Getting ORA-01031: Insufficient privileges when connecting as sys as sysdba
Hi There,
I am running Linux AS version 4, oracle 102.0.1, and logginging as oracle user which belongs to dba group. I got error "ORA-01031: Insufficient privileges" when trying to connect as sys user to bring up database. I wondered what is causing the error. Here is an example
oracle-dev>sqlplus /nolog
SQL>conn as sys/oracle@dev as sysdba
ERROR:
ORA-01031: Insufficient privileges
Any suggestions would be greatly appreciated. Thanks again.
Rich,
Did you create a password file ?
http://download-uk.oracle.com/docs/cd/B19306_01/server.102/b15658/admin_ora.htm#sthref142
Message was edited by:
Paul M.
BTW, the syntax is
SQL>conn sys/oracle@dev as sysdba
Similar Messages
-
ORA-01031: insufficient privileges when connecting by SQL PLUS 8.0 with sys
From client, I use SQL PLUS 8.0 to connect to server: sys/password@MYDB1 as sysdba
The error always raises “ORA-01031: insufficient privileges”
I have done:
- Set: remote_login_passwordfile=exclusive in tnsname.ora file
- Uncomment: SQLNET.AUTHENTICATION_SERVICES in “sqlnet.ora” file
Also on this client:
to use SQL PLUS 8.0 to connect to server: manager/password@MYDB1. To connect normally
to use PLSQL Deverloper (it is the same oracle_home with SQL PLUS 8.0) to connect to database normally with user sys.
To use Enterprise manager console (it is other oracle_home with SQL PLUS 8.0) to connect to database normally with user sys
Please, help me to solve this troubleTHIS IS CONTENT OF SQLNET.ora CLIENT
# copyright (c) 1996 by the Oracle Corporation
# NAME
# sqlnet.ora
# FUNCTION
# Oracle Network Client startup parameter file example
# NOTES
# This file contains examples and instructions for defining all
# Oracle Network Client parameters. It should be possible to read
# this file and setup a Client by uncommenting parameter definitions
# and substituting values. The comments should provide enough
# explanation to enable a reasonable user to manage his TNS connections
# without having to resort to 'real' documentation.
# SECTIONS
# ONames Client
# Namesctl
# Native Naming Adpaters
# MODIFIED
# skanjila 06/06/97 - Correct default for Automatic_IPC
# eminer 05/15/97 - Add the relevant onrsd parameters.
# asriniva 04/23/97 - Merge with version from doc
# ggilchri 03/31/97 - mods
# bvasudev 02/07/97 - Change sqlnet.authentication_services documentation
# bvasudev 11/25/96 - Merge sqlnet.ora transport related parameters
# asriniva 11/12/96 - Revise with new OSS parameters.
# asriniva 11/05/96 - Add ANO parameters.
# - ONames Client ----------------------------------------------------
#names.default_domain = world
#Syntax: domain-name
#Default: NULL
# Indicates the domain from which the client most often requests names. When
# this parameter is set the default domain name (for example, US.ACME), the
# domain name will be automatically appended to any unqualified name in an
# ONAmes request (query, register, deregister, etc). Any name which contains
# an unescaped dot ('.') will not have the default domain appended. Simple
# names may be qualified with a trailing dot (for example 'rootserver.').
#names.initial_retry_timeout = 30
#Syntax: 1-600 seconds
#Default: 15 (OSD)
# Determines how long a client will wait for a response from a Names Server
# before reiterating the request to the next server in the preferred_servers
# list.
#names.max_open_connections = 3
#Syntax: 3-64
#Default: ADDRS in preferred_servers
# Determines how many connections an ONames client may have open at one time.
# Clients will ordinarily keep connections to servers open once they are
# established until the operation (or session in namesctl) is complete. A
# connection will be opened whenever needed, and if the maximum would be
# exceeded the least recently used connection will be closed.
#names.message_pool_start_size = 10
#Syntax: 3-256
#Default: 10
# Determines the initial number of messages allocated in the client's message
# pool. This pool provides the client with pre-allocated messages to be used
# for requests to ONames servers. Messages which are in the pool and unused
# may be reused. If a message is needed and no free messages are available in
# the pool more will be allocated.
#names.preferred_servers = (address_list =
# (address=(protocol=ipc)(key=n23))
# (address=(protocol=tcp)(host=nineva)(port=1383))
# (address=(protocol=tcp)(host=cicada)(port=1575))
#Syntax: ADDR_LIST
#Default: Well-Known (OSD)
# Specifies a list of ONames servers in the client's region; requests will be
# sent to each ADDRESS in the list until a response is recieved, or the list
# (and number of retries) is exhausted.
# Addresses of the following form specify that messages to the ONames server
# should use Oracle Remote Operations (RPC):
# (description =
# (address=(protocol=tcp)(host=nineva)(port=1383))
# (connect_data=(rpc=on))
#names.request_retries = 2
#Syntax: 1-5
#Default: 1
# Specifies the number of times the client should try each server in the list
# of preferred_servers before allowing the operation to fail.
#names.directory_path
#Syntax: <adapter-name>
#Default: TNSNAMES,ONAMES,HOSTNAME
# Sets the (ordered) list of naming adaptors to use in resolving a name.
# The default is as shown for 3.0.2 of sqlnet onwards. The default was
# (TNSNAMES, ONAMES) before that. The value can be presented without
# parentheses if only a single entry is being specified. The parameter is
# recognized from version 2.3.2 of sqlnet onward. Acceptable values include:
# TNSNAMES -- tnsnames.ora lookup
# ONAMES -- Oracle Names
# HOSTNAME -- use the hostname (or an alias of the hostname)
# NIS -- NIS (also known as "yp")
# CDS -- OSF DCE's Cell Directory Service
# NDS -- Novell's Netware Directory Service
# - Client Cache (ONRSD) ---------------------------------------------
names.addresses = (ADDRESS=(PROTOCOL=IPC)(KEY=ONAMES))
Syntax: ADDR
Default: (ADDRESS=(PROTOCOL=IPC)(KEY=ONAMES))
Address on which the client cache listens (is available to clients).
