RE: account unlock/password reset
Date: Tue, 13 Jan 2009 08:36:08 -0500
Message-ID: <8833494F383585499CB855121711D2630E9DD8E8B9_at_JBXEXVS02.fplu.fpl.com>
Hey folks,
I've tried several things that have been suggested. All excellent suggestions, but it's still not working.
I've granted ALTER USER (with admin option) to the object owner. I dropped and recompiled the password reset/account unlock procedure. I granted execute on the procedure to the user in question, but he still gets the insufficient privs error.
the error occurs _at_ line 62 (which is executing the 'alter user .... account unlock')....
JMS09ZF _at_ emtdbt > SELECT SUBSTR(LINE,1,4) LINE,SUBSTR(TEXT,1,130) TEXT
2 FROM DBA_SOURCE
3 WHERE OWNER='DBAO'
4 AND NAME='SP_USER_CHANGE'
5 AND LINE BETWEEN 59 AND 63
6 ORDER BY LINE;
LINE TEXT
---- ----------------------------------------------------------------------------------------------- 59 60 IF p_user = upper(v_user) then 61 v_sqla := 'alter user ' || v_user || ' account unlock'; 62 execute immediate v_sqla; 63 dbms_output.put_line ('User ' || v_user || ' Account unlocked.' );
Jeremy
Consider the environment. Please don't print this e-mail unless you really need to.
-----Original Message-----
From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Alex Fatkulin
Sent: Monday, January 12, 2009 6:08 PM
To: SHEEHAN, JEREMY
Cc: oracle-l
Subject: Re: account unlock/password reset
Jaremy,
the owner of the procedure needs to have an alter user privilege
the grantee does not
this is what definer rights are about
On Mon, Jan 12, 2009 at 4:33 PM, SHEEHAN, JEREMY <JEREMY.SHEEHAN_at_fpl.com> wrote:
> Is there anyway around allowing users to unlock accounts and change password
> without granting 'ALTER USER'?
--
Alex Fatkulin,
http://afatkulin.blogspot.com
http://www.linkedin.com/in/alexfatkulin
--
http://www.freelists.org/webpage/oracle-l
i0zX+n{+i^ Received on Tue Jan 13 2009 - 07:36:08 CST