Home » RDBMS Server » Server Administration » Workaround for using admin option
Workaround for using admin option [message #243364] Thu, 07 June 2007 02:06 Go to next message
rajeshdbabu
Messages: 3
Registered: June 2007
Junior Member
Hi Experts,

I am using Oracle 10g and I presently have this kind of setup for my new project.
grant WINA$USER to WINA$USRADM with admin option;   (where both WINA$USER and WINA$USRADM are roles)
 
SQL> select * from dba_role_privs where admin_option ='YES' and grantee like 'WINA$%' order by grantee;
 
GRANTEE                        GRANTED_ROLE                   ADM DEF
------------------------------ ------------------------------ --- ---
WINA$USRADM                    WINA$USER                      YES YES

In my vb code I use the follwing code to create and grant role for the new users:
create user C$SETUP identified by password
grant WINA$USER to C$SETUP

In order for User A (who is assigned WINA$USRADM role) to be able to "grant WINA$USER" to other users, I have given "grant WINA$USER to WINA$USRADM with admin option" in order for the VB code to work.

But my dba says that, this kind of option will raise an audit issue and not to grant an admin option. Can someone please advise me for a work around.

Appreciate your kind help on this matter urgently. Thank you.
Re: Workaround for using admin option [message #243366 is a reply to message #243364] Thu, 07 June 2007 02:10 Go to previous messageGo to next message
Michel Cadot
Messages: 64151
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
No, this is the correct to do it and your DBA is wrong.

Regards
Michel
Re: Workaround for using admin option [message #243484 is a reply to message #243364] Thu, 07 June 2007 08:22 Go to previous messageGo to next message
gkrishn
Messages: 506
Registered: December 2005
Location: Putty a dark screen
Senior Member
I believe the issue is when WINA$USRADM is droped someday.In that case,all users assigned WINA$USER from WINA$USRADM schema will have the grants revoked.
Re: Workaround for using admin option [message #243493 is a reply to message #243484] Thu, 07 June 2007 09:11 Go to previous message
Michel Cadot
Messages: 64151
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
This is wrong.
Only object privileges are tracked not system privileges or roles.

Regards
Michel
Previous Topic: one of the intrview questions could any one give answers plz
Next Topic: Oracle 11g Installation on RHEL 4...OUI issue
Goto Forum:
  


Current Time: Fri Dec 09 19:03:45 CST 2016

Total time taken to generate the page: 0.16368 seconds