Restrict Users To Connect Database

Similar Messages

• How can i restrict user to access database object (procedure) or JSP

  Hi
  I have 9ias infrastructure 902, on win2k box with 9i DB.
  and I have one PL/SQL web application and another J2EE application both are hosted by 9ias 902.
  Now we are looking forward to couple both with SSO.
  I have deloyed samples of both and works fine.
  Each application have different set of users, i mean there is no common user.
  How can i restrict user not to view the web page which is not authorised to them.
  as far as i understand from the Grocery demo is pick the role (which is a string only) from OID and programaticall apply security via if else endif construct.
  can any one through light upto my concern.
  regards
  [email protected]

  Hey Mary
  No i haven't try to do that via pl/sql....
  as the our application is j2ee app... deployed in oc4j.. with sso and ldap....
  still finding to do so....
  what i have realized that LDAP is just to store user information in inverted tree... and one have to build separated access security mechnisum that will be applicable to j2ee system....
  thanx...
  samir....

• I need to restrict users to submit data from Smart view or Excel Addin.

  Hi All,
  I need to restrict users to submit data from Smart view or Excel Addin.
  I cant provision them as read access because I want them to write from the Hyperion Planning Web Form.
  Any help on the same will be highily appriciated.

  John,
  Thanks for the reply . if i dont give them essbase write role user cant submit data through smartview or Excel addin. at the same users want to see adhoc reports making connection in smartview through planning, then users can send data.
  1. I want users to restrict export dataform to smartview, if they can export dataform to smartview it automatically makes connection using planning and users can pretty much change data.
  2. is there any way to restrict users making connection through planning in smartview.
  3. when users make smartview connection through essbase, the secuirty works fine and they cant change the data.
  Please let me know if you any solution ....
  advance thanks,
  NM

• Restrict User Connections Using Logon Trigger

  Hi all,
  Now I am restricting user connections from selected terminals, using following logon trigger.
  It allows users with DBA privileged user.
  How to restrict DBA Privileged users users ?
  Note:- As per my application needs DBA privilege.
  CREATE OR REPLACE TRIGGER on_logon
  AFTER LOGON
  ON DATABASE
  DECLARE
  VPROGRAM VARCHAR2(30);
  Vusername VARCHAR2(30);
  VTERMINAL VARCHAR2(30);
  CURSOR user_prog IS
  SELECT UPPER(program),UPPER(username),NVL(TERMINAL,'X') FROM v$session
  WHERE audsid=sys_context('USERENV','SESSIONID');
  BEGIN
  OPEN user_prog;
  FETCH user_prog INTO Vprogram,Vusername,VTERMINAL;
  IF VTERMINAL NOT IN ( 'APP1','APP2','APP3')+
  and Vusername='ABUL'+
  THEN
  RAISE_APPLICATION_ERROR(-20001, 'You are not allowed to login');
  END IF;
  CLOSE user_prog;
  END;
  Thanks i Advance
  Abk

  Your application needs the DBA role? That is a terrible design-- it violates every principle of secure coding.
  Login triggers don't fire for users with the DBA role, so you won't be able to use a login trigger here. You could ditch the login trigger and configure invited and excluded nodes in the listener's sqlnet.ora file, i.e.
  tcp.validnode_checking = yes
  tcp.excluded_nodes = (hostname1,hostname2,hostname3)You'll have to restart the listener after making that change.
  Justin

• HT201304 Is it possible to restrict access to specific IOS apps based on the WIFI profile that a user has connected to?

  Is it possible to restrict access to specific IOS apps based on the WIFI profile that a user has connected to?

  you might be able to block it if the app uses Internet access
  and depending on your wireless you might be able to block a specific user
  accessing the backend host that the app uses
  some firewalls offer application filtering but I'm not aware of any that work with ios apps

• Not able to connect database from another os user using externally?

  Hi,
  I want to connect database from another os user. i am able to connect database from oracle externally. but not able to connect different OS user.
  As ORACLE User:
  [oracle@test1 admin]$ sqlplus /
  SQL*Plus: Release 11.2.0.2.0 Production on Mon Jan 16 19:41:57 2012
  Copyright (c) 1982, 2010, Oracle. All rights reserved.
  Connected to:
  Oracle Database 11g Enterprise Edition Release 11.2.0.2.0 - Production
  With the Partitioning, OLAP, Data Mining and Real Application Testing options
  SQL>
  Non ORACLE user:
  [sample@test1 ~]$ export ORACLE_HOME=/u01/app/oracle/product/11.2.0.2/
  [sample@test1 ~]$ export ORACLE_SID=rman
  [sample@test1 ~]$ export PATH=$ORACLE_HOME/bin:$PATH
  [sample@test1 ~]$ sqlplus /
  SQL*Plus: Release 11.2.0.2.0 Production on Mon Jan 16 19:37:42 2012
  Copyright (c) 1982, 2010, Oracle. All rights reserved.
  ERROR:
  ORA-01034: ORACLE not available
  ORA-27101: shared memory realm does not exist
  Linux Error: 2: No such file or directory
  Process ID: 0
  Session ID: 0 Serial number: 0
  Enter user-name:
  Thanks

