Allowing other system user to use sqlplus

Similar Messages

• [HELP] How to records user who use SQLPlus or SQL editor?

  Dear Gurus,
  Is onyone know how to record user who use SQLplus or any SQL editor?
  for instance...
  user1 using SQLplus on monday august 9.30.21 PM...and I have table which record this for audit user.
  Or..
  Can I block user who connect to oracle using SQLPlus?
  If anyone know how to do this..please inform me...
  Thanks and Regards
  Erie

  You can enable Auditing (AUDIT_TRAIL) and audit at the Session Level to record Logon and Log off of a required user. This can be enabled to be recorded in the audit table or operation system file. You can also audit user statements etc.
  For example, to enable auditing connect for user UGONIC
  SQL>audit connect by UGONIC;
  TO disable it
  SQL>noaudit connect by UGONIC;
  Check in the SQL Reference for the AUDIT statement and requirements.
  If you do not want the user to connect at all via SQL*Plus, you can use PRODUCT_USER_PROFILE to disable a users access to SQL*Plus or at the lower level, disable specified SQL*Plus and SQL commands for the user. You need to run the PUPBLD.SQL script as system user (if not run yet) and add records to it as required.
  Example: After running PUPBLD.SQL. This entry stops the user UGONIC from using the drop command at the backend in SQL*Plus.
  INSERT into product_user_profile (product,userid,attribute,char_value,date_value)
  values('SQL*Plus','UGONIC','DROP','DISABLED',NULL);
  Note that if a user is already connected by the profile entry, it is not activated on that session, but on subsequent logons. Again read the requied security documentations for this.
  For both auditing, you need to set the required database intialisation parameters and know where to get the audit records (in tables, views or OS file). For instance, when using tables, you maintain and query tables like audit$ to view the logs. When using OS type logging, it is recorded on the path specified in the AUDIT_FILE_DEST init parameter (In Windows, it is logged in the Windows Event and you can view it from the event viewer).

• Allowing non-admin users to use certain programs without authenticating

  I would like to allow certain programs to be run by non-admin users without forcing them to authenticate as an admin. Here is my example: I'm running Parallels Desktop with a VM to Windows. I want to allow my children to use this VM to access Windows programs. But, when starting a VM, the Mac OS requires an administrator to authenticate. Needless to say, I don't want my children to be administrators on the machine. I've been assured that this is not an issue related to how Parallels works (from the support team at Parallels). Instead, this is an issue with the Mac. i'm not sure one way or the other, but it seams useful to be able to (in general) allow non-admin users to use certain programs without forcing them to authenicate as administrators.
  There is only one summary in the Mac help on allowing non-admin users to change the time zone settings by directly editing the /etc/authorization file. Does anybody know if this procedure would work for other programs?
  Thanks!

  If you know what the requested right is, that procedure can be applied to any right in an application with a graphic interface by duplicating and modifying entries. The contents of that file don't control usage of sudo in the Terminal.
  (25922)

• Can't Use Video with other Mac users who use AIM

  I know that ichat is compatible for video chats with other pc users who use aim, but does it work with other mac users who use aim?
  Everytime I try to chat with my friend, I get an error message when trying to start of a video chat.
  BTW, I use a iMac G5 with an isight camera.

  Hi Staci,
  For a Bit of Clarity.
  AOL have their Instant Message App. referred to as AIM.
  Apple decided and did a deal with AOL that iChat could join their service Buddy Lists.
  On these Discussions we tend to refer iChat as Logging into AIM, as they are the servers that the Buddy Lists are held on.
  As iChat can also use Bonjour and Jabber, both of which have their own Buddy list window on your Mac. The Jabber side needs you to have a Jabber screen name - so again people differentiate between this and the AIM side.
  I would guess you friend is trying to make it clear that she is using the AIM side of iChat as opposed to the Jabber side.
  As has been said already, the Application side of things also tend to get referred to generically as "AIM" as well.
  The Mac version has stopped and 4.7 and will only Text chat.
  The PC side needs 5.9 to clearly Video or Audio chat with a Mac using iChat. (AIM 6.0 is not stable enough to A/V chat to iChat).
  1:13 PM Saturday; January 27, 2007

• Allow unix account user to execute sqlplus in 10g

  we have created a user with default groups and we required allow him to execute sqlplus command but it is giving errors. ( on same system we have db and oracle account). we do not want him to login into sysdba but as normal user so that he could enter sqlplus user/passwd@dbname. what should be done when a new unix account is created and how allow him to execute sqlplus command?
  OS: openSUSE 11.1 - 32 bi
  DB : 10.2.0.1.0 - 32 bit
  do we need to install instant client ? to allow other than oracle user to access oracle db on same system?
  please help me out. thanks in advance.

