RE: account unlock/password reset

I've tried several things that have been suggested. All excellent suggestions, but it's still not working.

I've granted ALTER USER (with admin option) to the object owner. I dropped and recompiled the password reset/account unlock procedure. I granted execute on the procedure to the user in question, but he still gets the insufficient privs error.

the error occurs _at_ line 62 (which is executing the 'alter user .... account unlock')....

JMS09ZF _at_ emtdbt > SELECT SUBSTR(LINE,1,4) LINE,SUBSTR(TEXT,1,130) TEXT   2 FROM DBA_SOURCE
  3 WHERE OWNER='DBAO'
  4 AND NAME='SP_USER_CHANGE'
  5 AND LINE BETWEEN 59 AND 63
  6 ORDER BY LINE; LINE TEXT

---- -----------------------------------------------------------------------------------------------
59
60          IF  p_user = upper(v_user) then
61           v_sqla := 'alter user ' || v_user || ' account unlock';
62           execute immediate v_sqla;
63           dbms_output.put_line ('User ' || v_user || ' Account unlocked.' );

Jeremy
 Consider the environment. Please don't print this e-mail unless you really need to.

-----Original Message-----
From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Alex Fatkulin Sent: Monday, January 12, 2009 6:08 PM
To: SHEEHAN, JEREMY
Cc: oracle-l
Subject: Re: account unlock/password reset

Jaremy,

the owner of the procedure needs to have an alter user privilege

the grantee does not

this is what definer rights are about

On Mon, Jan 12, 2009 at 4:33 PM, SHEEHAN, JEREMY <JEREMY.SHEEHAN_at_fpl.com> wrote:

> Is there anyway around allowing users to unlock accounts and change password
> without granting 'ALTER USER'?

--
Alex Fatkulin,
http://afatkulin.blogspot.com
http://www.linkedin.com/in/alexfatkulin --
http://www.freelists.org/webpage/oracle-l

��i��0���zX���+��n��{�+i�^ Received on Tue Jan 13 2009 - 07:36:08 CST