Any valid TNS address is allowed. The default should be used if at
all possible; clients have this entry hardwired as the first line
of their server-list file (sdns.ora). If the address is set to a
non-default value the client's preferred_servers parameter should
be set to include the client-cache address first.
names.authority_required = False
Syntax: T/F
Default: False
Determines whether system querys (for the root etc) require Authoritative
answers.
names.auto_refresh_expire = 259200
Syntax: Number of seconds, 60-1209600
Default: 259200
This is the amount of time (in seconds) the server will cache the addresses
of servers listed in server-list file (sdns.ora). When this time expires the
server will issue another query to the servers in those regions to refresh
the data.
names.auto_refresh_retry = 180
Syntax: Number of seconds, 60-3600
Default: sec. 180
This set how often the server will retry when the auto_refresh query fails.
names.cache_checkpoint_file = cache.ckp
Syntax: filename
Default: $ORACLE_HOME/network/names/ckpcch.ora
Specifies the name of the operating system file to which the Names Server
writes its foreign data cache.
names.cache_checkpoint_interval = 7200
Syntax: Number of seconds, 10-259200
Default: 0 (off)
Indicates the interval at which a Names Server writes a checkpoint of its
data cache to the checkpoint file.
names.default_forwarders=
(FORWARDER_LIST=
(FORWARDER=
(NAME= rootserv1.world)
(ADDRESS=(PROTOCOL=tcp)(PORT=42100)(HOST=roothost))))
Syntax: Name-Value/address_list
Default: NULL
A list (in NV form) of the addresses of other servers which should be used to
forward querys while in default_forwarder (slave) mode. NAME is the global
names for the server to which forwards whould be directed, and ADDRESS is its
address.
names.default_forwarders_only = True
Syntax: T/F
Default: False
When set to true this server will use the servers listed in default_forwarders
to forward all operations which involve data in foreign regions. Otherwise it
will use the servers defined in the server-list file (sdns.ora) in addition
to any defined in the default_forwarders parameter.
names.log_directory = /oracle/network/log
Syntax: directory
Default: $ORACLE_HOME/network/log
Indicates the name of the directory where the log file for Names Server
operational events are written.
names.log_file = names.log
Syntax: filename
Default: names.log
The name of the output file to which Names Server operational events are
written.
names.log_stats_interval = 3600
Syntax: Number of seconds, 10-ub4max
Default: sec. 0 (off)
Specifies the number of seconds between statistical entries in log file.
names.log_unique = False
Syntax: T/F
Default: False
If set to true the server will guarantee that the log file will have a unique
name which will not overwrite any existing files (note that log files are
appended to, so log information will not be lost if log_unique is not true).
names.max_open_connections = 10
Syntax: 3-64
Default: 10
Specifies the number of connections that the Names Server can have open at any
given time. The value is generated as the value 10 or the sum of one
connection for listening, five for clients, plus one for each foreign domain
defined in the local administrative region, whichever is greater. Any
operation which requires the server to open a network connection will use
an already open connection if it is available, or will open a connection
if not. Higher settings will save time and cost network resources; lower
settings save network resources, cost time.
names.max_reforwards = 2
Syntax: 1-15
Default: 2
The maximum number of times the server will attempt to forward a certain
operation.
names.message_pool_start_size = 24
Syntax: 3-256
Default: 10
Determines the initial number of messages allocated in the server's message
pool. This pool provides the server with pre-allocated messages to be used
for incoming or outgoing messages (forwards). Messages which are in the pool
and unused may be reused. If a message is needed and no free messages are
available in the pool more will be allocated.
names.no_modify_requests = False
Syntax: T/F
Default: False
If set to true, the server will refuse any operations which modify the
data in its region (it will still save foreign info in the cache which is
returned from foreign querys).
names.password = 625926683431AA55
Syntax: encrypted string
Default: NULL
If set the server will require that the user provide a password in his
namesctl session (either with sqlnet.ora:namesctl.server_password or 'set
password') in order to do 'sensitive' operations, like stop, restart, reload.
This parameter is generally set in encrypted form, so it can not be set
manually.
names.reset_stats_interval = 3600
Syntax: 10-ub4max
Default: 0 (off)
Specifies the number of seconds during which the statistics collected by the
Names Servers should accumulate. At the frequency specified, they are reset
to zero. The default value of 0 means never reset statistics.
names.trace_directory = /oracle/network/trace
Syntax: directory
Default: $ORACLE_HOME/network/trace
Indicates the name of the directory to which trace files from a Names Server
trace session are written.
names.trace_file = names.trc
Syntax: filename
Default: names.trc
Indicates the name of the output file from a Names Server trace session.
names.trace_func # NA
Syntax: T/F
Default: False
Internal mechanism to control tracing by function name.
names.trace_level = ADMIN
Syntax: T/F
Default: False
Syntax: {OFF,USER,ADMIN,0-16}
Default: OFF (0)
Indicates the level at which the Names Server is to be traced.
Available Values:
0 or OFF - No trace output
4 or USER - User trace information
10 or ADMIN - Administration trace information
16 or SUPPORT - WorldWide Customer Support trace information
names.trace_mask = (200,201,202,203,205,206,207)
Syntax: list of numbers
Default: NULL
Internal mechanism to control trace behavior.
names.trace_unique = True
Syntax: T/F
Default: False
Indicates whether each trace file has a unique name, allowing multiple trace
files to coexist. If the value is set to ON, a process identifier is appended
to the name of each trace file generated.
# - Namesctl ---------------------------------------------------------
#namesctl.trace_directory = /oracle/network/trace
#Syntax: directory
#Default: $ON/trace
# Indicates the name of the directory to which trace files from a namesctl
# trace session are written.
#namesctl.trace_file = namesctl.trc
#Syntax: filename
#Default: namesctl.trc
# Indicates the name of the output file from a namesctl trace session.
#namesctl.trace_func # NA
#Syntax: word list
#Default: NULL
# Internal mechanism to control tracing by function name.
#namesctl.trace_level = ADMIN
#Syntax: {OFF,USER,ADMIN,0-16}
#Default: OFF (0)
# Indicates the level at which the namesctl is to be traced.
# Available Values:
# 0 or OFF - No trace output
# 4 or USER - User trace information
# 10 or ADMIN - Administration trace information
# 16 or SUPPORT - WorldWide Customer Support trace information
#namesctl.trace_mask # NA
#Syntax: number list
#Default: NULL
# Internal mechanism to control trace behavior.
#namesctl.trace_unique = True
#Syntax: T/F
#Default: False
# Indicates whether each trace file has a unique name, allowing multiple trace
# files to coexist. If the value is set to ON, a process identifier is appended
# to the name of each trace file generated.
#namesctl.no_initial_server = False
#Syntax: T/F
#Default: False
# If set to TRUE namesctl will suppress any error messages when namesctl is
# unable to connect to a default names server.
#namesctl.internal_use = True
#Syntax: T/F
#Default: False
# If set to true namesctl will enable a set of internal undocumented commands.
# All internal commands are preceded by an underscore ('_') in order to
# distinguish them as internal. Without going into details, the commands
# enabled are:
# adddata createname deletename
# fullstatus ireplacedata newttlname
# pause remove_data renamename
# replacedata start walk*
# There are also a set of names server variables which may be set when
# namesctl is in internal mode:
# authorityrequired autorefresh*
# cachecheckpoint_interval cachedump
# defaultautorefresh_expire defaultautorefresh_retry
# defaultforwarders_only forwardingdesired
# maxreforwards modifyops_enabled
# nextcache_checkpoint nextcache_flush
# nextstat_log nextstat_reset
# reload request_delay
# restart shutdown
#namesctl.noconfirm = True
#Syntax: T/F
#Default: False
# When set to TRUE namesctl will suppress the confirmation prompt when
# sensitive operations (stop, restart, reload) are requested. This is
# quite helpful when using namesctl scripts.
#namesctl.server_password = mangler
#Syntax: string
#Default: NULL
# Automatically sets the password for the names server in order to perform
# sensitive operations (stop, restart, reload). The password may also be
# set manually during a namesctl session using 'set password'.
#namesctl.internal_encrypt_password = False
#Syntax: T/F
#Default: True
# When set to TRUE namesctl will not encrypt the password when it is sent to
# the names server. This would enable an unencrypted password to be set in
# names.ora:names.server_password
# - Native Naming Adpaters -------------------------------------------
#names.dce.prefix = /.:/subsys/oracle/names
#Syntax: DCE cell name
#Default: /.:/subsys/oracle/names
#Specifies the DCE cell (prefix) to use for name lookup.
