Grant any privilege, privilege

Similar Messages

• Granting any privilege system privilege....in Ora10g

  Hi,
  In order to be given to a user -Info_bi let's name him - the grant to select any table from user Info , This user (Info) must be given the system privilege "any privilege".... So :
  connect sys/....@.... as sysdba;
  Connected to Oracle Database 10g Enterprise Edition Release 10.2.0.1.0
  Connected as SYS
  SQL> GRANT ANY PRIVILEGE TO "INFO";
  GRANT ANY PRIVILEGE TO "INFO"
  ORA-00990:Privilege is missing or invalidWhat error do i do...????
  Many thanks...
  Sim

  There is.......!!!!
  Read at :
  Oracle® Database SQL Reference
  10g Release 2 (10.2)
  Part Number B14200-02
  The Prerequisites section of the grant command....
  I pasted there an extract of it...
  To grant a system privilege, you must either have been granted the system privilege with the ADMIN OPTION or have been granted the GRANT ANY PRIVILEGE system privilege. Greetings,
  Sim

• Granting table privileges on another users tables

  Can anyone tell me what privilege needs to be granted to a user to be able to grant insert/update/select/delete/execute on another users tables/packages?
  I had thought that 'grant any privilege' was the one to have... and - the user I am trying to use to grant the privileges on the other users schema has this however - I'm still getting : ORA-01031: insufficient privileges when trying to run the grants.
  Any ideas what I'm doing wrong here?

  Ok... well...
  The 'with grant' option doesn't appear to be the issue.
  The user attempting to perform the grants:
  i.e. GRANT SELECT ON user_2.table_1 TO view_role
  has the 'grant any object privilege' and - that seems to be enough. When I run the statement above as a simply as typed - it works fine.
  However - what I'm actually doing is concatenating that together in a string and running (from a package created by/as user_1) and doing an execute immediate...
  i.e.
  l_sql := 'GRANT ' || l_rec.privilege || ' ON ' || l_rec.owner || '.' || l_rec.table_name || ' TO ' || p_role;
  EXECUTE IMMEDIATE l_sql;
  And - it's this that's giving me the insufficient privileges...
  I do not have invokers rights set on the package - so that shouldn't be an issue. And - I can't find any documented restriction on doing this (and - in fact - it works fine if I create the package as user_2 and run it as user_2 - the owner of the objects).
  I'm at a loss.

• Granting select privileges

  I want to grant select privileges on all tables and views belonging to database xyz to the user abc.
  What's the best way to do that?
  Message was edited by: Diarmuid - 11/07/07
  user580522

  I beg to differ. Of course OP can try to 'GRANT SELECT ANY TABLE'. It's just a matter of his own privileges if he succeeds or not.
  To OP: Reading about GRANT might help:
  http://download.oracle.com/docs/cd/B19306_01/server.102/b14200/statements_9013.htm#i2077938
  Note this part from the docs:
  To grant a system privilege, you must either have been granted the system privilege with the ADMIN OPTION or have been granted the GRANT ANY PRIVILEGE system privilege.

• How to revoked 'ANY' privileges being granted to user or role

  Hi all,
  I need to be revoked all 'ANY' privileges that have been granted to all non-DBA user or Role in the database.
  To achieve this what i assume is
  1> i need to find out Role as well all user who are non-DBA
  2> For all non-DBA user i need to find out and revoked 'ANY' privileges if they would have.
  Here i need some information about all tables related to privilieges and non-DBA users
  The below are some example as a reference.
  USER Privileges
  CTXADMIN SELECT ANY TABLE
  PUBLIC MERGE ANY VIEW
  LAXORA ANALYZE ANY
  EXECUTE ANY PROCEDURE
  GRANT ANY ROLE
  INSERT ANY TABLE
  SELECT ANY TABLE
  LAX_NEW ANALYZE ANY
  CREATE ANY TABLE
  DELETE ANY TABLE
  DROP ANY TABLE
  INSERT ANY TABLE
  SELECT ANY TABLE
  USER_NEW SELECT ANY TABLE
  Thank n reagrds
  Laxman