  You didn't install Oracle correctly, especially you didn't run the root.sh and rootpre.sh scripts.
  If you would have read the error message at all, and researched it, you would have known this.
  Regrettably however you decided to ignore Forums Etiquette and to abuse this forum with Yet Another Doc Question.
  Sybrand Bakker
  Senior Oracle DBA

• Security Restriction: allow a user to connect only from a specified IP addr

  Hello all,
  Is it possible to add the following security restricition?
  Allow a specified user to connect to an Oracle Database only from a specified IP.
  Thanks,
  Andrea

  It's not enough.
  The configuration you suggested would limit all users connections from specififed IP addresses.
  I need to limit the connection from a specified IP address only for a specified user.
  Thanks,
  Andrea

• DUN Bluetooth connection to PocketPC, Vista and restricted user rights

  Hallo,
  I've successfully established a DUN connection to my Pocket WM5-based QTEK 9100 smartphone via Bluetooth and the Toshiba Stack, latest version. My notebook is a X200-21D with Vista Home Premium.
  Everything works well as far as I don't change the Vista user to an user with restricted rights, for the user with Administrator rights the Bluetooth Utility created a new DUN connection and a new modem with a virtual COM port. The user with the restricted rights isn't allowed to setup a new connection but this is necessary to connect to the smartphone with the Bluetooth Utility. On the administrative account the radio button to allow the connection to be dialed from other users is disabled and greyed out, so there is now way to open it for other users.
  How can I setup an Bluetooth DUN connection for a user with restricted rights ?
  Thank you in advance !

  Should the Restricted user use the same DUN configuration like the Admin ?
  If so, then you can use "Bluetooth Settings-> Custom Mode". This allows you to
  select the "33600 Standard Modem" from the list which was configured before by
  the Admin. So every DUN which was configured by the Admin can be used by the
  Restricted user with this method. Restricted users can not install hardware, so
  if the Admin has not installed a modem, then also the Restricted user can not use it.
  The Admin can pre-install a modem with the Bluetooth stack installation.
  This is useful if the restricted user should be able to configure a DUN connections
  with advanced modem settings which are not used by the Admin.
  This should be possible if the "as.ini" file has a line "MODEMINST = 1"

• How a user of external database can be connected to other database

  Hi
  I have two databases A and B. I have one user XYZ on database B.we want user XYZ to be connected to database A and also wants to create few tables on database A. Can you please tell me what are list of steps i need to perform.
  Regards,
  RJ.

  You can create a database link between database A and B to manipulate data in database A while connected to B. But you cannot create tables using database links. It does not allow DDLs in remote database. Tranparent gateway is a database link between oracle and some other database.
  Syntax is to create the link in B is
  create database link <name> connect to <user_in_A> identified by <password_in_A> using 'A';

• Solution: WinXP Restricted users connecting to Oracle

  For a while we've been having the problem that with a default install of the Oracle Client (in our case 9.2 - Not sure if the problem exists with earlier versions), restricted users on WinXP (possibly 2K too, I've not been able to test it) cannot connect to any server because they cannot see the oracle client files. For some reason, the oracle client install sets strange permissions that mean only administrators can access the client files. Worse still, any attempt to reset the permissions on the ORACLE_HOME directory and propagate them down all the sub directories always fails with Permission Denied (even for admins?!?!?!). Even attempting to take ownership fails.
  Anyway, we've found a solution:
  Logged in as an admin, we copied the c:\oracle\Ora92 directory from a fresh install of the oracle client on WinXP to a machine with Fat32 (Win98) - Thereby removing all permissions from the files. We then renamed the old Oracle directory on the WinXP PC, created a new one and copied back the Ora92 directory from the Win98 PC - This resulted in the c:\Oracle directory and all sub directories having default permissions, specifically Read and Execute to all users and Full to admins. We also reset the permission on all sub-directories of c:\program files\oracle to those of c:\program files\oracle ( Using the "Reset permission on all child objects and enable propagation of inheritable permissions" check box in windows advanced security ).
  The end result is that restricted users can now access the necessary oracle client files, but don't have permission to alter them (which prevents them changing any connection parameters).
  The problem still remains that the installer creates strange permissions on files in the Oracle Home directory, but at least there is a workaround until Oracle sorts out the installer.
  Anyone think of a better way to get the same result?

