limiting Database Resource Usage

 SQL> alter system set resource_limit=true scope=both;

17. Assigning Database System Privileges

 SQL> select destinct privilege from dba_sys_privs;
SQL> grant create session to user_name #minimally a user needs CREATE SESSION to be able to connect to the database.
SQL> revoke cteate table from user_name; #to take away privileges.
SQL> grant create table to user_name with admin option; #allows you to grant a system privilege to a user and also give that user the ability to administer a privilege.You can do this with the WITH ADMIN OPTION clause.

18. Assigning Database Object Privileges

 SQL> grant insert,update,delete,select on object_owner to user_name;
SQL> grant insert(id,name,desc) on table_name to user_name #grants INSERT privileges to specific columns in the table.
SQL> grant insert on object_owner to user_name with grant option; #if you want a user that is being granted object privileges to be able to subsequently grant those same object privileges to other users,then use the WITH GRANT OPTION clause.

19. Grouping and Assigning Privileges

 SQL> create role role_name;
SQL> grant select any table to role_name;
SQL> grant role_name to user_name;

Oracle Study Note : Users and Basic Security的更多相关文章

  1. Oracle Study Note : Tablespace and Data Files

    1.how to create a tablespace that employs the most common features create tablespace tb_name #create ...

  2. Oracle Study之--Oracle 11gR2通过RMAN克隆数据库

    Oracle Study之--Oracle 11gR2通过RMAN克隆数据库 Purpose of Database Duplication A duplicate database is usefu ...

  3. Oracle Study之--Oracle 单实例11.2.0.1.0升级到11.2.0.3.0

    Oracle Study之--Oracle 单实例11.2.0.1.0升级到11.2.0.3.0 系统环境: 操作系统:RedHat EL6(64位) Oracle:    Oracle 11gR2 ...

  4. Oracle Study之-AIX6.1构建Oracle 10gR2 RAC(3)

    Oracle Study之-AIX6.1构建Oracle 10gR2 RAC(3) 一.配置共享存储 [oracle@aix203 ~]$lsdev -c disk hdisk0 Available ...

  5. Oracle Study之-AIX6.1构建Oracle 10gR2 RAC(4)

    Oracle Study之-AIX6.1构建Oracle 10gR2 RAC(4) 一.安装CRS补丁 在安装CRS之前,须要安装补丁p6718715_10203_AIX64-5L,否则在安装时会出现 ...

  6. Beginning Scala study note(5) Pattern Matching

    The basic functional cornerstones of Scala: immutable data types, passing of functions as parameters ...

  7. Beginning Scala study note(2) Basics of Scala

    1. Variables (1) Three ways to define variables: 1) val refers to define an immutable variable; scal ...

  8. 理解RHEL上安装oracle的配置参数 :/etc/security/limits.conf, /etc/profile, /etc/pam.d/login

    无论安装什么版本的Oracle,在安装之前,都需要配置 /etc/pam.d/login   /etc/profile   /etc/security/limits.conf这三个文件 那这三个文件究 ...

  9. Java Basic&Security Tools

    JDK Tools and Utilities Basic Tools These tools are the foundation of the JDK. They are the tools yo ...

随机推荐

  1. unity3d学习重点记录

    本文主要是记录在学习unity3d中遇到的重点功能的实现,以及一些API的使用方法.以便在以后使用到的时候查找. 1,给一个UIButton添加执行的事件 // Use this for initia ...

  2. Windows Server 2008修改远程桌面连接数

    服务器安装了Windows Server 2008,现在要增加远程连接,开启服务器上的远程桌面连接,使用管理员账户远程登录.默认情况下Windows Server 2008允许一个连接数,一个账号最大 ...

  3. HP Mobile Center 1.01 Related System Requirements

    最近要开始使用HP Mobile Center,以下是我在官网上搜集的配置信息,包含软硬件. Reference:  http://mobilecenterhelp.saas.hp.com/en/la ...

  4. 默菲定律 [Murphy's Law]

    一.关于默菲定律(Murphy's Law)   “墨菲定律”.“帕金森定律”和“彼德原理”并称为二十世纪西方文化三大发现. “墨菲定律”的原话是这样说的:If there are two or mo ...

  5. C# Exception 对象的属性

    关于 C# 中 Exception 对象的属性,在程序出现异常时,需要记录异常的信息,并把信息保存起来或输出,以方便准确定位异常的根源,以下是 Exception  对象的属性 名称          ...

  6. PNG图片数据解析

    PNG是一种非常流行的图片格式,它不仅支持透明效果,而且图片数据经过了压缩处理,所以广泛用于web等应用. PNG的文件格式: PNG文件中的数据,总是以一个固定的8个字节开头: (图片来自http: ...

  7. Android开发如何去除标题栏title

    虽然是一个小问题,今天遇到了,也就写下来吧.防止自己忘掉. 取消标题栏的方式有两种,一种是在代码添加,另一种是在AndroidManifest.xml里面添加. 1.在代码中实现:在此方法setCon ...

  8. 使用Servlet处理请求<http://blog.sina.com.cn/s/blog_5d3fb3cc0100ep9q.html>

    一.GET和POST的区别 1.GET提交的是文本内容,规定其数据长度不超过255个字符.在GET方式提交的URL中会显示出提交的查询数据而却提交数据的缓存会在浏览器的URL历史状态中,这样我们往往在 ...

  9. dell N1500 安全配置

    http://www.dell.com/Support/Article/us/en/19/HOW10832 Setting a management IP address A reachable IP ...

  10. trap在shell中捕捉信号

    一.trap捕捉到信号之后,可以有三种反应方式:(1)执行一段程序来处理这一信号(2)接受信号的默认操作(3)忽视这一信号 二.trap对上面三种方式提供了三种基本形式:第一种形式的trap命令在sh ...