  Hi,
  LAX_ORA wrote:
  Hi all,
  I need to be revoked all 'ANY' privileges that have been granted to all non-DBA user or Role in the database.
  To achieve this what i assume is
  1> i need to find out Role as well all user who are non-DBA
  2> For all non-DBA user i need to find out and revoked 'ANY' privileges if they would have.
  Here i need some information about all tables related to privilieges and non-DBA users
  The below are some example as a reference.
  USER Privileges
  CTXADMIN SELECT ANY TABLE
  PUBLIC MERGE ANY VIEW
  LAXORA ANALYZE ANY
  EXECUTE ANY PROCEDURE
  GRANT ANY ROLE
  INSERT ANY TABLE
  SELECT ANY TABLE
  LAX_NEW ANALYZE ANY
  CREATE ANY TABLE
  DELETE ANY TABLE
  DROP ANY TABLE
  INSERT ANY TABLE
  SELECT ANY TABLE
  USER_NEW SELECT ANY TABLE
  Thank n reagrds
  LaxmanYou can fiind out all the users and roles who have been granted system privileges by querying dba_sys_privs.
  For example:
  SELECT     grantee
  ,     privilege
  FROM     dba_sys_privs
  WHERE     privilege     LIKE '% ANY %'
  ;The grantee column includes users and roles together.
  If you want to find which users have the dba role, then query dba_role_privs.

• Grant sequence privilege issue

  Hi,
  OS is windows server 2008
  Database oracle 11g r2
  i have created a schema with name SME having DBA privilege from SME i have created another user SME_USER using the same tablespace of SME with limited privileges. The sequence was created in SME user. I am accessing the tables from SME schema. I have given insert privilege to one of the table in SME to SME_USER,but while insertiing we are using the sequnece with name IPSRNO from SME schema. Now when i tried to insert value inot the table from SME_USER its giving me the output "Sequence does not exist". I have given the grant select privilege for sequence IPSRNO.
  Please guide me on this issue.
  Regards,
  Bobby

  See Using Synonyms in DML Statements in the DBA guide
  http://docs.oracle.com/cd/B28359_01/server.111/b28310/views003.htm
  >
  You can successfully use any private synonym contained in your schema or any public synonym, assuming that you have the necessary privileges to access the underlying object, either explicitly, from an enabled role, or from PUBLIC. You can also reference any private synonym contained in another schema if you have been granted the necessary object privileges for the underlying object.
  You can reference another user's synonym using only the object privileges that you have been granted. For example, if you have only the SELECT privilege on the jward.emp table, and the synonym jward.employee is created for jward.emp, you can query the jward.employee synonym, but you cannot insert rows using the jward.employee synonym.
  A synonym can be referenced in a DML statement the same way that the underlying object of the synonym can be referenced. For example, if a synonym named employee refers to a table or view, then the following statement is valid:
  INSERT INTO employee (empno, ename, job)
  VALUES (emp_sequence.NEXTVAL, 'SMITH', 'CLERK');
  If the synonym named fire_emp refers to a standalone procedure or package procedure, then you could execute it with the command
  EXECUTE Fire_emp(7344);

• Bug: Grant/Revoke Privileges (11.1.0.5.10 Beta)

  Started getting this when attempting to change Privileges on a proc:
  "Could not launch the Grant/Revoke Privileges dialog:
  Value was either too large or too small for an Int32."
  This is happening consistently on one database but not on another.
  John

  I am also seeing this bug. When I right click on anything in the Server Explorer under my ODP based connection, I get this same message. It happens when I right click on any table icon and select "Privileges..."
  -Valkyrie-MT

• GRANT (Schema Privileges) statement

  Good day!
  Is it possible to access a table in system/manager by granting TYRES privileges?
  Grant select on EMPLOYEE_MSTR to tyres.
  Tyres is another user. I wanted to access all the tables stored in SYSTEM/MANAGER when I logged in as TYRES/TYRES. I am using ORACLE 8 and I haven't use this since.
  Any help is appreciated.
  Thanks!

