Unable to grant privileges to enque or deque

Hi ...
I am new to AQ. I am trying to send a notification mail using JMS when something changes in the database. I am just going through a guide for the beginers. ie
http://www.oracle.com/technology/products/ias/toplink/technical/tips/DbChangeNotification/index.htm
I connected to the database as system admin.But I am unable to grant previleges to any general user. I am getting "ORA-00900 invalid SQL statement" error.
How can I set up the environment for Advanced Queuing and How can I resolve this issue?
I would appreciate any help or relevant material to accomplish my task.
Thanks and Regards,
Prince.

sql i am tryin to run.
EXEC DBMS_AQADM.GRANT_SYSTEM_PRIVILEGE(privilege => 'ENQUEUE_ANY',grantee => 'dbuser',admin_option => FALSE);
Error message:
ORA - 00900: invalid sql statement.
vendor code:900
Thanks for the help,
Prince

Similar Messages

  • Grant Privileges to another user

    Hi,
    I am new to plsql. In course of my learning. I created two tables BOOKS and AUTHORS in orcl database(10g) through SYSDBA.
    Again i logged in to SCOTT user account and am unable to see the BOOKS and AUTHORS tables.
    Please let me know how do i grant administrative privileges(to edit,delete,insert,update) to SCOTT user for these tables.
    Thanks & Regards,
    Amrutha.

    808099 wrote:
    1. Got now that SYSDBA is a role and SYS is user.
    2. I was able to login to sqlplus through giving "/ as SYSDBA" as the username. Hence i thought it as user."/ as sysdba" connects to the database as the SYS user using operating system authentication with the SYSDBA role enabled.
    3. Secondly, I dont know which schema does my BOOKS table belong to. Because i just ran a create table script in scott/tiger@orcl. PLease suggest how i can know which schema it belongs to.If you connected to the database as the SCOTT user and ran the script to create the table, the table would almost certainly be owned by SCOTT. If you connected to the database as the SYS user and ran the script to create the table, the table would most likely be owned by SYS. If the script specified the schema owner, i.e.
    CREATE TABLE library.book ...the table would be created in the specified schema. But you need to have very powerful privileges in order to create objects in other user's schemas and SCOTT does not have those privileges unless you've specifically granted them.
    4. Thirdly, I will delete the BOOKS and AUTHORS from SYS and create them in SCOTT user. But thought if GRANT privileges can be an alternative.Not really. It's much better to have the tables owned by the correct schema in the first place. You use grants to allow other users to access (or modify) tables but other users are not going to have the same level of privileges (for example, they're not going to be able to run DDL against the table).
    Justin

  • Error while granting privileges to new user

    hi all,
    I created new user and i tried to grant privileges to that new user by using ( SQL> CONNECT / AS sysdba;
    Connected.
    SQL> CREATE USER cdcproj IDENTIFIED BY cdcproj
    2 QUOTA UNLIMITED ON SYSTEM
    3 QUOTA UNLIMITED ON SYSAUX;
    User created.
    SQL> GRANT CREATE SESSION TO cdcproj;
    Grant succeeded.
    SQL> GRANT CREATE TABLE TO cdcproj;
    Grant succeeded.
    SQL> GRANT SELECT_CATALOG_ROLE TO cdcproj;
    Grant succeeded.
    SQL> GRANT EXECUTE_CATALOG_ROLE TO cdcproj;
    Grant succeeded.
    SQL> EXECUTE DBMS_STREAMS_AUTH.GRANT_ADMIN_PRIVILEGE(grantee => 'cdcproj'); PL/SQL procedure successfully completed.
    SQL> GRANT ALL ON PL.PROJ_HISTORY TO cdcproj;
    Grant succeeded. ). All the commands worked except last command. It is giving error i.e (GRANT ALL ON PL.PROJ_HISTORY TO cdcproj; ) error is ( table / view not exists ).
    What i can do. Any help.
    Otherwise is there any other method to grant privileges.
    Thanks in advance.

