ReadOnly user can access the other schema and change them
Hello everyone,I created a readonly as this user in oracle 11g r2
SQL > CREATE USER IDENTIFIED BY readonly readonly;
SQL > GRANT CREATE SESSION, CREATE a SYNONYM to readonly.
SQL > GRANT SELECT ON SA.vCustomerService TO readonly.
But when I connect to the database and do a select like:
SQL > SELECT * FROM ACC;
I get the data in this table, even if I do an update on that table it works.
What I am doing wrong that my readonly user always has full access to the other schema?
Thank you in advance for your help!
Best regards
GIL GOMES Dany
Dan_lu wrote:
Hello everyone,I created a readonly as this user in oracle 11g r2
SQL > CREATE USER IDENTIFIED BY readonly readonly;
SQL > GRANT CREATE SESSION, CREATE a SYNONYM to readonly.
SQL > GRANT SELECT ON SA.vCustomerService TO readonly.But when I connect to the database and do a select like:
SQL > SELECT * FROM ACC;
I get the data in this table, even if I do an update on that table it works.
Check the permissions for this table - maybe some operations on this table are granted to the publc?
Tags: Database
Similar Questions
-
How can I create an another user to access the HR schema data
I am new to Oracle and just downloaded the: 10 x e. I have connected as human resources and was able to modify data in tables.
I created another user, then say ABC, when connected as SYS. But then I could not access the tables and the data even in human resources.
I learned that every user has its own schema, but how do I create an another user to access the same tables, and the data I see in the Oracle DB?Log in as a user of the system (or sys as sysdba) and:
create useridentified by ;
Grant connect, create session; To see objects to a different schema from the database user must then obtain the privilege:
Grant select on hr.
à ; -
My only intention is to create a model/site based URM where we can provide functionality to scan for users. We want a distributed feature where users can scan the images remotely and commit to the WCC:Records / URM.
Is it possible to be done through Oracle distributed Document capture (ODDC) and if it is possible how to connect ODDC with the client browser. Please suggest
Ok. So, the answer is certainly: Yes, it is possible.
The part of analysis, this is exactly what ODDC is good for. Unless you have the license already, however, you may have to go with the product to Capture Oracle WebCenter (large companies), which provides the necessary also.
Regarding the validation and storage, ODDC/ODC/WebCenter Capture can commit images scanned at several depots, including University Complutense of MADRID (URM can be considered a Complutense University of MADRID with a specific purpose / several modules or components under voltage and configured). So, technically, he has no problem.
When I have little doubt, however, is the meaning of the scenario - declaring an item as a record is an important event in the life cycle of the document - a record is often (or always) cannot be changed to ensure the integrity and non-repudiation of information. In this perspective, a direct validation of a recording of a scanning system (where errors such as bad scans, lack of pages, etc can be expected, particularly if the scanning is performed by the end user in a distributed fashion - so, not very experienced) seems a little dangerous.
-
Create a user can access a single schema - please help!
Hi all
I want to create a user in an Oracle database that can only access a single schema. I did the following:
CREATE THE USER 'TEST' PROFILE 'DEFAULT.
IDENTIFIED BY 'test' TABLESPACE DEFAULT 'USERS '.
TEMPORARY TABLESPACE "TEMP".
RELEASE OF ACCOUNT;
GRANT SELECT ON "TESTDTA". "" F0007 ' TO 'TEST '.
GRANT 'CONNECT' TO THE 'TEST ';
I did a test and the TEST user can access all schemas, when I only gave the explicit permissions for the TESTDTA schema.
Any suggestion/precision?
Thanks in advance.
Victor.Maybe worth looking at what has been given to t PUBLIC:
Select * from dba_sys_privs
where dealer = "PUBLIC";Select * from dba_role_privs
where dealer = "PUBLIC";Select * from dba_tab_privs
where dealer = 'PUBLIC '.
and the owner = "PRODDTA";A.
-
2 users can access the record even
Hi all
I have 2 users: sales person and his assistant, they receive the same role as sales. Both have the ability to create a new record and access the other each record.
How to create this type of user and what privilege should pay for them?
Thank you
HPHi HP.
You can do this by creating groups. You can add the user to the group, and whenever any user in that group will create a folder; all the other default user will receive full access to the records. You can have more group and another. But a single user can only be added to a group. This grouping will not only allow them to share files, but also allow them to share their calendar by default, so better synchronization while working.
