Re: Security for group of users ???

Hi Alan,

as some ORACLE experts told me, one way to hide some users from the DB is to add entries to the PRODUCT_USER_PROFILE table. There you can specify which ORACLE products (i.e SQL*PLUS) may not be accessible to some users.

Thank you for jumpinī in :-)

Wolfgang.

On Mon, 27 Jul 1998 15:00:24 +0100, "Alan D. Mills" <alanmNOSPAM_at_uk.europe.mcd.mot.com> wrote:

>Not too sure how to disable SQL*Plus for a group - maybe some code in
>login.sql?
>
>Anyway, I would personally question having a number of different people all
>log in to Oracle under the same 'UserGroup' account. You lose your
>tracablity this way. You will have no idea of exactly which person is doing
>what at any moment and the task of diagnosig some problem can get really
>hairy if you can;t find the 'culpret'.
>
>I think that what you should be implementing is user roles and have each of
>the users in question assigned to a 'UserGroup' role which has the
>appropriate privaliges defined.
>
>As for passwords, if you want to change them all at the same time then I'm
>sure you could write some code to dynamically retrieve the list of names
>assigned to the role in the format of your 'change password' command.
>
>My 2p worth...
>
>--

>Alan D. Mills>
>Wolfgang.Rothmayer_at_bmw.de wrote in message <35bc75f2.14781714_at_news.muc>...
>>Hi there,
>>
>>we are seeking for a security mechanism to hinder the use of sqlplus
>>for a group of users. No user of this group should be able to execute
>>a SQL command if logged in into a database.
>>
>>On the other hand, we have a NT app where this user group gets logged
>>in into this database. Login is done via a group user as the
>>administration effort to handle each user differently is to high.
>>
>>Our aim is to minimize the adminstrative effort to change the password
>>for the "group user".
>>
>>Any input is greatly appreciated.
>>
>>Wolfgang.
>
>
Received on Tue Jul 28 1998 - 08:31:56 CDT