all the privileges of a user
Helloon 10g
any request to see all the privileges of a user when logged in sysdba?
I can not connect with this user, but I want to see his privileges if he's had enough.
Thank you.
There are several views available to check privileges, for example:
DBA_AQ_AGENT_PRIVS
DBA_COL_PRIVS
DBA_PRIV_AUDIT_OPTS
DBA_REPGROUP_PRIVILEGES
DBA_ROLE_PRIVS
DBA_RSRC_CONSUMER_GROUP_PRIVS
DBA_RSRC_MANAGER_SYSTEM_PRIVS
DBA_SYS_PRIVS
DBA_TAB_PRIVS
DBA_WM_SYS_PRIVS
DBA_WORKSPACE_PRIVS
Here's something that I have used in the past to list recursively privileges for a user (editing a script of Pete Finnigan).
/* Setting formatting options */
SET TERMOUT OFF
SET SERVEROUTPUT ON
SET VERIFY OFF;
SET FEEDBACK OFF;
WHENEVER SQLERROR EXIT SQL.SQLCODE
/* Define bind variables */
VAR i_depth NUMBER;
VAR i_user VARCHAR2(32);
/* Retrieve user input */
SET TERMOUT ON
ACCEPT USER PROMPT 'User: '
ACCEPT DEPTH DEFAULT 3 PROMPT 'Depth [3]: '
SET TERMOUT OFF
/* Bind input */
exec :i_depth := &DEPTH;
exec :i_user := '&USER';
SET TERMOUT ON
COLUMN PRIVS FORMAT A150
SELECT (
CASE WHEN LEVEL > 1
THEN LPAD(' ', 4*(LEVEL-1)) || CHR(212) || CHR(205) || '> '
END
) || GRANTED_ROLE "PRIVS"
FROM
(
/* THE USERS */
SELECT NULL AS GRANTEE
, USERNAME AS GRANTED_ROLE
FROM DBA_USERS
WHERE UPPER(USERNAME) = UPPER(:i_user)
/* THE ROLES TO ROLES RELATIONS */
UNION
SELECT GRANTEE
, GRANTED_ROLE
FROM DBA_ROLE_PRIVS
/* THE ROLES TO SYS PRIVILEGE RELATIONS */
UNION
SELECT GRANTEE
, PRIVILEGE
FROM DBA_SYS_PRIVS
UNION
/* THE ROLES TO OBJECT PRIVILEGE RELATIONS */
SELECT GRANTEE
, RPAD(DBA_TAB_PRIVS.OWNER || '.' || TABLE_NAME,62,' ') || ' (' || DBA_OBJECTS.OBJECT_TYPE || ' -> ' || PRIVILEGE || ')'
FROM DBA_TAB_PRIVS
JOIN DBA_OBJECTS ON DBA_OBJECTS.OBJECT_NAME = DBA_TAB_PRIVS.TABLE_NAME
WHERE OBJECT_TYPE NOT IN ('PACKAGE BODY','SYNONYM')
)
START WITH GRANTEE IS NULL
CONNECT BY GRANTEE = PRIOR GRANTED_ROLE AND LEVEL <= :i_depth;
Pete Finnigan also has a lot of scripts associated with privileges on his site: http://www.petefinnigan.com/tools.htm
Tags: Database
Similar Questions
-
Assignment of all the privileges of the user to a role
Hi all
I need to give all the privileges on a user to a role, so that I can create users with the same privileges for different components. Is it possible to give all the privileges on a user to a role? I did some research but I couldn't find a solution. It would be helpful if someone can help me on this.
Thanks in advance.You must manually grant all privileges to the role and then assign this user role.
create the role role_a;
Grant select on... role_a;
...
...
..grant role_a to scott;
-
How to tune all the privilege of a specific to a user schema?
How to tune all the privilege of a specific to a user schema?
I have already create a new schema and import the data necessary for this scheme.
Now I want to affect all the privilege for this schema to user HR (let the user HR become owner of this schema). How to deal?
Published by: qkc May 13, 2011 10:45qkc wrote:
How to tune all the privilege of a specific to a user schema?
I have already create a new schema and import the data necessary for this scheme.
Now I want to affect all the privilege for this schema to user HR (let the user HR become owner of this schema). How to deal?Published by: qkc May 13, 2011 10:45
It is no way - by definition - that a user can 'ownership' of another schema. A schema is, by definition, the collection of objects that belong to one owner.
but it's maybe just semantics in the context of what you really want.