#names.nds.name_context = personnel.acme
#Syntax: NDS name
#Default: (OSD?)
# Specifies the default NDS name context in which to look for the name to
# be resolved.
#names.nis.meta_map # NA
# Syntax: filename
# Default: sqlnet.maps
# Specifies the file to be used to map NIS attributes to an NIS mapname.
# Currently unused.
# - Advanced Networking Option Authentication Adapters ----------------
#sqlnet.authentication_services
# Syntax: A single value or a list from {beq, none, all, kerberos5,
# cybersafe, securid, identitx}
# Default: NONE
# Enables one or more authentication services. To enable
# authentication via the Oracle Security Server, use (beq, oss). If
# the Advanced Networking Option has been installed with Kerberos5
# support, using (beq, kerberos5) would enable authentication via
# Kerberos.
sqlnet.authentication_services=(beq, oss)
## Parmeters used with Kerberos adapter.
#sqlnet.kerberos5_cc_name
# Syntax: Any valid pathname.
# Default: /tmp/krb5cc_<uid>
# The Kerberos credential cache pathname.
#sqlnet.kerberos5_cc_name=/tmp/mycc
#sqlnet.kerberos5_clockskew
# Syntax: Any positive integer.
# Default: 300
# The acceptable difference in the number of seconds between when a
# credential was sent and when it was received.
#sqlnet.kerberos5_clockskew=600
#sqlnet.kerberos5_conf
# Syntax: Any valid pathname.
# Default: /krb5/krb.conf
# The Kerberos configuration pathname.
#sqlnet.kerberos5_conf=/tmp/mykrb.conf
#sqlnet.kerberos5_realms
# Syntax: Any valid pathname
# Default: /krb5/krb.realms
# The Kerberos host name to realm translation file.
#sqlnet.kerberos5_realms=/tmp/mykrb.realms
#sqlnet.kerberos5_keytab
# Syntax: Any valid pathname.
# Default: /etc/v5srvtab
# The Kerberos secret key file.
#sqlnet.kerberos5_keytab=/tmp/myv5srvtab
#sqlnet.authentication_kerberos5_service
# Syntax: Any string.
# Default: A default is not provided.
# The Kerberos service name.
#sqlnet.authentication_kerberos5_service=acme
## Parmeters used with CyberSAFE adapter.
#sqlnet.authentication_gssapi_service
# Syntax: A correctly formatted service principal string.
# Default: A default is not provided.
# The CyberSAFE service principal
#sqlnet.authentication_gssapi_service=acme/[email protected]
## Parmeters used with Identix adapter.
#sqlnet.identix_fingerprint_method
# Syntax: Must be oracle.
# Default: A default is not provided.
# The Identix authentication server method
#sqlnet.identix_fingerprint_method=oracle
#sqlnet.identix_fingerprint_database
# Syntax: Any string.
# Default: A default is not provided.
# The Identix authentication server TNS alias
#sqlnet.identix_fingerprint_database=ofm
#sqlnet.identix_fingerprint_database_user
# Syntax: Any string
# Default: A default is not provided.
# The Identix authentication service well known username.
#sqlnet.identix_fingerprint_database_user=ofm_client
#sqlnet.identix_fingerprint_database_password
# Syntax: Any string
# Default: A default is not provided.
# The Identix authentication service well known password.
#sqlnet.identix_fingerprint_database_password=ofm_client
# - Advanced Networking Option Network Security -------------------------
#sqlnet.crypto_checksum_client
#sqlnet.crypto_checksum_server
#sqlnet.encryption_client
#sqlnet.encryption_server
# These four parameters are used to specify whether a service (e.g.
# crypto-checksumming or encryption) should be active:
# Each of the above parameters defaults to ACCEPTED.
# Each of the above parameters can have one of four possible values:
# value meaning
# ACCEPTED The service will be active if the other side of the
# connection specifies "REQUESTED" or REQUIRED" and
# there is a compatible algorithm available on the other
# side; it will be inactive otherwise.
# REJECTED The service must not be active, and the connection
# will fail if the other side specifies "REQUIRED".
# REQUESTED The service will be active if the other side specifies
# "ACCEPTED", "REQUESTED", or "REQUIRED" and there is a
# compatible algorithm available on the other side; it
# will be inactive otherwise.
# REQUIRED The service must be active, and the connection will
# fail if the other side specifies "REJECTED" or if there
# is no compatible algorithm on the other side.
#sqlnet.crypto_checksum_types_client
#sqlnet.crypto_checksum_types_server
#sqlnet.encryption_types_client
#sqlnet.encryption_types_server
# These parameters control which algorithms will be made available for
# each service on each end of a connection:
# The value of each of these parameters can be either a parenthesized
# list of algorithm names separated by commas or a single algorithm
# name.
# Encryption types can be: RC4_40, RC4_56, RC4_128, DES, DES40
# Encryption defaults to all the algorithms.
# Crypto checksum types can be: MD5
# Crypto checksum defaults to MD5.
#sqlnet.crypto_seed ="4fhfguweotcadsfdsafjkdsfqp5f201p45mxskdlfdasf"
#sqlnet.crypto_checksum_server = required
#sqlnet.encryption_server = required
# - Oracle Security Server ---------------------------------------------
#oss.source.my_wallet
# Syntax: A properly formatted NLNV list.
# Default: Platform specific. Unix: $HOME/oracle/oss
# The method for retrieving and storing my identity.
#oss.source.my_wallet
# =(source
# =(method=file)
# (method_data=/dve/asriniva/oss/wallet)
#oss.source.location
# Syntax: A properly formatted NLNV list.
# Default: Oracle method, oracle_security_service/oracle_security_service@oss
# The method for retrieving encrypted private keys.
#oss.source.location
# =(source
# =(method=oracle)
# (method_data=
# (sqlnet_address=andreoss)
# - Sqlnet(v2.x) and Net3.0 Client ------------------------------------------
# In the following descriptions, the term "client program" could mean
# either sqlplus, svrmgrl or any other OCI programs written by users
#trace_level_client = ADMIN
#Possible values: {OFF,USER,ADMIN,0-16}
#Default: OFF (0)