Here are the steps of the creation of the groups
1. go on Admin - Business Administration - activate "Group sharing" feature
2. go on admin - users - group of sharing Public - Management create group
3. create the Group and add users to the GroupNote-
1. the records was created before activation group will not add users to the group to record team
2. the user of the Group should be the owner of the record
3. after activation of the Group feature, if you want to remove the user from any particular record team, you can do. Or if you want to add any user, you can also add to the team of this particular record.If you find any problem in that, please do not hesitate to ask
All the best
Nisman
-
This is a recent development, but I can not print anything in Firefox. Printing open normally, it's going to the right printer that works... I can print other browsers and applications. It acts like it is in queue and then a printing error occurs and it will not be printed. I closed and reopened Firefox, open in safe mode, cleaned cache/history/cookies and restarted twice. Nothing makes no difference. Also tried printing from the preview before print that had the same result. I can print all other browsers and applications without problem, so it must be within Firefox.
See this:
http://KB.mozillazine.org/Problems_printing_web_pages -
The locked but user can access with other users
Hi all
I blocked a user in oracle and trying to "Account is locked out" displaying messages of connection.
But I am able user from other users query tables. How do I block it?
For example:
I had blocked a user User1. When I logged in a user named USER2 and when I call SELECT * FROM USER1. Table_name, displays the data.
I need to block this question from other USERS.
Help, please
Thanks in advance...
Account lockout does not prevent others to get access on user objects. The only change is that the user won't be able to connect more.
To block others access to objects of this scheme can be done by defining the privileges of law for other users, or with the vault of the database by creating a Kingdom
around this blocked scheme (DV requires an additional license).
-
XP Home only 2 users can access the internet
I have a laptop Dell Inspiron 1300 Windows XP sp3. I'm the only user for a few years until I've added my son as a different user (with administrator privileges).
I have been using a USB WiFi dongle with success.However when my son connects, it cannot access the internet - not even with a link of ethernet wired router to wide band.I can ping sites like yahoo.com, but not access via a browser.Help, pleaseThank youDavid E.Hi David,
1. what browser do you use to visit Web sites?
2. If you are using Internet Explorer, then what is the version?
3. What is the error message when you access a Web site?
4. what security software is installed on the computer?
I suggest you try the following steps if you use Internet Explorer to browse.
Method 1: How to reset Internet Explorer settings
http://support.Microsoft.com/kb/923737
Note: Reset the Internet Explorer settings can reset security settings or privacy settings that you have added to the list of Trusted Sites. Reset the Internet Explorer settings can also reset parental control settings. We recommend that you note these sites before you use the reset Internet Explorer settings
Check if the problem persists.
Method 2: Create a new user account
The user account may be damaged and because who you may not have access to the Internet. I suggest to create a new account and check.
To add a new user to the computer
If the problem does not occur in the new user account, and then transfer the data from the old account to the new account.
How to copy data from a corrupted to a new profile in Windows XP user profile
http://support.Microsoft.com/kb/811151
Let us know the results.
-
Guest user can access the system tools?
Start menu > all programs > Accessories > system tools
This allows the user access to computer, control panel (and running and same command prompt), although I selected "don't display this item" through properties > Start Menu > customize. Is there something I don't understand? I don't want a guest user to gain access to ANY 'system tools '. How can I accomplish this?
Hi Jim,.
Thanks for posting your query in Microsoft Community.
The guest account providing minimum privileges to perform tasks not requiring administrative privileges. People using the guest account cannot install software or hardware, change settings, or create a password. Because the guest account allows a user to log on to a network, browse the Internet, and shut down the computer, you must disable the guest account when not in use.
You can open the command prompt in elevated mode (with administrative privileges), which is actually necessary to run multiple commands that can affect your system. If you use Windows 7 Professional or higher edition, group policy can be edited privileges for the guest account. To learn more, you can re-post your query in the TechNet forums calling for changes in the group policies for the guest account.
For more information, see:
Enable or disable the guest account the
Hope this information is useful. Let us know if you need more help, we will be happy to help you.
-
Financial Reporting - the user can access the POV dimensions
Hello. In collaboration with the 11.1.2.3.700 version. Have a HFM user that can go in HFM and see all members and data (scenarios, entities, customs, etc.) within HFM. When he goes to EN to run reports, however, he has problems with dimensions that are secured in HFM - entity, scenario, (custom) data type. If one of these dimensions is the point of view, they do not show when it displays an overview from the point of view and then the report does not work because there is no selection. If these dimensions are defined in the report (which is not part of the POV), the report runs well.
