Re: Security for group of users ???

Not too sure how to disable SQL*Plus for a group - maybe some code in login.sql?

Anyway, I would personally question having a number of different people all log in to Oracle under the same 'UserGroup' account. You lose your tracablity this way. You will have no idea of exactly which person is doing what at any moment and the task of diagnosig some problem can get really hairy if you can;t find the 'culpret'.

I think that what you should be implementing is user roles and have each of the users in question assigned to a 'UserGroup' role which has the appropriate privaliges defined.

As for passwords, if you want to change them all at the same time then I'm sure you could write some code to dynamically retrieve the list of names assigned to the role in the format of your 'change password' command.

My 2p worth...

--
Alan D. Mills

Wolfgang.Rothmayer_at_bmw.de wrote in message <35bc75f2.14781714_at_news.muc>...
>Hi there,
>
>we are seeking for a security mechanism to hinder the use of sqlplus
>for a group of users. No user of this group should be able to execute
>a SQL command if logged in into a database.
>
>On the other hand, we have a NT app where this user group gets logged
>in into this database. Login is done via a group user as the
>administration effort to handle each user differently is to high.
>
>Our aim is to minimize the adminstrative effort to change the password
>for the "group user".
>
>Any input is greatly appreciated.
>
>Wolfgang.
Received on Mon Jul 27 1998 - 09:00:24 CDT