#Purpose: Indicates the level at which the client program
# is to be traced.
# Available Values:
# 0 or OFF - No Trace output
# 4 or USER - User trace information
# 10 or ADMIN - Administration trace information
# 16 or SUPPORT - Worldwide Customer Support trace information
#Supported since: v2.0
#trace_directory_client = /oracle/network/trace
#Possible values: Any valid directory path with write permission
#Default: $ORACLE_HOME/network/trace ($ORACLE_HOME=/oracle at customer
# site)
#Purpose: Indicates the name of the directory to which trace files from
# the client execution are written.
#Supported since: v2.0
#trace_file_client = /oracle/network/trace/cli.trc
#Possible values: Any valid file name
#Default: $ORACLE_HOME/network/trace/cli.trc ($ORACLE_HOME =
# /oracle at customer site)
#Purpose: Indicates the name of the file to which the execution trace
# of the client is written to.
#Supported since: v2.0
#trace_unique_client = ON
#Possible values: {ON, OFF}
#Default: OFF
#Purpose: Used to make each client trace file have a unique name to
# prevent each trace file from being overwritten by successive
# runs of the client program
#Supported since: v2.0
#log_directory_client = /oracle/network/log
#Possible values: Any valid directory pathname
#Default: $ORACLE_HOME/network/log ($ORACLE_HOME = /oracle at customer
# site)
#Purpose: Indicates the name of the directory to which the client log file
# is written to.
#Supported since: v2.0
#log_file_client = /oracle/network/log/sqlnet.log
#Possible values: This is a default value, u cannot change this
#Default: $ORACLE_HOME/network/log/sqlnet.log ($ORACLE_HOME=/oracle in
# customer site)
#Purpose: Indicates the name of the log file from a client program
#Supported since: v2.0
#log_directory_server = /oracle/network/trace
#Possible values: Any valid diretcory path with write permission
#Default: $ORACLE_HOME/network/trace ( $ORACLE_HOME=/oracle at customer
# site)
#Purpose: Indicates the name of the directory to which log files from the
# server are written
#Supported since: v2.0
#trace_directory_server = /oracle/network/trace
#Possible values: Any valid directory path with write permission
#Default: $ORACLE_HOME/network_trace ( $ORACLE_HOME=/oracle at customer
# site)
#Purpose: Indicates the name of the directory to which trace files from
# the server are written
#Supported since: v2.0
#trace_file_server = /orace/network/trace/svr_<pid>.trc
#Possible values: Any valid filename
#Default: $ORACLE_HOME/network/trace/svr_<pid>.trc where <pid? stands for
# the process id of the server on UNIX systems
#Purpose: Indicates the name of the file to which the execution trace of
# the server program is written to.
#Supported since: v2.0
#trace_level_server = ADMIN
#Possible values: {OFF,USER,ADMIN,0-16}
#Default: OFF (0)
#Purpose: Indicates the level at which the server program
# is to be traced.
# Available Values:
# 0 or OFF - No Trace output
# 4 or USER - User trace information
# 10 or ADMIN - Administration trace information
# 16 or SUPPORT - Worldwide Customer Support trace information
#Supported since: v2.0
#use_dedicated_server = ON
#Possible values: {OFF,ON}
#Default: OFF
#Purpose: Forces the listener to spawn a dedicated server process for
# sessions from this client program.
#Supported since: v2.0
#use_cman = TRUE
#Possible values: {TRUE, FALSE}
#Default: FALSE
#Purpose:
#Supported since: v3.0
#tnsping.trace_directory = /oracle/network/trace
#Possible values: Any valid directory pathname
#Default: $ORACLE_HOME/network/trace ($ORACLE_HOME=/oracle at customer
# site)
#Purpose: Indicates the directory to which the execution trace from
# the tnsping program is to be written to.
#Supported since: v2.0
#tnsping.trace_level = ADMIN
#Possible values: {OFF,USER,ADMIN,0-16}
#Default: OFF (0)
#Purpose: Indicates the level at which the server program
# is to be traced.
# Available Values:
# 0 or OFF - No Trace output
# 4 or USER - User trace information
# 10 or ADMIN - Administration trace information
# 16 or SUPPORT - Worldwide Customer Support trace information
#Supported since: v2.0
#sqlnet.expire_time = 10
#Possible values: 0-any valid positive integer! (in minutes)
#Default: 0 minutes
#Recommended value: 10 minutes
#Purpose: Indicates the time interval to send a probe to verify the
# client session is alive (this is used to reclaim watseful
# resources on a dead client)
#Supported since: v2.1
#sqlnet.client_registration = <unique_id>
#Possible values:
#Default: OFF
#Purpose: Sets a unique identifier for the client machine. This
# identifier is then passed to the listener with any connection
# request and will be included in the Audit Trail. The identifier
# can be any alphanumeric string up to 128 characters long.
#Supported since: v2.3.2
#bequeath_detach = YES
#Possible values: {YES,NO}
#Default: NO
#Purpose: Turns off signal handling on UNIX systems. If signal handling
# were not turned off and if client programs written by users make
# use of signal handling they could interfere with Sqlnet/Net3.
#Supported since: v2.3.3
#automatic_ipc = OFF
#Possible values: {ON,OFF}
#Default: OFF
#Purpose: Force a session to use or not to use IPC addresses on the
# client's node.
#Supported since: v2.0
#disable_oob = ON
#Possible values: {ON,OFF}
#Default: OFF
#Purpose: If the underlying transport protocol (TCP, DECnet,...) does
# not support Out-of-band breaks, then disable out-of-band
# breaks
#Supported since: v2.0
# -
Get ORA-01031: insufficient privileges error, but only when using dbstart.
I am getting ORA-01031: insufficient privileges error, but only when using dbstart. the listener starts but not the database. How come I can start it from SQL prompt but not from dbstart scripts as the oracle user?
[oracle@mallard bin]$ ./dbstart
Processing Database instance "gf44": log file /prod/oracle/10/startup.log
[oracle@mallard bin]$
Log file:
Wed Aug 20 10:15:02 CDT 2008
SQL*Plus: Release 10.2.0.1.0 - Production on Wed Aug 20 10:15:02 2008
Copyright (c) 1982, 2005, Oracle. All rights reserved.
SQL> ERROR:
ORA-01031: insufficient privileges
SQL> ORA-01031: insufficient privileges
SQL>
/prod/oracle/10/bin/dbstart: Database instance "gf44" warm started.