There is no preference user limiting POV members and reports are not confined to specific user POV members. Other people can run those reports very well. Also tried to make this user a HFM and the Foundation (which EN) administrator and even there the problem.
Any thoughts?
Thank you
Eric
Hello. A great co-worker has solved the problem. She used the ManageUserPOV.cmd utility to export users POVs. The user in question had an entry for the missing dimension, so he was never invited to do and reports failed. Imported and supplied the lack of dimension and it works fine now.
Eric
-
My admin account password is not working. Help, please! Running windows vista Home premium. HELP ANYONE?
Hello
1. Since when you are facing this problem?
2. don't you make changes on the computer before the show?
3 isn't the account you are able to access an administrator account?Method 1:
If it is an administrator account, you can remove the password for the account and check:Method 2:
You can create the once connected to Windows password reset disk.Links:
http://Windows.Microsoft.com/en-us/Windows-Vista/what-are-the-risks-of-resetting-a-password
http://Windows.Microsoft.com/en-us/Windows-Vista/create-a-password-reset-diskhttp://Windows.Microsoft.com/en-us/Windows-Vista/reset-your-Windows-password
Method 3:
You can check the link given about lost or forgotten passwordsFor more information about password problems, see:
What to do if you forget your Windows password
http://Windows.Microsoft.com/en-us/Windows-Vista/what-to-do-if-you-forget-your-Windows-passwordThe Windows password problems
http://Windows.Microsoft.com/en-us/Windows-Vista/troubleshoot-Windows-password-problemsSee also
Microsoft's strategy concerning lost or forgotten passwords
http://support.Microsoft.com/kb/189126 -
Of the safe areas, that a user can access the list
I want to be able, on the account of the user page, the list of the secure areas they have access to as well as link to each of these area to secure landing pages. What is the best way to achieve this?
Hey there.
This module will take care of: {module_subscriptions}
-
Hi, I need help with a very strange problem.
I have a Server 2003 domain controller to PC and all the domain user can access any shared folder of the server using IP address or FULL domain name.
So I joined a R2 of 2012 new server to the domain as a workstation normal and not as a new domain on the network controller, and the problem is that one cannot access a shared folder on the new server by using the IP, but can be accessed using the name of the computer.
My Admin user can access the folder using the IP address or the name comp. on any work, but the user of my AD position may not use intellectual property.
I can using Ping IP or name of the computer for every user of AD.
Please check the attached images.
When I try to access it using IP, it gives me the following error:
\\192.168.0.2 is not accessible. You might not have permission to use this network resourse. Contact the administrator of this server to fing out if you have access permissions.
Currently, there are no available connection server to process the logon request.
Hello
You may need to ask the question on the TechNet Forums:
https://social.technet.Microsoft.com/forums/WindowsServer/en-us/home
Kind regards
-
AnyConnect users can access internal network
Hello!
Just sat up a new Anyconnect VPN solution for a customer. It works almost perfect.
Anyconnect users can reach the internal network storage. The anyconnect users can access the internet, but nothing on the network internal.
(Deleted all the passwords and public IP addresses)
ASA 4,0000 Version 1
!
ciscoasa hostname
names of
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
IP 192.168.9.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
IP address
!
passive FTP mode
DNS domain-lookup outside
DNS server-group DefaultDNS
Server name 213.80.98.2
Server name 213.80.101.3
network obj_any object
subnet 0.0.0.0 0.0.0.0
access-list SHEEP extended ip 192.168.9.0 allow 255.255.255.0 192.168.9.0 255.255.255.0
AnyConnect_Client_Local_Print deny ip extended access list a whole
AnyConnect_Client_Local_Print list extended access permit tcp any any eq lpd
Note AnyConnect_Client_Local_Print of access list IPP: Internet Printing Protocol
AnyConnect_Client_Local_Print list extended access permit tcp any any eq 631
print the access-list AnyConnect_Client_Local_Print Note Windows port
AnyConnect_Client_Local_Print list extended access permit tcp any any eq 9100
access-list AnyConnect_Client_Local_Print mDNS Note: multicast DNS protocol
AnyConnect_Client_Local_Print list extended access permit udp any host 224.0.0.251 eq 5353
AnyConnect_Client_Local_Print of access list LLMNR Note: link Local Multicast Name Resolution protocol
AnyConnect_Client_Local_Print list extended access permit udp any host 224.0.0.252 eq 5355
Note access list TCP/NetBIOS protocol AnyConnect_Client_Local_Print
AnyConnect_Client_Local_Print list extended access permit tcp any any eq 137
AnyConnect_Client_Local_Print list extended access udp allowed any any eq netbios-ns
pager lines 24
Enable logging
logging of debug asdm
Within 1500 MTU
Outside 1500 MTU
mask 192.168.9.50 - 192.168.9.80 255.255.255.0 IP local pool SSLClientPool
ICMP unreachable rate-limit 1 burst-size 1
don't allow no asdm history
ARP timeout 14400
NAT (inside, outside) source Dynamics one interface
!