Use sql to generate the sql:
spool doit.sql select 'grant select on someuser.' || table_name || ' to someotheruser;' from dba_tables where owner = 'SOMEUSER'; spool off
-
New user with all the privileges
Dear all,
We have created a user USER1 in RPD.
We should all priveliges to User1 as an administrator. (Answer, dashboard,... should access User1).
How to set up?
Thank you
Govind RHi reda,.
Just to clarify, is your user (User1) in the RPD is grouped under administrator?
If the user is grouped under administrator, then we can follow a simple step in BI front end for the user to access all objects in front end.
In the BI dashboard, click on settings you can find to manage users and groups presentation catalog. Here, we can add User1 to the presentation server administrator group.
Make sure that your administrator user is set with all the necessary privileges to access answers, dashboard etc.
Thank you
Karthikeyan V -
How to remove all the settings for one user Lightroom reset
Hi allWhen I decided to reinstall Lightroom 6, I also decided to take this opportunity to remove all my previous settings of the user. I know that some of the tasks that I have to do to get there and I'm listing below; I'm not sure if I missed something. So, please can I ask if you could think of something to add?-Remove preferences during the uninstallation of Lightroom-Go to the folder C:/users/xxx/photos/Lighroom and delete the catalog file-Delete the folder found within this same filepath-Go in C:/users/xxx/AppData/Roaming/Adobe/Lightroom/develop Presets/user Presets and delete all the files it-Go in C:/users/xxx/AppData/Roaming/Adobe/Lightroom/Import Presets/user Presets and delete all the files it-Go in C:/users/xxx/AppData/Roaming/Adobe/Lightroom/Export Presets/user Presets and delete all the files it-Go to Presets C:/users/xxx/AppData/Roaming/Adobe/Lightroom/metadata and delete all the filesThank you!Hi ninou Reyes.
Check if you have all left overs in those folders below
- C:\Program Files\Adobe - Lightroom
- C:\Users\xxx\AppData\Local\Adobe - Lightroom
- C:\ProgramData\Adobe - Lightroom
- C:\Program Files\Fichiers Adobe - Lightroom
Concerning
Rohit
-
I use Vista Home Premium
- Windows automatically updated and turn off the power.
- I couldn't connect, it says that the service user profile service does not logon. User profile cannot be loaded.
- Then I deleted my user profile in SafeMode by doing: 'make right click on computer - properties - settings - advanced - user - deleted my old account profile settings '. There is no option for me to "keep my files."
- Then I managed to connect, I guess having creates a default user account? Because there is a new folder in C:\Users\, called (former name). (old name) - PC. In C:\Users\(old name), it is empty.
Now, all my original files are gone because I deleted my old user profile. The size of my c: drive-has not changed much, so I guess all my files are still in only my computer, it's just that I can't find their "PATH". How could I get re-navigate to all my files? I need them so badly.
Thank you very much for the one who can help me.
Hello
Log on as ADMIN and look in C:\Users where C: is the drive where the user folders.
You can try to fix it with Safe Mode - repeatedly press F8 as you bootup.
Some programs such as the updated Google (if you added the toolbar Google, Chrome or Google
Earth) has been known to cause this problem.How to fix error "the user profile Service has no logon. User profile cannot be loaded. »
http://www.Vistax64.com/tutorials/130095-user-profile-service-failed-logon-user-profile-cannot-loaded.htmlHow to fix error "your user profile was not loaded correctly! You have been connected with a
temporary profile. "in Vista
http://www.Vistax64.com/tutorials/135858-user-profile-error-logged-temporary-profile.htmlBE VERY CAREFUL IF YOU USE THIS ONE:
DO NOT USE THE ACCOUNT HIDDEN ON A DAILY BASIS! If it corrrups you are TOAST.
How to enable or disable the real built-in Administrator account in Vista
http://www.Vistax64.com/tutorials/67567-administrator-account.htmlUse the hidden administrator account to lower your user account APPLY / OK and then lift it to ADMIN.
This allows clear of corruption. Do the same for other accounts if necessary after following the above message.You can use the hidden - administrator account to make another account as ADMINISTRATOR with password even
(or two with the same password) use a test or fix the other.You can run the Admin account hidden from the prompt by if necessary.
