0% found this document useful (0 votes)
10 views6 pages

User, Administration Create Complete

Complete notes

Uploaded by

khubiab437
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
10 views6 pages

User, Administration Create Complete

Complete notes

Uploaded by

khubiab437
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Oracle Database User Management Guide

Oracle Database User Management Guide

---

This guide covers the fundamental aspects of managing Oracle Database

users, granting and revoking privileges, and managing roles and profiles. It is

designed to provide clarity for beginners and includes detailed syntax,

examples, and a summary table.

---

1. Create a Database User

Users in Oracle Database are the accounts that allow individuals to log in and

perform operations. Each user is assigned specific privileges and profiles to

control their access to the database.

Why Use Users?

- To securely access and manage database operations.

- To isolate tasks performed by different users.

- To assign specific privileges tailored to user responsibilities.

Syntax:

CREATE USER username IDENTIFIED BY password;

Example:

CREATE USER john IDENTIFIED BY mypassword123;

This command creates a user named 'john' with the password

'mypassword123'. By default, the user will not have any privileges to perform

operations.

---

2. Grant Privileges

Privileges control what a user is allowed to do in the database. There are two

Page 1
Oracle Database User Management Guide

types of privileges: system privileges (for administrative tasks) and object

privileges (to interact with specific database objects).

a. System Privileges

System privileges allow users to perform tasks like creating tables or logging

in.

Syntax:

GRANT privilege TO username;

Example:

GRANT CREATE SESSION TO john;

The above command grants the CREATE SESSION privilege to 'john', allowing

them to log in to the database.

b. Object Privileges

Object privileges allow users to interact with specific database objects like

tables or views.

Syntax:

GRANT privilege ON object_name TO username;

Example:

GRANT SELECT, INSERT ON employees TO john;

This allows 'john' to query and insert data into the 'employees' table. To grant

only SELECT access, use 'GRANT SELECT'.

---

3. Revoke Privileges

Privileges can be revoked if a user no longer needs certain permissions.

a. System Privileges

Syntax:

Page 2
Oracle Database User Management Guide

REVOKE privilege FROM username;

Example:

REVOKE CREATE SESSION FROM john;

This removes 'john's ability to log in to the database.

b. Object Privileges

Syntax:

REVOKE privilege ON object_name FROM username;

Example:

REVOKE SELECT ON employees FROM john;

This removes 'john's permission to query the 'employees' table.

---

4. Create and Manage Roles

Roles are named groups of privileges. Instead of granting privileges

individually, roles simplify privilege management.

Why Use Roles?

- To manage privileges for multiple users at once.

- To simplify permission management by grouping related privileges.

Types of Roles:

1. Predefined Roles: Default roles provided by Oracle, such as CONNECT,

RESOURCE, and DBA.

2. Custom Roles: Roles created by database administrators to define specific

sets of privileges.

a. Create a Role

Syntax:

CREATE ROLE role_name;

Page 3
Oracle Database User Management Guide

Example:

CREATE ROLE manager_role;

b. Assign Privileges to a Role

Syntax:

GRANT privilege TO role_name;

Example:

GRANT SELECT, INSERT ON employees TO manager_role;

c. Grant a Role to a User

Syntax:

GRANT role_name TO username;

Example:

GRANT manager_role TO john;

---

5. Create and Manage Profiles

Profiles are used to control database resource usage and enforce password

management rules for users.

Why Use Profiles?

- To set limits on system resources for users (e.g., CPU usage, sessions).

- To enforce password policies for security.

Types of Limits in Profiles:

1. Resource Limits: Control how much of a database resource (e.g., CPU,

sessions) a user can consume.

2. Password Limits: Enforce password policies, such as password length,

expiration, and reuse restrictions.

a. Create a Profile

Page 4
Oracle Database User Management Guide

Syntax:

CREATE PROFILE profile_name LIMIT resource_option value;

Example:

CREATE PROFILE limited_profile LIMIT

SESSIONS_PER_USER 2

PASSWORD_LIFE_TIME 30;

This profile restricts users to 2 sessions and forces password changes every

30 days.

b. Assign a Profile to a User

Syntax:

ALTER USER username PROFILE profile_name;

Example:

ALTER USER john PROFILE limited_profile;

c. Modify a Profile

Syntax:

ALTER PROFILE profile_name LIMIT resource_option value;

Example:

ALTER PROFILE limited_profile LIMIT SESSIONS_PER_USER 3;

This updates the profile to allow a maximum of 3 sessions per user.

d. Drop a Profile

Syntax:

DROP PROFILE profile_name [CASCADE];

Example:

DROP PROFILE limited_profile CASCADE;

The CASCADE option ensures all users associated with the profile are switched

Page 5
Oracle Database User Management Guide

to the default profile.

---

6. Summary Table

Summary Table
Command Purpose Example

CREATE USER Create a newCREATE


user USER john IDENTIFIED BY mypassword;

GRANT Grant privileges or roles


GRANT SELECT ON employees TO john;

REVOKE Revoke privileges or


REVOKE
roles SELECT ON employees FROM john;

CREATE ROLE Create a new role CREATE ROLE manager_role;

GRANT TO ROLE Assign privileges to a roleGRANT SELECT TO manager_role;

ALTER USER Assign a profile to a ALTER


user USER john PROFILE limited_profile;

Page 6

You might also like