Oracle User Management
Oracle User Management
Oracle user management involves creating, managing, and securing database users and
their access to database resources. This ensures that only authorized users can access
and manipulate data, maintaining database security and integrity. Let's explore the key
components of Oracle user management.
1. Creating Users
Creating users in Oracle involves defining new user accounts and specifying their
authentication methods. The CREATE USER statement is used for this purpose.
Basic User Creation: This involves specifying the username and password for the new
user.
SQL>
Example:
SQL>
2. Granting Privileges
Privileges in Oracle are rights to execute specific types of SQL statements or to access
another user's object. There are two main types of privileges: system privileges and
object privileges.
SQL>
Example:
SQL>
Object Privileges: These allow users to perform actions on specific schema objects like
tables, views, sequences, etc. Common object privileges include:
SELECT: Allows the user to query the table.
INSERT: Allows the user to insert rows into the table.
SQL>
3. Roles
Roles are named groups of related privileges that can be granted to users or other roles.
This simplifies the process of assigning and managing privileges.
Creating a Role:
SQL>
Example:
SQL>
SQL>
GRANT privilege TO role_name ;
Example:
SQL>
SQL>
Example:
SQL>
4. Profiles
Profiles are used to manage user resource limits and password policies. They help in
enforcing security policies and controlling resource usage.
Creating a Profile:
SQL>
SESSIONS_PER_USER 2
FAILED_LOGIN_ATTEMPTS 5
PASSWORD_LIFE_TIME 30;
Example:
SQL>
SESSIONS_PER_USER 1
FAILED_LOGIN_ATTEMPTS 3
PASSWORD_LIFE_TIME 60;
SQL>
Example:
SQL>
ALTER USER shad_cdb PROFILE limited_user ;
5. Managing Users
Altering User Details: Modify user details such as password, default tablespace,
temporary tablespace, etc.
SQL>
Example:
SQL>
Locking and Unlocking Users: Prevent users from logging in or restore their access.
SQL>
Example:
SQL>
SQL>
Example:
SQL>
Least Privilege Principle: Grant users only the privileges they need to perform their
job.
Strong Password Policies: Enforce strong passwords and regular password
changes.
Regular Audits: Monitor and review user activities and access logs to detect and
respond to suspicious activities.
Use of Roles and Profiles: Simplify privilege management and enforce consistent
security policies.