This tells you how to access the System Recovery Options and/or a Vista DVD
http://windowshelp.Microsoft.com/Windows/en-us/help/326b756b-1601-435e-99D0-1585439470351033.mspxIf you cannot access your old account, you can still use an Admin to migrate to another (don't forget
always leave to an Admin who is not used except for testing and difficulty account).Difficulty of a corrupted user profile
http://windowshelp.Microsoft.com/Windows/en-AU/help/769495bf-035C-4764-A538-c9b05c22001e1033.mspxI hope this helps.
Rob Brown - Microsoft MVP<- profile="" -="" windows="" expert="" -="" consumer="" :="" bicycle="">-><- mark="" twain="" said="" it="">->
-
How to create the account in Oracle DB, which has all the privileges of the APPS account
Hello
I'm looking for a way to create/user account that can do things like APPS account? This means, it can compile forms, reports...
The reason for this is that we want to control developers. Currently, developers use APPS account, and they can spoil database instance. So the idea is that we will create a personal account for each developer, we can follow if something happens in the database. Of course, only have access to the DEV instance only.
Thanks in advance.
Hieu
Published by: user122479 on January 11, 2013 15:00user122479 wrote:
Hello
I'm looking for a way to create/user account that can do things like APPS account? This means, it can compile forms, reports...
The reason for this is that we want to control developers. Currently, developers use APPS account, and they can spoil database instance. So the idea is that we will create a personal account for each developer, we can follow if something happens in the database. Of course, only have access to the DEV instance only.Thanks in advance.
HieuPublished by: user122479 on January 11, 2013 15:00
Please see old son of similar topic and discussion - https://forums.oracle.com/forums/search.jspa?threadID=&q=Apps+AND+User+AND+Create+AND+Like&objID=c3&dateRange=all&userID=&numResults=15&rankBy=10001
Thank you
Hussein -
All the patches to ensure user profile to log on windows is correctly loaded
I am facing a regular problem in windows Journal on therefore it does not display the correct icons on the desktop. Does anyone have the solution?
This is the normal "fixes" for these problems.
· Restore point:
Try typing F8 at startup and in the list of Boot selections, select Mode safe using ARROW top to go there > and then press ENTER.
Try a restore of the system once, to choose a Restore Point prior to your problem...
Click Start > programs > Accessories > system tools > system restore > choose another time > next > etc.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~If the above does not work:
See if the information in the above tutorial will help you.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://windowshelp.Microsoft.com/Windows/en-AU/help/769495bf-035C-4764-A538-c9b05c22001e1033.mspx
Difficulty of a corrupted user profile
After creating the profile, you can copy the files from the existing profile. You must have at least three user accounts on the computer to perform these operations, including the new account that you created.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://support.Microsoft.com/kb/947242
A temporary profile is loaded after you connect to a Windows Vista-based system
See you soon.
Mick Murphy - Microsoft partner
-
Anyway is to clear all the elements of native user interface of BB?
Hello
As far as I know, we can get the android user interface elements by sending a "DUMP" command to port 4399 (http://blog.csdn.net/roger_ge/archive/2010/04/28/5538266.aspx), is it possible to similor to BB?
Thank you!
None
-
The privileges of the user level
Hello
I created a user called SG. I use to login administrator and given all the privileges in user of SG. But when I access user SG. I'm not able to open the response page.
It shows error below:
"access denied for user/users/sg/_portal/dashboard path available.
Could you pls tell me how to solve this problem.
Thank youHello
You do not have the previlages to see the dashboard or responses
Log in as editable and open Administration--> Previlages to manage and assign the user access dashboard to yourConcerning
Ranga -
get the privileges of the user
Hello
I created a user "ionm. in PL/SQL, how can I get all the privileges, this user's roles? I'm with dba role, I may grant him certain privileges and so on, now, how do I access all and all the tables there?
Edit: another question: How can I grant all privileges and user roles "ionm" to any other user, 'john', without having to write many statements like
Thank you!grant .... on .... to ....
Edited by: Roger22 the 07.06.2009 11:26Hello
Roger22 wrote:
HelloI created a user "ionm. in PL/SQL, how can I get all the privileges, this user's roles? I'm with dba role, I may grant him certain privileges and so on, now, how do I access all and all the tables there?
Hello
You can query the data dictionary views
DBA_TAB_PRIVS for direct privileges on tables and views.