network obj_any object
NAT dynamic interface (indoor, outdoor)
Route outside 0.0.0.0 0.0.0.0 1
Timeout xlate 03:00
Pat-xlate timeout 0:00:30
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
identity of the user by default-domain LOCAL
AAA authentication enable LOCAL console
AAA authentication http LOCAL console
LOCAL AAA authentication serial console
the ssh LOCAL console AAA authentication
AAA authentication LOCAL telnet console
Enable http server
http 192.168.9.0 255.255.255.0 inside
http 0.0.0.0 0.0.0.0 inside
http 0.0.0.0 0.0.0.0 outdoors
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown warmstart of cold start
Telnet timeout 5
SSH timeout 5
SSH group dh-Group1-sha1 key exchange
Console timeout 0
dhcpd outside auto_config
!
dhcpd address 192.168.9.2 - 192.168.9.33 inside
dhcpd ip interface 192.168.9.1 option 3 inside
!
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
WebVPN
allow outside
AnyConnect image disk0:/anyconnect-win-2.5.3046-k9.pkg 1
AnyConnect enable
tunnel-group-list activate
internal SSLClitentPolicy group strategy
internal SSLClientPolicy group strategy
attributes of Group Policy SSLClientPolicy
value of server DNS 192.168.9.5
client ssl-VPN-tunnel-Protocol
the address value SSLClientPool pools
attributes of Group Policy DfltGrpPolicy
VPN-tunnel-Protocol ikev1, ikev2 ssl clientless ssl ipsec l2tp client
VPN Tunnel-group type remote access
type tunnel-group SSLClientProfile remote access
attributes global-tunnel-group SSLClientProfile
Group Policy - by default-SSLClientPolicy
tunnel-group SSLClientProfile webvpn-attributes
enable SSLVPNClient group-alias
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
Review the ip options
!
global service-policy global_policy
context of prompt hostname
no remote anonymous reporting call
Cryptochecksum:6a58e90dc61dfbf7ba15e059e5931609
: end
Looks like you got the permit vpn sysopt disable to enable:
Sysopt connection permit VPN
Also remove the dynamic NAT depending on whether you have already configured under the NAT object:
No source (indoor, outdoor) nat Dynamics one interface
Then 'clear xlate' once again and let us know if it works now.
-
How to set the user who accesses the repository
Hello
I know that we can create the user and group in the tools-> Security. And if this user is belongs to the Administrators group, it can access RPD and some change...
Can we create group or user that accesses the RPD in some cases (as mentioned in the HELP, A could access the repository every Monday and Wednesday, B can access the repository Saturday and Sunday) and how to define the privilege...
Thank you
AnneHi Anne,.
Add the user to the administrator group inorder to access the RPD, no choice.
Rgds
DpKaPublished by: Dpka on October 19, 2011 10:51
Maybe you are looking for
-
I know that a setting has been changed, I can't remember what I did. ? When you use the two back the orientiation of the back side is upside down. What have I done? and how can I solve this problem? Help?
-
Suddenly lost ability to answering incoming call?
(Wow, just left a long detailed post here on the forum.. came in half an hour... it's not here...?) in any case HP Officejet 4635 Laptop HP HDX 18 t VTech answering machine phone laptop computer and printer are connected wifi has had to reboot the pr
-
HP 2000-314NR laptop PC: new hard drive
Replace hard drive, I have no recovery discs, guaranteed... etc how can I restore factory settings? operating system win 7 home prem and all else needed, thanks a lot for the tips...
-
Create the certificate and Code signing
Hi all I'm still a little confused on the operation of the certificate and the sign Code. First I used Flash Builder Burrito to create my certificate and I choose my file syc. After that, I got an email from RIM saying that my registration has been c
-
Hi allEBS R12.2.4RHEL6I really can't perfect my skills of cloningI was cloning this R12.2.4 several times and they always get different error in the scenario of difference.Currently, I get the following error on the appsTier:#########################