  if you set the restricted users into the power users group you may be asking for other troubles as these users will then have update permissions to most files on the system, including those files in the winnt folder.
  it is not clear to me whether you are unable to set the file permissions to read/write access, or whether you are able to do so but that after you do so the users still get errors launching the client. it sounds like the solution to your problem may have been setting the read/write access in the \program files\oracle folder.
  you should make sure you install oracle when you are logged in as administrator. note that this is different than doing the install while logged in as user "X", where "X" is a member of the administrator group.
  if after doing the install as administrator you still have problems, i would recommend that you turn on auditing, reboot the system, launch the client as a restricted user, and then review the event log to see what file(s) are being denied access.
  to set up auditing, go to start->programs->administrative tools->local security policy. select local policies, then audit policies. set "audit object access" to failure. then go to my computer, right click on C:, select properties, then the security tab. click on the advanced button, then the auditing tab. select the "everyone" group, then click ok. in the next window, check all boxes in the "failed" column. click ok.
  don't forget to reverse the process and turn off auditing once you have found the problem files and set the necessary permissions.

• How to create user other than 'sa' to connect database server in SAP SBO

  I want to ask how the step for create user other than 'sa' to connect database server in SAP SBO? Until now I use 'sa' (default) for connect to database server in SAP SBO application.
  Can I do that?

  You may create multiple SQL users to give full right to B1 database instead of using 'sa' user.
  However, the preferred way would be by Use Trusted connection when you set the connection to SQL Server. In this way, you just need one more user for SQL.  A group of window users could use this SQL access to connect database server.
  Thanks,
  Gordon

• Removing password from mirror database user causes connection problems

  Using Crystal Reports 2008, I have 2 Sybase databases connected to a single server, one is the original database used by my app, the other is a mirror that I want to run reports against.
  If I add a new user to both databases, I can connect to the mirror via an OLE DB connection without a problem.
  However, to prevent users from connecting to and running reports against the main database, I've changed the user so that they have a password in the mirror database, but not in the main database.
  The problem is, after making this change, when I try to connect to the mirror database I get an "Invalid user ID or password" error.
  I can connect to the mirror database as this user from other applications, it only seems to be Crystal Reports that has the problem.
  Is this a bug, or am I doing something stupid?!  Any help greatly appreciated!
  Ian

  Please re-post if this is still an issue to the .NET Development - Crystal Reports Forum or purchase a case and have a dedicated support engineer work with you directly

• Is it possible to restrict access to individual SharePoint Online sites (or site collections) to users only connecting when on the corporate network?

  Hi,
  We have an Office 365 environment which is linked to our on premise ADFS environment. We have started to make some deployments of sites to our SharePoint Online environment. For the majority of sites this is great and the ability to access the sites
  from anywhere is a real bonus. However, there are some sites and data that I would be much more comfortable in migrating to SharePoint Online if there were a way to make them only accessible via users/computers connected to the corporate network. 
  I have seen articles in how you can configure ADFS to allow all connections to the Office 365 tenant only from the network or not but what I am after is something which can be configured on a site by site basis (i.e. not the whole Office 365 environment
  or SharePoint Online environment) to only allow access when connecting from the corporate network.
  Any advice/help would be much appreciated?
  Many thanks
  Paul

  Hi,
  This is the forum to discuss questions and feedback for Microsoft Office, the issue is more related to SharePoint online, I recommend you post your question to the Microsoft Office 365 Community Sites and document sharing Forum
  http://community.office365.com/en-us/f/154.aspx
  The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. Thank you for your understanding.
  Thanks
  George Zhao
  Forum Support
  Come back and mark the replies as answers if they help and unmark them if they provide no help.
  If you have any feedback on our support, please click "[email protected]"

• Restricting user from ODBC, SQL PLus, Toad etc

  Hello,
  We would like to restrict user accessing database from anyODBC driver, s/w like Toad or sqlplus. They can only access dataabse through loggin to Application. Is there a way to do it.
  I have been looking into VPD but could not find any info there.
  Thanks
  Suhail

  Don't you need to be able to create a session before you can invoke a secure application role?
  What, exactly, are you trying to prevent. Are you trying to prevent well-meaning users from discovering that they can use Access to "fix" the data in the database when there are problems? Or are you trying to prevent a rogue employee from being able to access the database with anything other than your application?
  If it is the former, something simple like a login trigger that checks the program used to log in would probably work. If it is the latter, I fear you are out of luck. If your application can connect, a moderately competent hacker can access the database rather quickly, particularly if he has access to your application executable.
  Justin
  Distributed Database Consulting, Inc.
  http://www.ddbcinc.com/askDDBC

• Restricting user login

  This is regarding, restricting user login.
  my application pointing to Oracle Database.
  for example: one user loggedin with userid: nbiaadmin.
  when the same user trying to login using another browser or another system. Then i want to invalidate the existing user's session and allow new user to login.
  how to achieve this?
  please let me know.
  Thanks,
  Natesh.

  You try running maxl with something like
  alter system logout session on application appname force;
  alter application appname disable connects;
  then your load then
  alter application appname enable connects;
  Cheers
  John
  http://john-goodwin.blogspot.com/