  First of all: you are in the wrong forum (try the database forum).
  Then: Yes this is possible, but I strongly suggest that you place specific user objects (tables, etc) in the sys tablespace, and do not access the database as system when not necessary.
  cu
  Andreas

• Specify in exporting dump that it will not be able to have any  privileges

  Dears,,
  I need to implement the below steps and need your help
  1- export hr dump file from DB1 and keep in mind that this dump after importing to a new user , must be not able to have any privileges.
  2- Connect to DB2 and create user hr_test
  3- If SYSTEM or SYS user try to grant hr_test some or any privileges , this step must be not implemented.
  4- imp the dump to hr_test
  How to do this ?? Can this step done by enabling and specifying something while exporting the dump or how can i make this ??
  Many thanks for your advance

  *Oracle DBA* wrote:
  Dears,,
  I need to implement the below steps and need your help
  1- export hr dump file from DB1 and keep in mind that this dump after importing to a new user , must be not able to have any privileges.
  2- Connect to DB2 and create user hr_test
  3- If SYSTEM or SYS user try to grant hr_test some or any privileges , this step must be not implemented.
  4- imp the dump to hr_test
  How to do this ?? Can this step done by enabling and specifying something while exporting the dump or how can i make this ??
  Many thanks for your advanceWhat i feel is you can inport the data into a tablespace which is then made read only so that it couldn be modified by others. I dono whether i am correct.

• Need to grant DML privileges to all tables in few schemas

  Hi,
  I need to grant DML privileges to all tables in few schemas to a role. How can I achieve that?
  I thought it's below syntax but it doesn't work. Please advice.
  grant ALL ON ALL TABLES IN SCHEMA <Schema_name>  TO <role_name>;Thanks,
  Gangadhar

  GR wrote:
  Hi,
  I need to grant DML privileges to all tables in few schemas to a role. How can I achieve that?
  I thought it's below syntax but it doesn't work. Please advice.
  grant ALL ON ALL TABLES IN SCHEMA <Schema_name>  TO <role_name>;
  There is no single command to grant privileges at that level. There are either ANY privileges or privileges on an object.
  You can write a bit of code to generate and execute what you want, but you would have to rerun it if any new tables were created.

• Find users with grant all privileges

  Hello,
  I am trying to figure out how to query for all users who might have grant all privileges.
  Any ideas or scripts?
  thanks

  Hi,
  Please check this out,
  http://www.petefinnigan.com/tools.htm
  There are a lot of good scripts, maybe one of them can show what you are looking for.
  Cheers,
  Marcello M.

• Grant select privilege to specific columns on a table to user in Oracle 9i

  Can anyone tell me how to grant select privilege to a user for specific columns in a table?
  I have tried the following statement
  GRANT SELECT (EMP_ID) ON EMP TO USER1
  But it's not working and I am getting this error "Missing ON Keyword".
  Please anyone tell me how to grant select privilege for specific columns.
  Edited by: 899045 on Nov 24, 2011 7:03 AM

  899045 wrote:
  Can anyone tell me how to grant select privilege to a user for specific columns in a table?
  I have tried the following statement
  GRANT SELECT (EMP_ID) ON EMP TO USER1
  But it's not working and I am getting this error "Missing ON Keyword".
  Please anyone tell me how to grant select privilege for specific columns.
  Edited by: 899045 on Nov 24, 2011 7:03 AMFrom the 9.2 SQL Reference manual, found at tahiti.oracle.com (http://docs.oracle.com/cd/B10501_01/server.920/a96540/statements_912a.htm#2062456)
  *"You can specify columns only when granting the INSERT, REFERENCES, or UPDATE privilege. "*

• Granting object privileges to remote users.

