Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: User rights

Re: User rights

From: Paul Drake <bdbafh_at_gmail.com>
Date: Fri, 29 Apr 2005 12:41:32 -0400
Message-ID: <910046b405042909414782992@mail.gmail.com> 





On 4/29/05, Michael.Fleck_at_lvr.de <Michael.Fleck_at_lvr.de> wrote:


> Thanks a lot.



>=20


> Our problem is, that we use a GUI-based third party tool for these guys =

=3D


> in our department. I don't know which queries lie behind the button for =

=3D


> the user rights. I gave the users Select on DBA_TAB_PRIVS and =3D

> DBA_ROLE_PRIVS, so they can query the user rights from SQL-Plus, but =3D

> with the tool this doesn't work. I think, I will contact the support =3D

> people of the tool.


>=20




> Best regards,

> Michael Fleck=3D20




trace the session of that user using that tool.
easiest way is to put an after logon to database trigger for that user
account (schema).



here is an example of a logon trigger:


http://www.databasejournal.com/features/oracle/article.php/3441191



here is an example of using dbms_support to start trace in session:
http://www.databasejournal.com/features/oracle/article.php/3469891



hth.



Paul



>=20




> -----Urspr=3DFCngliche Nachricht-----

> Von: Vitalis Jerome [mailto:vitalisman_at_gmail.com]=3D20

> Gesendet: Freitag, 29. April 2005 14:59

> An: Fleck, Michael

> Cc: oracle-l_at_freelists.org

> Betreff: Re: User rights


>=20
>=20




> On 4/29/05, Michael.Fleck_at_lvr.de <Michael.Fleck_at_lvr.de> wrote:

> > Hi list members,

> >=3D20

> > we have some people in our departments, which do some user=3D20

> > administration. The employees of this department work with oracle=3D20

> > applications. Ths support people in the department want to know, which =

=3D

>=20


> > access a user has to what tables, indexes etc. Which role or=3D20



> > system-rights do I have to grant to the support people in the=3D20

> > department. With DBA rights they get the right information. I tried=3D2=

0


> > the roles SELECT_ANY_CATALOG and EXECUTE_ANY_CATALOG and the=3D20

> > SELECT_ANY_DICTIONARY right, but none of them worked.

> >=3D20

> > Any ideas, which right I have to grant?

> >=3D20

> > Best regards,

> > Michael Fleck=3D3D20


>=20




> Hi Michael,


>=20




> Which queries do the support guys exactly use for this purpose? They =3D

> can't only query dba_catalog since this won't tell them which objects a =

=3D


> user can access. They must be using some queries against DBA_TAB_PRIVS =

=3D


> and the like. If you can get their queries, it might be easier to find =

=3D


> the right sufficient role or privileges.


>=20




> Regards,

> Jerome


>=20




> --

> http://www.freelists.org/webpage/oracle-l

>=20




--=20


#/etc/init.d/init.cssd stop


# f=3Dma, divide by 1, convert to moles.

--
http://www.freelists.org/webpage/oracle-l


Received on Fri Apr 29 2005 - 12:45:51 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US