  user612078 wrote:
  we have created a user with default groups and we required allow him to execute sqlplus command but it is giving errors. ( on same system we have db and oracle account). we do not want him to login into sysdba but as normal user so that he could enter sqlplus user/passwd@dbname. what should be done when a new unix account is created and how allow him to execute sqlplus command?
  OS: openSUSE 11.1 - 32 bi
  DB : 10.2.0.1.0 - 32 bit
  do we need to install instant client ? to allow other than oracle user to access oracle db on same system?
  please help me out. thanks in advance.If this is on the same box as the db, you definately don't need to install any other client, as the full client was installed with the db. The client you are using has nothing to do with what permissions a particular user may or may not have, either at the OS or DB level.
  You say it is giving errors, but you didn't think giving the acutal specific error message might be needed to help you diagnose the problem? My crystal ball is out for repair.

• Allowing non-Administrator "Users" to use AEBS (1)

  I'm getting tired of always having to "Authorize" other "Users" on my computer without Administrator Privilege when they wish to connect to my "Closed" AEBS. How can I work around this issue so all "Users" can conect to the AEBS?

  It seems that I have originally stated the happenings incorrectly. It should been titled.
  Allowing non-Administrator (or Standard) "Users" to use the Airport Card freely
  I am both the 'Administrator' and the 'User' in this scenario.
  I log in as the 'User', without "Allow user to Administer this computer" checked in System Preferences. This is for enhanced security while surfing at home and also when using open networks on the road. This way an Authentication by the Administrator is required every time when changes to Mac OS X are about to occur.
  And, as far as I am aware, MY 'User' keychain has all the passwords I need to do what I need to do.
  It's when I am logged in as the 'User' and I go to 'Turn Airport on' (in the Apple Menu) that I get the 'Authenticate' window asking me to "Type an Administrator's name and password to make changes to Mac OS X".
  How do I get around having to 'Authenticate' every time 'User" needs to turn the Airport on?

• Allowing non-Administrator "Users" to use AEBS (2)

  I'm getting tired of always having to "Authorize" other "Users" on my computer without Administrator Privilege when they wish to connect to my "Closed" AEBS. How can I work around this issue so all "Users" can conect to the AEBS?

  The problem lies in that the password for the Airport Network is stored in your personal Keychain, not in the system keychaing (which is a shared keychain for all users) Here is how to resolve this:
  1. Open Keychain Access (/Applications/Utilities/Keychain Access
  2. In the bottom left corner of the Keychain Access window there should be a button that says Show Keychains. Press it. If it says Hide Keychains then do not press it.
  3. In the left column of the window, you should now have 2 boxes, the top one showing "Keychains", the lower one showing "Category" (If not, press Show Keychains again.)
  4. You should have at least 2 keychains listed int he top box. One ill be called System, and the other will be called either login, or your username. If you don't see the system keychain here, you need to go to the edit menu and choose Keychain List, click the little plus sign at the bottom of the box and locate your system keychain (/Library/Keychains/) Do NOT click the check box next to your keychain. This will share your keychain, and it is not something you want to do.
  5. Now that you have the System Keychain and your keychain at the top of te window, click on your keychain. The right pane will now have a listing of the contents of your keychain. Locate the password for your Airport Network. It will have the "Applications" Icon (the "A" made up off the ruler, pencil and paintbrush" and will be named after the SSID of your airport netowrk (whatever your network is named) Unnder "Kind", it will say "AirPort network password"... NOT "AirPort base station password".
  The base station password is the password you use to log into the base station to configure the network. Not what you want. Find the one that says "AirPort network password"
  6. Drag this to the keychain named "System" in the left column.
  Type in the password for your Keychain
  Now... when you look at the system keychain you should see your airport netowrk listed there. Anybody should be able to access your airport netowrk from any account on your mac.
  Hope that helps.

• Flush registry from old iphone to allow other ipone users to text my new galaxy 5

  I shifted to a Galaxy S5 and now I can not receive texts from iphone users. How can I get the registry flush accomplished.

  "Registry flush"?
  If you still have your iPhone you need to use it and turn off iMessage, Facetime, Find My iPhone and iCloud on it.
  If you don't have access to it call AppleCare and ask them to disable iMessage for your number.

• How do you allow all normal users to use the IOSsimulator in Xcode without placing them in the _developer group?

  Ever since we've updated Xcode at my place of work normal users have been unable to run their applications in Xcodes iOS simulator because they're prompted with a "Developer Tools Access needs to take control of another process for debugging to continue. Type the name and password of a user in "Developer Tools" group to allow this". I work in an ever expanding office with over 200 employees so adding them all to the _developer group will just be far to time consuming. Is there a way to give normal users permissions to run the IOS simulator?
  Here is the message I would like for normal users to bypass.

  ....I don't see a way around it - either they're in a permissioned group with an applicable login or they're not, right?