  Hello,
  Here's the situation:
  I have 2 databases located on 2 different servers both running Win2k3. In the first database the main schema is M1 and it has to read objects on the another schema M2, located on the second database.
  I created a database link on the first database, to point to the second database
  create database link connect2M2db connect to M2 identified by M2 using 'connect2M2db'Now I would like to grant object privileges(insert,update,delete) to M1 on M2' objects. Can anyone tell me how to do that?
  Thanks in advance.

  I didn't put the whole thing, (my bad) but your reply was helpful. As I said before, I have 2 dbs, on 2 differents servers. I created the dblink on the first server. I also created synonyms on the first server using the following syntax:
  "create or replace synonym syn_name for user2.table" which from the link you provided me, is wrong as I didn't append the dblink name.
  After that, I would like to grant object privileges to user1, by executing the command from server2. For doing that, is the following syntax correct: "grant select on table_name to user1". My issue is that user1 does not exist on server2. Should I rather use the following: "grant select on table_name@dblink to user1"?

• JMS grant queue privileges problem

  I have two test users set up in different schemas. They each have their own identical queue tables and queues in their own schemas.
  One of the users cannot seem to grant queue privileges to the main schema owner. The error is as follows:
  Eception: oracle.jms.AQjmsException: JMS-122: Internal error payload object type must be specified
  at oracle.jms.AQjmsDestinatio.grantQueuePrivilege(AQjmsDestination.java:406)
  at src.AQSetup.jmsInitializeQueue(AQSetup.java:246)
  the offending code is as follows:
  cq_conn = AQjmsQueueConnectionFactory.createQueueConnection(p_conn);
  // create queue session
  commQSession = cq_conn.createQueueSession(true, Session.AUTO_ACKNOWLEDGE);
  // AUTO_ACKNOWLEDGE
  try
  cQTable = ((AQjmsSession)commQSession).getQueueTable(userID, QueueTableName);
  catch (AQjmsException e)
  cQTable = createJMSQueueTable(commQSession, userID, QueueTableName);
  try
  cQueue = ((AQjmsSession)commQSession).getQueue(userID, QueueName);
  catch (AQjmsException e)
  cQueue = createJMSQueue(commQSession, cQTable, QueueName);
  ((AQjmsDestination)cQueue).grantQueuePrivilege(commQSession, "ENQUEUE", "icowner",false);
  with the error coming from the last line and the referenced table and queue definition code as folows:
  private AQQueueTable createJMSQueueTable(QueueSession q_sess, String userID, String q_tableName) {
  try {
  AQQueueTableProperty qtable_prop = null;
  AQQueueTable cq_table = null;
  // Create an AQQueueTableProperty object (payload type - BYTES):
  qtable_prop = new AQQueueTableProperty("SYS.AQ$_JMS_TEXT_MESSAGE");
  // Create a queue table called command_table in user schema:
  cq_table = ((AQjmsSession)q_sess).createQueueTable(userID, q_tableName, qtable_prop);
  return cq_table;
  } catch (Exception ex) {
  return null;
  private Queue createJMSQueue(QueueSession q_sess, AQQueueTable q_table, String q_name) {
  try {
  AQjmsDestinationProperty dest_prop = null;
  Queue lq_queue = null;
  dest_prop = new AQjmsDestinationProperty();
  // create a queue
  lq_queue = ((AQjmsSession)q_sess).createQueue(q_table, q_name, dest_prop);
  return lq_queue;
  } catch (Exception ex) {
  return null;
  both users seem to have the same privileges.
  Can you tell me if it is an error in my code and what that is?
  - Ken
  null

  Might be a bug.
  Do you get the error when
  createQueue is followed by grantQueuePrivilege OT
  getQueue is followed by grantQueuePrivilege.
  null

• How to grant  view privilege for Instant Portal to public users?

  How to grant view privilege for Instant Portal to public users?

  Oracle Instant Portal was designed to offer secure access to company and departmental information, and it isn't currently possible to make instant portal pages public.