Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: insufficient priviliges

Re: insufficient priviliges

From: newbie <rjngh2005_at_gmail.com>
Date: 14 Jul 2006 14:54:08 -0700
Message-ID: <1152914048.846080.222510@75g2000cwc.googlegroups.com> 






Charles Hooper wrote:


> Matthias Hoys wrote:

> > "Charles Hooper" <hooperc2000_at_yahoo.com> wrote in message

> > news:1152743678.501913.205640_at_35g2000cwc.googlegroups.com...

> > > fitzjarrell_at_cox.net wrote:

> > >> SQL> alter user abc identified by somepasswordicanremember;

> > >>

> > >> And, then, by the magic of Oracle you can connect as 'abc':

> > >>

> > >> SQL> connect abc/somepasswordicanremember

> > >> Connected.

> > >> SQL> select * from pqr;

> > >>

> > >> [all sorts of results here]

> > >>

> > >> SQL> grant select on pqr to test;

> > >>

> > >> Grant succeeded.

> > >>

> > >> SQL> connect test/somepasswordidontknow

> > >> Connected.

> > >> SQL> select * from abc.pqr;

> > >>

> > >> [all sorts of results here]

> > >>

> > >> If this is some 'real world' problem which you've oversimplified in

> > >> order to get an answer then the above instructions won't do you any

> > >> good as you cannot change the application user password without

> > >> breaking the application.  In that case I'd go to whoever created the

> > >> application user and ask, pretty please, for the password.  Of course,

> > >> if you have SYS as SYSDBA privileges without authorization you should

> > >> update your resume as you won't be long for this job.

> > >>

> > >>

> > >> David Fitzjarrell

> > >

> > > Just adding to the excellent tip above, before changing the user's

> > > password, execute the following query:

> > > SELECT


> > >  USERNAME,


> > >  PASSWORD


> > > FROM


> > >  DBA_USERS


> > > WHERE


> > >  USERNAME='ABC';


> > >

> > > When finished, update the user with the original encrypted password:

> > > ALTER USER ABC IDENTIFIED BY VALUES 'ENCRYPTEDPASSWORD';


> > >

> > > For obvious reasons, this should be used as a last resort.

> > >

> > > Charles Hooper

> > > PC Support Specialist

> > > K&M Machine-Fabricating, Inc.

> > >

> >

> > And of course, when you use this workaround and change the password, the

> > whole application stops working because db connections will still use the

> > old password ... Unless this user isn't used at all for db connections, and

> > then I see no problems using this solution.


>




> Explore the @ command in SQLPlus.  Throw the command to be executed

> into a text file:

> * Change password

> * Log off

> * Connect as the user

> * Perform grant

> * Log off

> * Connect as SYS

> * Reset user password by values


>




> Unless it takes five minutes to log into the database, there is little

> chance that any one would notice if performed in off hours.


>




> I like the other solution that was proposed earlier.


>




> Charles Hooper

> PC Support Specialist

> K&M Machine-Fabricating, Inc.




Thanks guys
Received on Fri Jul 14 2006 - 16:54:08 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US