DBA_ROLE_PRIVS for roles,
DBA_SYS_PRIVS for access privileges, and
DBA_COL_PRIVS for columns.For example:
SELECT owner , table_name , privilege , grantable FROM dba_tab_privs WHERE grantee = 'IONM' -- Strings inside quotes are case-sensitive ;
Edit: another question: How can I grant all privileges and user roles "ionm" to any other user, 'john', without having to write many statements like
grant .... on .... to ....
I don't know how to do it without run of many statements like that.
You don't have to write them manually; You can have an entry of query them all to a coil of the file, and then run the hold file.
In PL/SQL, you can use EXECUTE IMMEDIATE in a loop that reads all the privileges. -
How to list all the users on the Windows 8 Pro welcome screen
I work for a small company based in the House of my boss of IT services. Because he runs the company, all the computers in the House are on a domain Active Directory (ease of management and control). Because he runs the company from his home, several of these computers are tablets/touch screens for his children, all upgraded to Windows 8 Pro.
Currently, the default behavior of Windows 8 at startup is to display the Welcome screen showing the last user who opened a session with an option to switch to another user. If "Other user" is selected, a complete login prompt appears requesting a user name and password. This is standard fair for Windows 8, especially on a domain.He wants to do me is to find a way to allow a style of Windows XP (workgroup) Welcome screen displaying all the available avatars with user accounts, allowing so a child to click easily their user account and enter a picture password without ever seeing the on-screen keyboard.To rephrase: we want the Windows 8 Pro welcome screen to list all the (or specific, if possible) allowing anyone of you users connect to the computer without entering a user name and only enter a password (or picture password).I searched the web carefully and it seems that Microsoft can have deprecated this feature in an update of Windows 7 - many people shouting right lose their old welcome screen after an update. I read in the case of registry (removal of corrupt profiles and .default) hacks, security policy settings (interactive logon: do not display last user name = disabled), account policy (control userpasswords2 > uncheck: users must enter a password...) and a few other suggestions that had mixed results, which none apply to the present case , either because the settings are already in place, or because they are not available due to being on a domain.I'm open to exploration of any kind of registry or 3rd party software hacks that can provide this functionality. Win8 default behavior is absolutely horrible for tablets - it should be easy for multiple users to connect to a device without using a screen keyboard to enter their username and password. WIN8 is halfway there with passwords of photo, but we still have to enter a user name for all, but the user recently.Thanks in advance!Hi Jayce Nornin,
Please be informed that he has no option to list all the users on the Windows 8 Pro welcome screen.
It will be useful. If you have any other questions, feel free to let us know. We will be happy to help you.
Thank you.
-
Access restriction configuration network devices with the level of the ACS 5.0 user
Hi Experts,
I have some configuration tasks TACAC with level of different user for all routers and switches,
To further develop, I engineer, analyst and site engineers, so I want to configure centralized authentication with Annie tacac different levels for the various categories of network engg. Analyst, site engineer,
can someone explain about how to proceed with ACS 5.2 and what configuration is required at the peripheral level.
I'm particularly looking for the 5.2 acs configuration procedure.
Looking forward to get the answer.
In "default device admin" just create authorization rules.
They should look like "If the user/group type = site engineer, then assign the shell profile X.
You then define the profile of shell in the elements of policy and put in there all the privileges of your engineer to site.
And so on for the other roles
-
HelloThis time, I have a question about the GUI Web Client itself. I've been working on looking for predefined privileges before offering a feature in our plugin.
I am able to know if the privilege is granted for an object in my data provider.
Now, I'm ready to test, so I have:
-created a new user in the WebClient service
-created a role that will be assigned to this user of an object (host)
Now, I want to assign privileges to the role, but has problems to understand GUI.
I go to Administration-> roles
-create a new role
-Click on the tab 'privileges '.
Here, I see a tree containing all the privileges that can be assigned to the role, but I'm not able to map these 1 x 1 to
the ones I'm looking for. An example is
'Host.Config.Settings' that is needed to perform the UpdateIPMI() operation for a host.
For example, in the tree, I opened
v home
v Configuration
I expected to see 'Settings', but only
-Advanced settings
-Change the settings
So my question is, how do I know which of these to be defined (without error). Is there a documentation which maps the privileges in the GUI to
the 'real' like 'Host.Config.Settings '? The link help for the link to the Documentation isn't really help here.
These are the privileges for which I find no parameters (at least, it's not intuitive)
Host.Config.Autostart
Host.Config.Settings
Host.Config.NetService
Thanks for the Info.