>
oratab file:
gf44:/prod/oracle/10:Y
dbstart file section:
# See if it is a V6 or V7 database
VERSION=undef
if [ -f $ORACLE_HOME/bin/sqldba ] ; then
SQLDBA=svrmgrl
VERSION=`$ORACLE_HOME/bin/sqldba command=exit | awk '
/SQL\*DBA: (Release|Version)/ {split($3, V, ".") ;
print V[1]}'`
case $VERSION in
"6") ;;
*) VERSION="internal" ;;
esac
else
if [ -f $ORACLE_HOME/bin/svrmgrl ] ; then
SQLDBA=svrmgrl
VERSION="internal"
else
SQLDBA="sqlplus /nolog"
fi
fi
Permissions of file:
[oracle@mallard bin]$ ls -la dbstart
-rwxrwxr-x 1 oracle oinstall 10407 Aug 19 12:27 dbstart
[oracle@mallard bin]$
User permissions:
[root@mallard 10]# id oracle
uid=503(oracle) gid=503(oinstall) groups=503(oinstall),504(dba)
[root@mallard 10]#
I can start the listener manually using "./lsnrctl start" and start the database manually from sql prompt using "SQL>startup" (as sysdba) with no problems. this only happens when using dbstart file. I am logged in as oracle user and all environment variables are set
Thank you for any help you could provide.I have the same problem, but i don't want insert this string
Connect sys/{password} as sysdbaI have deployed an Oracle 10g with os SunOS
$ uname -a
SunOS DB02 5.10 Generic_141444-09 sun4v sparc SUNW,Sun-Blade-T6320
I can connect with sys/password, but I can't login with
$ sqlplus /nolog
SQL*Plus: Release 10.2.0.1.0 - Production on Thu Jan 7 15:19:50 2010
Copyright (c) 1982, 2005, Oracle. All rights reserved.
SQL> connect / as sysdba
ERROR:
ORA-01031: insufficient privilegesthe the startup and dbshut don't work.
Someone maybe help me?
Thanks,
Regards.
Lain -
Getting ORA-01031: insufficient privileges if try to connect in sqlplus
Hi,
I've tried to connect to my db which stands at host (Solaris), but getting
ORA-01031: insufficient privileges.
The client I've used is sqlplus.
SQL> conn sys@REP as sysdba
ERROR:
ORA-01031: insufficient privileges
At the same time I can successfully connect to the same db from the same PC with the same connection string at PL/SQL Developer.
How it can be possible?Guys...
I'm having the same problem.
The platform is a Windows 2003 R2 64bit (SP2) with Oracle 11g.
In the production server from the same client, the connection is usually ... however, to a server where I have the same instances retrieved from an RMAN backup, does not connect!
In the Productoion Server:
C:\>sqlplus sys@bmknfe as sysdba
SQL*Plus: Release 10.2.0.1.0 - Production on Wed Aug 18 17:43:41 2010
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Enter password:
Connected to:
Oracle Database 11g Enterprise Edition Release 11.1.0.7.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL>
In the Recovered Server:
C:\>sqlplus sys@bmknfe_rt as sysdba
SQL*Plus: Release 10.2.0.1.0 - Production on Wed Aug 18 17:42:39 2010
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Enter password:
ERROR:
ORA-01031: insufficient privileges
I've tried recreating the password file, but is not resolving ...
Can someone give me a light? -
ORA-01031: insufficient privileges when creating a table in other schema
Dear all,
I appreciate your help please in this issue :
when i try to issue the below statement to create a table in an another schema than the user i am connected in
CREATE TABLE SCHEMA_NAME_B.HST_ARCH nologging AS
SELECT *
FROM HST
WHERE 1 = 0;
I always get ORA-01031: insufficient privileges error, even if i have granted the create table privilege to the user i am connected in.
What other privileges should i grant also,
Please if you have any idea.user562674 wrote:
Dear all,
I appreciate your help please in this issue :
when i try to issue the below statement to create a table in an another schema than the user i am connected in
CREATE TABLE SCHEMA_NAME_B.HST_ARCH nologging AS
SELECT *
FROM HST
WHERE 1 = 0;
I always get ORA-01031: insufficient privileges error, even if i have granted the create table privilege to the user i am connected in.
What other privileges should i grant also,
Can you show us a cut/paste from the sql*plus of session of yours which should show that you have given the privilege directly to this user and after that the command fails?
Aman.... -
Weird Error - sometime getting ORA-01031: insufficient privileges
Problem - Java process throwing java.sql.SQLException: ORA-01031: insufficient privileges for simple select statement select * from MYTABLE , table having only three rows
Observation - While investigating. I did same select from sql developer using same credential, I get same ORA-01031: insufficient privileges error in sql developer too BUT ONLY if I create new connection. (Disconnect and connect again), If I fire same query again in same connection it runs fine.
SELECT * FROM MYTABLE;
there is no problem if I run query in small case (notice only select and from in small case), even if it is fresh connection there is no error.
select * from MYTABLE;
I am out of any clue what is going on. Any help?
Java stack track -
Caused by: java.sql.SQLException: ORA-01031: insufficient privileges
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112)
at oracle.jdbc.driver.T2CConnection.checkError(T2CConnection.java:676)
at oracle.jdbc.driver.T2CConnection.checkError(T2CConnection.java:602)
at oracle.jdbc.driver.T2CPreparedStatement.executeForDescribe(T2CPreparedStatement.java:571)
at oracle.jdbc.driver.OracleStatement.executeMaybeDescribe(OracleStatement.java:1039)
at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1134)
at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3339)
at oracle.jdbc.driver.OraclePreparedStatement.executeQuery(OraclePreparedStatement.java:3384)
at org.apache.commons.dbcp.DelegatingPreparedStatement.executeQuery(DelegatingPreparedStatement.java:93)
at org.springframework.jdbc.core.JdbcTemplate$1.doInPreparedStatement(JdbcTemplate.java:648)
at org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:591)
Oracle SQL Developerer Error
ORA-01031: insufficient privileges
01031. 00000 - "insufficient privileges"
*Cause: An attempt was made to change the current username or password
without the appropriate privilege. This error also occurs if
attempting to install a database without the necessary operating
system privileges.
When Trusted Oracle is configure in DBMS MAC, this error may occur
if the user was granted the necessary privilege at a higher label
than the current login.
*Action: Ask the database administrator to perform the operation or grant
the required privileges.
For Trusted Oracle users getting this error although granted the
the appropriate privilege at a higher label, ask the database
administrator to regrant the privilege at the appropriate label.Guys...
I'm having the same problem.
The platform is a Windows 2003 R2 64bit (SP2) with Oracle 11g.
In the production server from the same client, the connection is usually ... however, to a server where I have the same instances retrieved from an RMAN backup, does not connect!
In the Productoion Server:
C:\>sqlplus sys@bmknfe as sysdba
SQL*Plus: Release 10.2.0.1.0 - Production on Wed Aug 18 17:43:41 2010
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Enter password:
Connected to:
Oracle Database 11g Enterprise Edition Release 11.1.0.7.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL>
In the Recovered Server:
C:\>sqlplus sys@bmknfe_rt as sysdba
SQL*Plus: Release 10.2.0.1.0 - Production on Wed Aug 18 17:42:39 2010
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Enter password:
ERROR:
ORA-01031: insufficient privileges
I've tried recreating the password file, but is not resolving ...
Can someone give me a light? -
ORA-01031: insufficient privileges when attempting to run a proc
I have a procedure called KILL_MY_SESSION that is defined with an AUTHID of DEFINER
The procedure owned by schema JOHN. The procedure makes several calls to DBMS_SQL PL/SQL package.