    What is your Oracle version ?
    Are you sure the object PL.PROJ_HISTORY exists ?
    What is the output of (using the Oracle account that executes the GRANT):
    select * from session_roles;
    select * from session_privs;

  • How to grant privileges on all the tables in a schema

    Hi All,
    Can you tell me how to grant privileges on all the tables of a schema A
    to schema B.
    For Example:
    There are 200 tables in schema A, I wanted to grant select privilege on all the tables of a scheme A to schema B.
    Thanks in advance.

    note that USER is the user that will have the select priviledge
    the procedure includes views as well
    CREATE OR REPLACE PROCEDURE GRANT_ACCESS_ON_USER IS
    CURSOR c1 is select table_name from user_tables;
    CURSOR c2 is select view_name from user_views;
    tablename user_tables.TABLE_NAME%TYPE;
    viewname user_views.VIEW_NAME%TYPE;
    BEGIN
    tmpVar := 0;
    OPEN c1;
    loop
         fetch c1 into tablename;
         EXIT WHEN c1%NOTFOUND;
         EXECUTE IMMEDIATE 'GRANT SELECT on '||tablename ||' to USER';
    end loop ;
    close c1;
    OPEN c2;
    loop
         fetch c2 into viewname;
         EXIT WHEN c2%NOTFOUND;
         EXECUTE IMMEDIATE 'GRANT SELECT on '||viewname ||' to USER';
    end loop ;
    close c2;
    EXCEPTION
    WHEN NO_DATA_FOUND THEN
    NULL;
    WHEN OTHERS THEN
    -- Consider logging the error and then re-raise
    RAISE;
    END;
    /

  • Grant Privilege to Role instead of Direct grant doesn't work

    Hi all
    My scenario is sas follow:
    create user a identified by a;
    create user b identified by b;
    grant connect,resource to a ;
    grant connect,resource to b ;
    conn a/a
    create table tbl( c1 number(10));
    conn system/sys
    create role roll;
    grant roll to b;
    conn a/a
    grant select on tbl to roll;
    conn b/b
    set role roll;
    create or replace procedure b.pr
    as
    v number(10);
    begin
    select a into v
    from a.tbl
    where a=0;
    end;
    show error
    Errors for PROCEDURE B.P:
    LINE/COL ERROR
    6/1 PL/SQL: SQL Statement ignored
    7/6 PL/SQL: ORA-00942: table or view does not exist
    This happen because i granted the SELECT privilege to user b through the role ROLL but if i granted the user b the SELECT privilege directly it work properly
    Why???
    And how could I grant the privilege from within a role, Because i don't want to grant it directly
    Thank in advance
    Bassil

    There is no other way. The owner of stored code must have been directly granted all necessary (used in code) select, insert, update, or delete privileges. The code owner cannot just have the referenced privileges granted to them via a role. There is no workaround, nor should there be as this is a security feature. Just because you have been granted insert or delete to another user's tables does not mean you should be able to grant that access to some other user. This is exactly what you do when you grant execute to stored code that referenced another user's objects.
    The referenced article is by Tom Kyte and there are few people who understand how to use Oracle to better effect than Tom. The same information can be found in the official documentation and is referenced by the article.
    You can write packages that use the privileges of the executing person. Perhaps for the specific problem you are writing the code to handle this is the route you want to take. See the manuals for the details.
    Note - If user A grants insert to user B on table_a then user B can write a procedure, proc_b, and grant execute to a role and anyone with the role can perform inserts into table_a via proc_b, without having any grants on table_a. You do not need to grant privileges on the objects referenced in stored code that runs as the code owner if this is what you are worried about. The users just need execute on the package, procedure, or function that performs the DML operations in this case and they can get that from a role.
    If you still do not understand you need to state exactly what it is you either do not understand or want to know how to do.
    HTH -- Mark D Powell --

  • Problem with granting privileges

    We are creating a separate user for loading data into staging tables on our db and are having problems granting privileges. The original user is securities_developer and the new user is securities_loader. As securities_developer, I execute the following command:
    grant delete,update,insert,select on securities_work to securities_loader;
    The output indicates success, but when I switch to that user and perform 'select * from securities_work', the table isn't found. Using Oracle Enterprise Manager, I look up the table and it indicates that the above privileges have been granted. Am I missing something?
    version info:
    Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production
    PL/SQL Release 11.2.0.1.0 - Production
    "CORE     11.2.0.1.0     Production"
    TNS for Linux: Version 11.2.0.1.0 - Production
    NLSRTL Version 11.2.0.1.0 - Production

    Hi,
    Do you have a (public) synonym on your table securities_work ?
    Or, try to add the schema owner in your query like: 'select * from securities_developer.securities_work'
    Regards,
    Thierry

  • Grant privileges to all objects

    Oracle 11.0.1.7.0:
    When I create new user I do something like:
    create user abc identified by abc
    grant create session, create table, create views, create snapshot to abc - separate grant for each object
    grant unlimited tablespace to abc;So when I do that sometimes I forget privileges for sequences. Is there a way to give privilege in one sql to the user to let that user create table, views, session, tablespace etc.
    Edited by: user628400 on Jun 9, 2009 5:35 PM