• When to set iwtUser-role and other per user schema using custom athentication?

  I have written my own authentication module and would like to set per user schema on login. Can I write iwtUser-role, iwtCalendarProvider-calendarUserPassword, etc from the authentication class?

  Yes you can, after the authentication is complete you get the profile object and then set whatever value you want to set for particular attributes you want to set ..

• How come I cannot recieve text messages from other iphone users without using imessage?

  I do not have a data plan, so when I am not connected to wi-fi I cannot recieve text messages from other people using an Iphone. I can recieve them once I turnn on imessage and am connected to wi-fi though. Why is this and what can I do to fix it??

  Check Settings>General>Cellular to be sure you have Cellular Data set to On.

• How to end user session correctly as sys or system user

  Hi,
  Database version Oracle 10.2.0.3
  We have to end user sessions to update database content. We cant stop/shutdown the instance but we have to assure that some users are not logged on.
  So we are looking for a solution to end some arbitrary user sessions as sys or system user without using the KILL USER SESSION option. We want to assure that the user sessions end correctly.
  Is there a possibility or a command in Oracle 10g to end a user session correctly ?
  Thanks for your assistance.

  http://download.oracle.com/docs/cd/B19306_01/server.102/b14200/statements_2013.htm#i2053602
  I think DISCONNECT SESSION Clause is what you are looking for.
  Let us know if this is not the case.

• Locked SYS and SYSTEM user

  DB version: 11.2.0.2
  OS : Solaris 10
  In our production DBs , I've noticed that both SYS and SYSTEM users are locked
  $ sqlplus / as sysdba
  SQL*Plus: Release 11.2.0.2.0 Production on Thu Jan 19 14:21:34 2012
  Copyright (c) 1982, 2010, Oracle.  All rights reserved.
  Connected to:
  Oracle Database 11g Enterprise Edition Release 11.2.0.2.0 - 64bit Production
  With the Partitioning option
  SQL> select username, account_status from dba_users where username like 'SYS%';
  USERNAME                       ACCOUNT_STATUS
  SYSTEM                         LOCKED
  SYS                            LOCKED1. How can I log in to SYS account despite being locked. Is it because i logged in through external authentication?
  2. Is locking the SYS user a standard practise ? If so, why ?

  Hi;
  1. How can I log in to SYS account despite being locked. Is it because i logged in through external authentication?set ORACLE_HOME, ORACLE_SID than
  sqlplus "/as sysdba"
  alter user xx account unlock;
  2. Is locking the SYS user a standard practise ? If so, why ?
  SYS and SYSTEM are default users, created with the creation of the database. Although they have much power - as they are granted the DBA role - they're still ordinary users. Because SYS owns the data dictionary, (s)he is considered a bit more special than SYSTEM. But SYS has the SYSDBA privilege which SYSTEM doesn't. This makes it possible for SYS to become a very very powerful user. This is the case when (s)he connects as sys/password as SYSDBA or / as sysdba. The as sysdba phrase is a request to aqcuire the privileges associated wht the single SYSDBA system privileges (see here).
  Source:
  http://www.adp-gmbh.ch/ora/misc/sys_system_internal.html
  Regard
  Helios

• Lock sys and system user

  Dear all,
  We have 10.2.0.4 on solaris 10.
  Currently we had I.T audit on our environment and auditor commented to lock sys and system user and use one user with any name (not oracle generic name) and grant him sys and system privilege and to use this user for admin purposes. is this right ?.. is this recommended ?
  Please advise

  Hello,
  I think it's not a right way to lock SYS.
  More over, if you connect as OS Administrator (root for Unix/linux) on the server and use
  OS Authentification then, you can connect on SYS AS SYSDBA anyway.
  So, in fact, it's not possible to lock out SYS even if you execute the following:
  ALTER USER SYS ACCOUNT LOCK;If you want to prevent access on SYS you should set a complex and long password and
  apply the same rule for the Administrator / root OS user.
  These passwords must be known by very few and well - identified people and written nowhere
  (in any files or scripts).
  More over, you should limit DBA roles to SYS and SYSTEM and remove this powerful Role
  from other Oracle Users.
  Then, you may enable session AUDIT so as to control the connexion on the database and,
  create a LOGON TRIGGER so as to check the login, workstation, program of the end users
  who connect to the database.
  On 10g, EM DBConsole shows an alert everytime a User is connected with SYS.
  Please, find enclosed, an interesting document written by Pete Finigan on this topic:
  http://www.insight.co.uk/files/presentations/Hacking%20and%20securing%20Oracle.pdf
  Hope this help.
  Best regards,
  Jean-Valentin

• Why is my iphone showing up green instead of blue to other iphone users?

  Why is my ipone showing up green instead of blue to other iphone users?

  using imessage your text bubble should be grey to them i do believe.