The last thing the procedure does with DBMS_SQL is issue an ALTER SYSTEM KILL SESSION statement.
Schema JOHN has the privileges to kill a session in the database.
If I log into the schema JOHN, I can successfully issue the ALTER SYSTEM KILL SESSION statement.
Also, while logged into the JOHN schema, I can successfully run the KILL_MY_SESSION procedure.
Now I have schema OITS. I've granted OITS the EXECUTE privilege on the JOHN.KILL_MY_SESSION procedure.
Since JOHN.KILL_MY_SESSION is a DEFINERs rights privilege, shouldn't OITS be able to run the procedure successfully and kill a session?
Here is some output from the OITS session when attempting to execute JOHN.KILL_MY_SESSION:
SQL> conn oifs@dbname
Enter password: ********
Connected.
SQL> set lines 500
SQL> select username, osuser, sid, serial#
2 from v$session
3 where username = 'OIFS';
USERNAME OSUSER SID SERIAL#
OIFS Administrator 142 325
OIFS Administrator 139 613
SQL> exec john.kill_my_session('142', '325')
BEGIN john.kill_my_session('142', '325'); END;
ERROR at line 1:
ORA-01031: insufficient privileges
ORA-06512: at "SYS.DBMS_SYS_SQL", line 1204
ORA-06512: at "SYS.DBMS_SQL", line 323
ORA-06512: at "EIADBA.KILL_MY_SESSION", line 20
ORA-06512: at line 1
Anyone have a clue as to what I'm doing wrong?
From the DBA_PROCEDURES view, here is the record for KILL_MY_SESSION
OWNER
OBJECT_NAME
OBJECT_TYPE AUTHID
JOHN
KILL_MY_SESSION
PROCEDURE DEFINERHi,
JSebastian wrote:
No the EXECUTE privilege is granted directly to OITS
SQL> select grantee,owner,table_name,privilege from dba_tab_privs where table_name = 'KILL_MY_SESSION';
GRANTEE OWNER
TABLE_NAME PRIVILEGE
OIFS JOHN
KILL_MY_SESSION EXECUTEActually, Fsitja was asking about John's privileges. Are the privileges John needs granted directly to John (which is required), or merely to some role that John has (which will not help in a strored procedure)?
You may need to grant the privileges to John WITH ADMIN OPTION (or WITH GRANT OPTION for object privileges), if John is to grant others EXECUTE privileges on the procedure.
Whenever you have a problem, it helps if you post a complete test script that re-creates the problem.
In this case, include
(1) All relevant GRANT statements
(2) the full code of kill_my_session (or a simplified version, that gets the same error)
(3) how John calls it (sucessfully)
(4) how OITS calls it (unsucessfully) -
Error ORA-01031: insufficient privileges when backup via DB13
Hi expert,
Currently, I have system on SuSE 10 SP2 with ECC6 and Oracle 10.2 installed.
Database backup works fine when using BRTOOLS from command line.
Error like this :
BR0278E Command output of 'SHELL=/bin/sh /oracle/I20/920_32/bin/rman
nocatalog':
Recovery Manager: Release 9.2.0.4.0 - Production
Copyright (c) 1995, 2002, Oracle Corporation. All rights reserved.
RMAN>
RMAN> connect target /;
RMAN-00571: ===========================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
RMAN-00571: ===========================================================
ORA-01031: insufficient privileges
RMAN> *end-of-file*
happened when I try to schedule backup through DB13.
I try to solved this with SAP Note 776505 but still doesn't work.
Any suggestion ?
ardhianHi,
Execute the following command at sql prompt.
grant dba,resource,connect,sapdba to OPS$<SID>ADM OPS$ORA<SID>
grant dba,resource,connect,sapdba to O OPS$ORA<SID>
grant dba,resource,connect,sapdba to SAPSR3 or SAP<SID>(YOUR SCHEMA NAME)
Also check owner of SAPUSER table
SELECT OWNER FROM DBA_TABLES WHERE TABLE_NAME = 'SAPUSER';
If it returns value OPS$<SID>ADM than its ok, otherwise you have to drop this & recreate with command
CREATE TABLE "OPS$QASADM".SAPUSER
(USERID VARCHAR2(256), PASSWD VARCHAR2(256));
INSERT INTO "OPS$<sid>ADM".SAPUSER VALUES ('<sapowner>',
'<password>');
For more info go through the snote 400241
[https://websmp230.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=400241]
Thanks & Regards
Karan -
ORA-01031: insufficient privileges when running adgrants_nt PATCH 6510214
Hi all,
I need to clone an Oracle Applications R12 from production to development, so for that I am using Metalink document ID 406982.1 (C;loning Oracle Applications Release 12 with Rapid Clone).
In the document, the step 3 is to "Apply the latest AD patch" and the things get hotter here, since when trying to apply the patch, the pre req is to run the script adgrants_nt.sql, it returns an error (ORA-01031: insufficient privileges) and aborts.
After some searching in google and metalink and OTN forums, the solution was to create an ora_dba group and add the user to that group and set sqlnet.ora to use NTS. I did all that and the error does not go away.
so, what can I do to complete the clone process?
thank you very much,
Hassane Cabirhi Hassane;
I need to clone an Oracle Applications R12 from production to development, so for that I am using Metalink document ID 406982.1 (C;loning Oracle Applications Release 12 with Rapid Clone).If your release 12.0.6 then i belive you can pass AD patch part
In the document, the step 3 is to "Apply the latest AD patch" and the things get hotter here, since when trying to apply the patch, the pre req is to run the script adgrants_nt.sql, it returns an error (ORA-01031: insufficient privileges) and aborts.You try to apply this patch your production, so then be sure patch folder has r/w permisson to your application user(for instance applmgr) then try again please
After some searching in google and metalink and OTN forums, the solution was to create an ora_dba group and add the user to that group and set sqlnet.ora to use NTS. I did all that and the error does not go away.You dont need to create one other group,issue is:
su - applmgr(your apps user)
id
uid=1002(oracle) gid=1010(dba)
it gives you your user's group (for instance dba,install etc)
then issue chown -R applmgr:dba /u01.......(your patch location)
I suggest change your entery on sqlnet.ora file
Regard
Helios -
Why Am I Getting ORA-01031: insufficient privileges To Add Trandata?
I create a table C##TOM.CUSTOMERS in SQL Plus.
I go to the ggsci command line and attempt to add trandata and get the following insufficient privileges response:
GGSCI (TPFAEFFL-LAP) 11> add trandata C##TOM.CUSTOMERS
ERROR: Error (1031, ORA-01031: insufficient privileges) start select in get_total_columns.
I have already granted connect, dba, flashback, create session, alter session, select any dictionary, select any table, select any transaction, and select unlimited tablespace to the user.
What privileges am I missing?
TIA.Did you use the DBMS_GOLDENGATE_AUTH.GRANT_ADMIN_PRIVILEGE procedure to the DBLOGIN user?