    Is there a list of things like create table, session etc. that I can look at to determine what options I have?select distinct privilege from role_sys_privs order by 1;
    will give you a list of privileges which can be granted to role.
    is there a way to grant privileges to all different types like create table, session etc in one statement without having to type each one of them separately like grant create session, grant table?As other replied, this can be achieved by creating a role like:
    SQL> create role newrole;
    Role created.
    SQL> grant create table,query rewrite to newrole;  -- Or any privilege by above command.
    Grant succeeded.
    SQL> grant newrole to <YourUserName>;  --
    Grant succeeded.HTH
    Girish Sharma

  • Grant privileges to user

    hi all,
    How to create and grant privileges to user using sql command.
    Thanks

    Hi,
    Example :-
    log on as sysdba
    grant connect, resource to test identified by test;
    test is the user.
    Go through this links
    http://download.oracle.com/docs/cd/B19306_01/server.102/b14200/statements_8003.htm#SQLRF01503
    http://download.oracle.com/docs/cd/B19306_01/server.102/b14200/statements_9013.htm#SQLRF01603
    Thanks
    Pavan Kumar N

  • ORACLE - How to GRANT privilegies on ALL the tables belonging to a schema

    Is there a way to grant to a user the same privilegies on ALL the tables belonging to the same schema, so that, in case a new table is created afterwards, the grant is automatically given ?
    Thanks in adance for any reply

    Yes of course ! Just do the same as Oracle Applications: an end user has no Oracle account, the application code connects with the Oracle account that is the schema owner:
    no more grant needed ... That's a joke but it's also true ! In this case, your application must implement its own security (password management, audit, privileges) and you will not be able to use Oracle privileges, auditing and advanced security features ... just like Oracle Applications.
    The above answers are of course correct. You can also create an Oracle role that you can grant to the Oracle users and grant the privileges to this role everytime a new table is created to avoid granting privileges for each new object to each user.

  • How to restrict a schema owner from granting privileges to other users.

    How can we restrict a schema owner from granting privileges to other users on his objects (e.g. tables). Lets say we have user called XYZ and he has tables in his schema TAB1, TAB2 an TAB3. How can we restrict user XYZ from granting privileges on TAB1, TAB2 and TAB3 to other users in the database. Is it possible in Oracle 10g R2? Any indirect or direct way to achieve this? Please help on this.
    Thanks,
    Manohar

    Whenever someone is trying to prevent an object owner from doing something, that's generally a sign of a deeper problem. In a production database, the object owner shouldn't generally have CREATE SESSION privileges, so the user shouldn't be able to log in, which would prevent the user from issuing any grants.
    As a general rule, you cannot stop an object owner from granting privileges on the objects it owns. You can work around this by creating a database-level DDL trigger that throws an exception if the user issuing the statement is XYZ and the DDL is a GRANT. But long term, you probably want to get to the root of the problem.
    Justin
    Edited by: Justin Cave on Nov 6, 2008 9:52 PM
    Enrique beat me to it.

