Re: What privileges/roles are rquired to create a user

From: Hemant K Chitale <hkchital_at_singnet.com.sg>
Date: Thu, 16 Sep 2010 22:31:04 +0800
Message-Id: <201009161430.o8GEUtBh020849_at_smtp41.singnet.com.sg>

You could create an ADMIN user and grant the user the privileges : CREATE SESSION
CREATE USER
GRANT ANY PRIVILEGE
GRANT ANY OBJECT PRIVILEGE Thus, the ADMIN user is not a DBA (does not have the DBA role) and, itself, cannot create any objects (Tablespaces, Tables, Sequences, Packages etc) other than creating other Users. (But then ADMIN can grant any privilege to a user that it creates --- so that is a serious loophole !)

Hemant K Chitale

At 03:47 PM Thursday, you wrote:
>Currently whenever we create a new user and grant that user
>privileges we do that as SYSDBA
>
>We would prefer not to do this as SYSDBA
>
>But what are the minimum privilege(s)/role(s) that a user needs to
>allow that user to create new users and grant them privileges?
>
>

Hemant K Chitale

http://hemantoracledba.blogspot.com

--
http://www.freelists.org/webpage/oracle-l

Received on Thu Sep 16 2010 - 09:31:04 CDT

This message: [ Message body ]
Next message: fairlie rego: "Re: Peoplesoft on RAC"
Previous message: Vishal Gupta: "Re: Anyone using Ruby for scripting?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message