Cathy
Hi Cathy,.
Here's what you'll need:
Host.Config.AutoStart = startup configuration automatic virtual machine
Host.Config.Settings = change the settings
Host.Config.NetService = security profile and firewall
Concerning
Kaloyan
-
Is it not view DBA_ see the privileges granted to a role?
DB version: 11.2
I couldn't find DBA_ views that would list all the privileges granted to a role. Finally, I had to assign the role to a user and then sign in as a user who has granted and then query view ROLE_TAB_PRIVS. A DBA, I can not connect in business patterns to check for this.
The scenario
==============
SCOTT schema has two tables: HRTB_EMP_MASTER and HELLOWORLD
I want to grant SELECT on these two tables privileges to another user called TESTUSER but not directly. through roles
Since I couldn't find a DBA view that will have the privileges granted to a role, I have granted the role to the user, I had to open a session to the user (against our security policy) and the querySQL> conn / as sysdba Connected. SQL> grant create role to testuser; Grant succeeded. SQL> conn testuser/test123 Connected. SQL> SQL> create role testuser_ro; Role created. SQL> conn / as sysdba Connected. SQL> grant select on scott.hrtb_emp_master to testuser_ro; --- > Granting the SELECT priv to the role first Grant succeeded. SQL> grant select on scott.helloworld to testuser_ro; Grant succeeded. SQL> SELECT ROLE, OWNER, TABLE_NAME, PRIVILEGE FROM ROLE_TAB_PRIVS where owner = 'SCOTT'; ----> This won't work because I am connected as SYS ----> ROLE_TAB_PRIVS is user specific view no rows selected
ROLE_TAB_PRIVS.
SQL > grant testuser_ro to testuser;
Grant succeeded.
SQL > PRIVILEGE OF ROLE_TAB_PRIVS, TABLE_NAME, OWNER, SELECT ROLE where owner = 'SCOTT ';
no selected line
SQL> conn testuser/test123 Connected. SQL> SELECT ROLE, OWNER, TABLE_NAME, PRIVILEGE FROM ROLE_TAB_PRIVS where owner = 'SCOTT'; ROLE OWNER TABLE_NAME PRIVILEGE --------------- --------------- -------------------- ---------- TESTUSER_RO SCOTT HELLOWORLD SELECT TESTUSER_RO SCOTT HRTB_EMP_MASTER SELECT
You must look for beneficiary, no owner
Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production With the Partitioning, OLAP, Data Mining and Real Application Testing options SQL> create role r1; Role created. SQL> grant select on sys.v$database to r1; grant select on sys.v$database to r1 * ERROR at line 1: ORA-02030: can only select from fixed tables/views SQL> grant select on sys.v_$database to r1; Grant succeeded. SQL> select grantee, privilege, owner, table_name from dba_tab_privs where grantee='R1'; GRANTEE PRIVILEGE OWNER TABLE_NAME --------------- ---------------------------------------- --------------- ------------------------------ R1 SELECT SYS V_$DATABASE
Maybe you are looking for
-
Satellite L20: Cannot burn DVDs - power calibration error
Hello I have problems when you try to burn the DVD on my Toshiba Satellite L20. Nero indicates a "power calibration error". Lens and drive have been cleaned up, but it did not help. Supprisingly, DVR +/-RW and CD are treated correctly. DVD player of
-
What are the specifications of the Satellite A100 PSAAKL-
Hi good day. A friend of mine gave me this model of Toshiba Satellite A100 PSAAKL-00E002 number.He told me he broke, but does not specify what the problem is. I would like to know the exact model and specs for this laptop because I can't find the exa
-
IP phones direct call - only 1 DN to be isolated from the network
Hey,. Ok. It is a very simple and indeed a pretty basic question. Im just get confused what doing. Therefore, I'm all messed up. That's what I need- I have a CUCM 8.6.2 running on an MCS. I PRI E1 line works smoothly with all IP phones. All IP phones
-
During export, videos remain the same length as the full clips.
When I finished a project of editing my video exported will remain the same length as the full clips as I entered. For example, if I have a really long clip, and I remove certain parts, when exported, it will display the edited version, but there wil
-
Minimum hardware requirements for ESXi 5
HelloI am a newbie of virtualization and ESXi so please help me on these issues:I intend to host 1 Windows 2008 Server and 1 Pfsense on the same host with ESXi. The two servers to serve a small number of users (less than 10). The Win2k8 runs just sma