No, password. Before connecting as sysdba, 'show user' shows whatever
oracle account logged on, after it shows sys.
Thanks, I think I'll have to make a new admin group for the software
owner account and take it out of the dba group.
At 12:07 PM 6/16/2004, Zeng, Lei wrote:
Is your database using OS authentication?---------------------------------------------------------------- Please see the official ORACLE-L FAQ: http://www.orafaq.com ---------------------------------------------------------------- To unsubscribe send email to: oracle-l-request@xxxxxxxxxxxxx put 'unsubscribe' in the subject line. -- Archives are at //www.freelists.org/archives/oracle-l/ FAQ is at //www.freelists.org/help/fom-serve/cache/1.html -----------------------------------------------------------------
When a member of Unix 'dba' group logged in, could you try 'show user' command in sqlplus to see what is showing up?
If it shows as 'sys', it is automatically granted sysdba.
Lei
From: Catherine LeBlanc [mailto:cleblan2@xxxxxxxxxxxxxxxx]
Sent: Tuesday, June 15, 2004 8:22 PM
To: oracle-l@xxxxxxxxxxxxx
Subject: RE: Connecting as sysdba
I believe you do not need to have sysdba granted explicitly to a user if they are logged into the database server as a UNIX user that is a member of UNIX dba (sysdba) group. In this case you can connect as sysdba even if your oracle user account doesn't show up in v$pwfile_users. I have tested this because I have a similar problem in that I want to prevent programmers logged into our UNIX application software owner account from connecting as sysdba. I have not figured out how to do this, and I cannot easily change the application software owner account. Ideas anyone?
Catherine LeBlanc
At 01:00 PM 6/1/2004, Zeng, Lei wrote:
To my knowledge, for a user account to be able to 'connect as sysdba',---------------------------------------------------------------- Please see the official ORACLE-L FAQ: http://www.orafaq.com ---------------------------------------------------------------- To unsubscribe send email to: oracle-l-request@xxxxxxxxxxxxx put 'unsubscribe' in the subject line. -- Archives are at //www.freelists.org/archives/oracle-l/ FAQ is at //www.freelists.org/help/fom-serve/cache/1.html -----------------------------------------------------------------
it needs to be granted 'SYSDBA' privilege (use 'GRANT SYSDBA to USER'
command). To check which user account is currently having SYSDBA
privilege, query table v$PWFILE_USERS .
Lei
-----Original Message-----
From: syed jaffar hussain [mailto:sjaffarhussain@xxxxxxxxxxx]
Sent: Sunday, May 30, 2004 9:57 AM
To: oracle-l@xxxxxxxxxxxxx
Subject: Connecting as sysdba
Hello list,
I have noticed onething, when I logon to my UNIX as oracle user, I am
able to connect to the database as sysdba from any database user.
Sqlplus /nolog
Connect user_1/password as sysdba;
I want to prevent all DB users, except sys, to connect as sysdba. How
can I do it? I tried to change the remote_login_passwordfile values but
vain.
Is this expected behaviour or do I have to change anything in the
init.ora file?
Regds
Jaffar
----------------------------------------------------------------
Please see the official ORACLE-L FAQ: http://www.orafaq.com
----------------------------------------------------------------
To unsubscribe send email to: oracle-l-request@xxxxxxxxxxxxx put
'unsubscribe' in the subject line.
--
Archives are at //www.freelists.org/archives/oracle-l/
FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------
----------------------------------------------------------------
Please see the official ORACLE-L FAQ: http://www.orafaq.com
----------------------------------------------------------------
To unsubscribe send email to: oracle-l-request@xxxxxxxxxxxxx
put 'unsubscribe' in the subject line.
--
Archives are at //www.freelists.org/archives/oracle-l/
FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------