This call grants all of the required privileges for ADD SCHEMATRANDATA and ADD TRANDATA - whether it is classic or integrated capture. -
ORA-01031: insufficient privileges when loggin in as sqlplus "/ as sysdba"
I have recently got a brand new Solaris Box. Have restored the ORacle Home from a live server.
then gone to restore a database from Tape.
All done fine.
However I cannot seem to login as
$>sqlplus "/ as sysdba"
I can only seem to login as
$>sqlplus /nolog
then
SQL>connect sys/password as sysdba
I have shut the Database down and recreated the password file
orapwd file=$ORACLE_HOME/dbs/orapwFMZ password=passowrd entries=50
Tried again but the same response... a spool of which is below.
$ sqlplus "/ as sysdba"
SQL*Plus: Release 9.2.0.8.0 - Production on Thu Apr 5 09:49:23 2012
Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
ERROR:
ORA-01031: insufficient privileges
Enter user-name: ^C^X^Z
SQL> connect / as sysdba
ERROR:
ORA-01031: insufficient privileges
$ sqlplus /nolog
SQL*Plus: Release 9.2.0.8.0 - Production on Thu Apr 5 09:49:36 2012
Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
SQL> connect sys/password as sysdba
Connected to an idle instance.
SQL> startup
ORACLE instance started.
Total System Global Area 68386816 bytes
Fixed Size 729088 bytes
Variable Size 54525952 bytes
Database Buffers 12582912 bytes
Redo Buffers 548864 bytes
Database mounted.
Database opened.
SQL> shutdown immediate
Database closed.
Database dismounted.
ORACLE instance shut down.
I have inlcuded a list of parameters below FYI
SQL> show parameter remote
NAME TYPE VALUE
remote_archive_enable string true
remote_dependencies_mode string TIMESTAMP
remote_listener string
remote_login_passwordfile string SHARED
remote_os_authent boolean TRUE
remote_os_roles boolean FALSE
Please can someone help.
Best Regards,
M
Edited by: user5856470 on Apr 5, 2012 2:11 AMI have tried what has been suggested but with no result
SQL> alter system set remote_login_passwordfile=exclusive scope=spfile;
SQL> show parameter remote_log
NAME TYPE VALUE
remote_login_passwordfile string EXCLUSIVE
SQLNET.AUTHENTICATION_SERVICES = (ALL)
NAMES.DIRECTORY_PATH= (TNSNAMES)
Bounced the database but no result...
$ sqlplus "/ as sysdba"
SQL*Plus: Release 9.2.0.8.0 - Production on Tue Apr 10 15:54:37 2012
Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
ERROR:
ORA-01031: insufficient privileges
I have reset the parameters back to original. As this is the parameters in the source database system which is working with sqlplus "/ as sysdba"
As you can see, I can log in as below but not with remote authentication....
$ sqlplus
SQL*Plus: Release 9.2.0.8.0 - Production on Tue Apr 10 15:54:42 2012
Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
Enter user-name: sys/password as sysdba
Connected to:
Oracle9i Enterprise Edition Release 9.2.0.8.0 - 64bit Production
With the Partitioning, OLAP and Oracle Data Mining options
JServer Release 9.2.0.8.0 - Production
SQL> shutdown immediate
Database closed.
Database dismounted.
ORACLE instance shut down.
FYI.
I did delete the password file and recreated it as well. But cannot still connect as sqlplus "/ as sysdba"
Any Ideas??? -
ORA-01031: insufficient privileges when using RESOLVECONFLICT
Hello,
I use RESOLVECONFLICT component for a new filter.
I have an insufficient privileges error :
2015-03-18 11:26:49 WARNING OGG-01919 Oracle GoldenGate Delivery for Oracle, pivot01.prm: Missing RESOLVECONFLICT for SQL error 1.
2015-03-18 11:26:49 WARNING OGG-00869 Oracle GoldenGate Delivery for Oracle, pivot01.prm: OCI Error ORA-01031: insufficient privileges (status = 1031), SQL <SELECT ROWNUM FROM "OGG_STGPIV"."PSTREENODE" WHERE "SETID" = :b0 AND "SETCNTRLVALUE" = :b1 AND "TREE_NAME" = :b2 AND "EFFDT" = :b3 AND "TREE_NODE_NUM" = :b4 AND "TREE_NODE" = :b5 AND "TREE_BRANCH" = :b6 FOR UPDATE >.
2015-03-18 11:26:49 WARNING OGG-01004 Oracle GoldenGate Delivery for Oracle, pivot01.prm: Aborted grouped transaction on 'OGG_STGPIV.PSTREENODE', Database error 1 (OCI Error ORA-00001: unique constraint (OGG_STGPIV.PSTREENODE_INDX01) violated (status = 1), SQL <INSERT INTO "OGG_STGPIV"."PSTREENODE" ("SETID","SETCNTRLVALUE","TREE_NAME","EFFDT","TREE_NODE_NUM","TREE_NODE","TREE_BRANCH","TREE_NODE_NUM_END","TREE_LEVEL_NUM","TREE_NODE_TYPE","PARENT_NODE_NUM","PARENT_NODE_NAME","OLD_TREE_NODE_NUM","NODECOL_IMAGE","NODEEXP_IMAGE","DML_TYPE","DML_DATE","DML_SCN") VALUES (:a0,:a1,:a2,:a3,:a4,:a5,:a6,:a7,:a8,:a9,:a10,:a11,:a12,:a13,:a14,:a15,:a16,:a17)>).
2015-03-18 11:26:49 WARNING OGG-01003 Oracle GoldenGate Delivery for Oracle, pivot01.prm: Repositioning to rba 4862 in seqno 19.
2015-03-18 11:26:49 WARNING OGG-01154 Oracle GoldenGate Delivery for Oracle, pivot01.prm: SQL error 1 mapping PIVOTMAT2.PSTREENODE to OGG_STGPIV.PSTREENODE OCI Error ORA-00001: unique constraint (OGG_STGPIV.PSTREENODE_INDX01) violated (status = 1), SQL <INSERT INTO "OGG_STGPIV"."PSTREENODE" ("SETID","SETCNTRLVALUE","TREE_NAME","EFFDT","TREE_NODE_NUM","TREE_NODE","TREE_BRANCH","TREE_NODE_NUM_END","TREE_LEVEL_NUM","TREE_NODE_TYPE","PARENT_NODE_NUM","PARENT_NODE_NAME","OLD_TREE_NODE_NUM","NODECOL_IMAGE","NODEEXP_IMAGE","DML_TYPE","DML_DATE","DML_SCN") VALUES (:a0,:a1,:a2,:a3,:a4,:a5,:a6,:a7,:a8,:a9,:a10,:a11,:a12,:a13,:a14,:a15,:a16,:a17)>.