  • Granting privilege through role not working for PL/SQL

    Version: 11.2.0.2
    In our shop, we don't grant privileges directly to a user, we grant it to a role and grant that role to the intended grantee.
    Granting privileges through a role seems to be fine with SQL Engine. But it doesn't work from PL/SQL engine.
    In the below example GLS_DEV user is granted SELECT access on SCOTT.pets table through a role called tstrole. GLS_DEV can select this table from SQL. But PL/SQL Engine doesn't seem to know this.
    Reproducing the issue:
    SQL> show user
    USER is "SCOTT"
    SQL> select * from pets;
    NAME
    PLUTO
    SQL> conn / as sysdba
    Connected.
    SQL> create user GLS_DEV identified by test1234 default tablespace TSTDATA;
    User created.
    SQL> alter user GLS_DEV quota 25m on TSTDATA;
    User altered.
    SQL> grant create session, resource to GLS_DEV;
    Grant succeeded.
    --- Granting SELECT privilege on scott.pets to tstrole and then grant this role to GLS_DEV.
    SQL> conn / as sysdba
    Connected.
    SQL>
    SQL> create role tstrole;
    Role created.
    SQL> grant select on scott.pets to tstrole;
    Grant succeeded.
    SQL> grant tstrole to GLS_DEV;
    Grant succeeded.
    SQL> conn GLS_DEV/test1234
    Connected.
    SQL>
    SQL> select * From scott.pets;
    NAME
    PLUTO
    ---- All fine till here. From SQL engine , GLS_DEV user can SELECT scott.pets table.
    --- Now , I am going to create a PL/SQL object in GLS_DEV which tries to refer scott.pets
    SQL> show user
    USER is "GLS_DEV"
    create or replace procedure my_proc
    is
    myvariable varchar2(35);
    begin
         select name into myvariable from scott.pets ;
         dbms_output.put_line(myvariable);
    end my_proc;
    Warning: Procedure created with compilation errors.
    SQL> show errors
    Errors for PROCEDURE MY_PROC:
    LINE/COL ERROR
    6/2      PL/SQL: SQL Statement ignored
    6/41     PL/SQL: ORA-01031: insufficient privileges
    SQL>
    SQL> 6
      6*    select name into myvariable from scott.pets ;
    --- PL/SQL Engine doesn't seem to know that GLS_DEV has select privilege on scott.pets indirectly granted through a role
    --- Fix
    --- Instead of granting privilege through a role, I am granting the SELECT privilege on scott.pets to GLS_DEV directly.
    --- The error goes away, I can compile and execute the procedure !!
    SQL> conn / as sysdba
    Connected.
    SQL>
    SQL> grant select on scott.pets to GLS_DEV;
    Grant succeeded.
    SQL> conn GLS_DEV/test1234
    Connected.
    SQL>
    SQL> create or replace procedure my_proc
    is
    myvariable varchar2(35);
    begin
            select name into myvariable from scott.pets ;
            dbms_output.put_line(myvariable);
    end my_proc;  2    3    4    5    6    7    8    9   10
    11  /
    Procedure created.
    SQL> set serveroutput on
    SQL> exec my_proc;
    PLUTO
    PL/SQL procedure successfully completed.Has anyone encountered the same issue ?

    You really should start your own new thread for this question instead of resurrecting an old one, but to answer your question.
    There are two things going on here. First, there are a number of aler session commands that can be used by any user regardless of what privileges they are granted. Although I do not have the entire list at hand, things like nls_date_format and current_schema are available to all users, sort of like the grants to public in the data dictionary.
    Second, when you use execute immediate, the PL/SQL engine never really sees the statement, as far as the compiler is concerned it is just a string. It is only when the string is passed to the sql engine that permissions are checked, and there roles are not enabled.
    SQL> create role t_role;
    Role created.
    SQL> grant select on ops$oracle.t to t_role;
    Grant succeeded.
    SQL> create user a identified by a default tablespace users;
    User created.
    SQL> grant create session, create procedure to a;
    Grant succeeded.
    SQL> grant t_role to a;
    Grant succeeded.
    SQL> connect a/a
    Connected.
    SQL> select * from ops$oracle.t;
            ID DESCR
             1 One
             1 Un
    SQL> create function f (p_descr in varchar2) return number as
      2     l_num number;
      3  begin
      4     select id into l_num
      5     from ops$oracle.t
      6     where descr = p_descr;
      7     return l_num;
      8  end;
      9  /
    Warning: Function created with compilation errors.
    SQL> show error
    Errors for FUNCTION F:
    LINE/COL ERROR
    4/4      PL/SQL: SQL Statement ignored
    5/20     PL/SQL: ORA-00942: table or view does not exist
    SQL> create or replace function f (p_descr in varchar2) return number as
      2     l_num number;
      3  begin
      4     execute immediate 'select id from ops$oracle.t where descr = :b1'
      5                       into l_num using p_descr;
      6     return l_num;
      7  end;
      8  /
    Function created.
    SQL> select f('One') from dual;
    select f('One') from dual
    ERROR at line 1:
    ORA-00942: table or view does not exist
    ORA-06512: at "A.F", line 4John

  • OID-DAS Granting privileges to User

    Hi All,
    I am using OID to store user information from different organizations. I am using OIDDAS ( Delegated Administrative Services) to enter user information. To incorporate the delegation model I am able to create a user and give him privilege to add other users. I can also give him privilege to grant privilege to other users. However, for security purposes I do not want them to be able to grant or use the 'Allow Oracle Delegated Administration Services configuration' privilege, that appears by default in the window. Is there I can alter this.
    Any help on this will be much appreciated.
    Thanks

    It can be done but is not as trivial as GRANT priv TO user. The disco privs are stored in the EULx_ACCESS_PRIVS table. Theoretically, you would just have to add records there to implement the privileges.
    You'll need to look in the EULx_EUL_USERS to get the user IDs, and youd need to find out the application privilege IDs. They are stored in the EULx_ACCESS_PRIVS table, and there are no descriptions. What you would need to do is create a test user, add one privilege, and see what got added to the EULx_ACCESS_PRIVS table. You could then repeat this process for each priv you would want to grant through a script.