privilege granted to my user :
grant EXECUTE ANY RULE SET to "GGADM" WITH ADMIN OPTION;
grant SELECT ANY DICTIONARY to "GGADM" ;
grant UPDATE ANY TABLE to "GGADM" ;
grant INSERT ANY TABLE to "GGADM" ;
grant LOCK ANY TABLE to "GGADM" ;
grant CREATE TABLE to "GGADM" ;
grant CREATE RULE to "GGADM" WITH ADMIN OPTION;
grant CREATE RULE SET to "GGADM" WITH ADMIN OPTION;
grant DELETE ANY TABLE to "GGADM" ;
grant UNLIMITED TABLESPACE to "GGADM" ;
grant ALTER SESSION to "GGADM" ;
grant CREATE EVALUATION CONTEXT to "GGADM" WITH ADMIN OPTION;
grant DEQUEUE ANY QUEUE to "GGADM" WITH ADMIN OPTION;
grant CREATE JOB to "GGADM" ;
grant SELECT ANY TRANSACTION to "GGADM" ;
grant CREATE SESSION to "GGADM" ;
Any idea?Hello,
Try to grant SELECT ANY TABLE to GGADM;
Regards
Arturo -
Insufficient privileges when connect to database as sysdba
I installed a vision database along with Oracle R12 EBS. I need to connect to database as sysdba to unlock system account. but when I ran command sqlplus / as sysdba, I go this error "ORA-01031: insufficient privileges".
I searched some answer in the internet, most answer says it requires the linux user to be in dba group. in my config.c file I have this definiation "#define SS_DBA_GRP "Oracle". So group 'Oracle" is my dba group. and I also checked my current user id (user name is Oracle too) and group , I got:
[Oracle@linux admin]$id Oracle
uid=500(Oracle) gid=500(Oracle) groups=500(Oracle)
all above seems right to me. I also added authentication_services to sqlnet.ora like this : sqlnet. authentication_services=(all) . but I still got the same error. Can anyone tell me what is wrong?
Or is there any other way to unlock system account?
Edited by: user12100435 on Apr 15, 2013 7:53 PMuser12100435 wrote:
I installed a vision database along with Oracle R12 EBS. I need to connect to database as sysdba to unlock system account. but when I ran command sqlplus / as sysdba, I go this error "ORA-01031: insufficient privileges".
I searched some answer in the internet, most answer says it requires the linux user to be in dba group. in my config.c file I have this definiation "#define SS_DBA_GRP "Oracle". So group 'Oracle" is my dba group. and I also checked my current user id (user name is Oracle too) and group , I got:
[Oracle@linux admin]$id Oracle
uid=500(Oracle) gid=500(Oracle) groups=500(Oracle)
all above seems right to me. I also added authentication_services to sqlnet.ora like this : sqlnet. authentication_services=(all) . but I still got the same error. Can anyone tell me what is wrong?
Or is there any other way to unlock system account?
Edited by: user12100435 on Apr 15, 2013 7:53 PMyour OS user must be a member of the OS "dba" group -
Getting ORA-01031: insufficient privileges with underlying code
Any hlp welcome,
I'm using this function to create user's
CREATE OR REPLACE function create_user_from_asdb
(p_user IN VARCHAR2,p_wachtwoord IN VARCHAR2) return VARCHAR2
as
sql_stmt VARCHAR2(100);
v_message VARCHAR2(2000);
begin
sql_stmt := 'create user :1 identified by :2 DEFAULT TABLESPACE :3 TEMPORARY TABLESPACE :4';
EXECUTE IMMEDIATE sql_stmt USING p_user, p_wachtwoord,'TS_USER_DATA','GRP_TS_TEMP';
v_message := 'Gebruiker '||p_user||' met wachtwoord '||p_wachtwoord||' aangemaakt';
return v_message;
exception
WHEN OTHERS then
v_message := sqlerrm;
return v_message;
end;
But when run by SYSTEM (who ownes this function) I get the ORA-01031. Whats wrong here? The function will later be called through a dblink by a user on a different dbase.
Thanks in advanceHi !
It's not a good idea to grant CREATE USER privilege directly to a schema and to create a function to create user's, because anyone on your database who own the CREATE ANY PROCEDURE or EXECUTE ANY PROCEDURE can also create users on your database. Issshhh !
To solve this problem, you can add AUTHID CURRENT_USER to your function :
CREATE OR REPLACE function create_user_from_asdb (p_user IN VARCHAR2,p_wachtwoord IN VARCHAR2) return VARCHAR2
AUTHID CURRENT_USER
as
sql_stmt VARCHAR2(100);
v_message VARCHAR2(2000);
begin
sql_stmt := 'create user :1 identified by :2 DEFAULT TABLESPACE :3 TEMPORARY TABLESPACE :4';
EXECUTE IMMEDIATE sql_stmt USING p_user, p_wachtwoord,'TS_USER_DATA','GRP_TS_TEMP';
v_message := 'Gebruiker '||p_user||' met wachtwoord '||p_wachtwoord||' aangemaakt';
return v_message;
exception
WHEN OTHERS then
v_message := sqlerrm;
return v_message;
end;
With AUTHID CURRENT_USER, a stored procedure runs with the rights of the caller, not with the rights of the procedure's owner. So there's no need to grant system privilege to the owner...
You only need to grant execute on your function and CREATE USER via a role or not to the users you want to be able to create users remotely (via dblink), or not.
Hope it helps. -
Ora-01031 insufficient privileges when update from a join table
Update (select a.f1,b.f2 FROM tableA a join tableB b using(fk))
set f1=f2
the connection user just have readonly privilege for the tableB, but the sql never to update the tableB, why Oracle raise the error?
How can I implement the update logic ?dotAge wrote:
Update (select a.f1,b.f2 FROM tableA a join tableB b using(fk))
set f1=f2
the connection user just have readonly privilege for the tableB, but the sql never to update the tableB, why Oracle raise the error?
How can I implement the update logic ?Try this syntax
UPDATE tablea a
SET f1 = (SELECT b.f2
FROM tableb b
WHERE b.key = a.key)HTH
SS
Maybe you are looking for
-
Airport Express (Model with 802.11G +54MBPS Mac/PC and Set Up Issues
Hi, We have a 4 Mac and 1 PC Household. Cable Internet Service by Roadrunner.Cable model (owned) connected to a D-Link 802.11G wi fi router (by ethernet from cable modem)in the family room , then out to a Imac (the half moon base and LCD screen with
-
I searched and found some information... but the information wasn't specifically clear, so better to find out for sure, and help archive some clear information for the community... I'm looking at attaching 2 external LCD monitors to my T500 (2082-3HU
-
Badi or BTE or user exit for transaction fbwe
hi all, I need to do some customization for transaction FBWE. but i didn't find any badi, BTE , OR user exit for the same. if anyone can plz help. any pointers will be highly appreciated . regards vijay
-
MIRO with view "Amount splitting" enabled.
Hi, how enabling the view "<b>Amount splitting</b>" in MIRO? Best regards
-
Intel 965GM: Application windows aren't drawn, missing icons...
Hi there, this is my first post to this forum. I'm running an up to date Arch installation on an older MacBook with integrated intel 965gm graphics card. Some time ago, spotify started to behave wierdly: The menubar got transparent and the window sta