  • Granting Privileges question

    This is not a duplicate post. User Wilhem posted it in the wrong forum.
    In the below mentioned link, user CD has provided a quick way to grant privileges to another user. But it didn't work for me. Is there something wrong with with the DECODE expressions?
    Re: Granting Privileges question

    Instead of granting privileges to a user, i wanted to grant these privileges to a role. So i created a role
    CREATE ROLE jenrole;
    And then i tried the below mentioned script. But i am getting error
    DECLARE
    v_sql VARCHAR2(4000);
    BEGIN
    FOR obj IN (SELECT object_name
    , object_type
    , DECODE (OBJECT_TYPE,
    'PROCEDURE','EXECUTE',
    'FUNCTION' ,'EXECUTE',
    'PACKAGE' ,'EXECUTE',
    'SYNONYM' ,'SELECT' ,
    'SELECT, INSERT, UPDATE, DELETE') rights
    FROM user_objects)
    LOOP
    v_sql := 'GRANT '|| obj.rights ||' ON '|| obj.object_name ||' TO JENROLE' ;
    dbms_output.put_line(v_sql);
    EXECUTE IMMEDIATE v_sql; END LOOP;
    END;
    ERROR at line 1:
    ORA-00911: invalid character
    ORA-06512: at line 16
    Why am i getting error? The error line is boldened

  • Grant privileges to a user for user_lock

    user_lock.sleep (3000);
    i am using it in my procedure.
    is it require to grant privileges to a user for user_lock.

    There is no built-in package namely user_lock. Actually it is dbms_lock.
    http://download-east.oracle.com/docs/cd/B19306_01/appdev.102/b14258/d_lock.htm#sthref3898
    I was using dbms_lock few days ago. Yes dba has to give the privilege to use this package.
    SQL> grant execute on dbms_lock to scott;
    Grant succeeded.
    [My experiment]
    http://mamohiuddin.blogspot.com/2007/02/plsql-block-abnormal-termination-ed.html

  • To grant  privileges to user or/and group

    Hi,
    I need information about to grant privileges on content area and folders.
    For example, if I grant privilege to view content on Content area and I grant privilege of Manage Items on folder. Can the users or group add items to folder? Or can they view the content?
    Thank you for information,
    Noel

    I changed the file (sudo vi $ORACLE_HOME/rdbms/admin/externaljob.ora) to read run_user = oracle and run_group = dba. The error remains the same - also after restart of dbconsole. Anyway, the file has note: The user and group specified here should be a lowly privileged user and group for your platform. For Linux this is nobody and nobody. Which it was, and I changed it back to that.
    Btw:
    SQL> SELECT owner, credential_name, username FROM dba_scheduler_credentials;
    no rows selected
    SQL> execute DBMS_SCHEDULER.CREATE_CREDENTIAL('oracle','oracle','password');
    After the above I was able to select "sys.oracle" as the credential name pull-down menu of the scheduler job edit mode.
    And the job succeeded: EXTERNAL_LOG_ID="job_73826_863", USERNAME="oracle"
    How does one set credentials if not in the "preferred credential setup" in dbconsole EM?
    Edited by: Dude on Jan 14, 2011 2:11 PM

Maybe you are looking for

  • First 4 Days: Life With New MacBook Pro Retina (Business Use)

    Wrote a co-worker my early impressions of the new machine a couple of days ago. This is a bit updated. - We are a global organization in 62 countries, so this is written from and for our needs.  The co-worker  does major video work, but I have no ide

  • Problem in Server Admin: cpu and network graphs not updated or empty after lion server update

    Hi! Just for archive purpouses because i've already solved that! After upgrading from OSX Server 10.7 to 10.7.1 my CPU and Network graphs in Server Admin stop being updated. In 24h the graphs where blank (disk usage graph seem to keep working). First

  • How to make a list of commands

    Hi, I am making a VI to control a pump. I can communicate now with the pump ( thanks to you guys) but my promotor wants an easy acces list of commands to use on the front panel. For example RV00000900 is a command that is send to the pump an agrees w

  • Basic Interactive 3D PDF creation? Need answers....

    I've got Acrobat 9 Pro Extended, and am trying to re-create a technical repair 3D pdf similar to the samples I've seen online (like the carburetor repair pdf located somewhere on this site). So far, I've been able to create my own animated 3D pdf fro

  • Ack. did i move something accidentally in GRAPHIC CONVERTER

    argh. i think i might have done something really dumb by accidentally moving a portion of my APPLICATIONS folder while working in Graphic Converter. is this possible? the screenshot at the bottom shows an Applications folder with data in it that is s