Re: Dblink in Oracle10g

• From: "Roman Podshivalov" <roman.podshivalov@xxxxxxxxx>
• To: jkstill@xxxxxxxxx
• Date: Wed, 19 Nov 2008 16:18:04 -0500

Instead of tampering with passwords and profiles it's safer to use proxy
authentication like:

SQL> drop user u1 cascade;
User dropped.
SQL> drop user u2 cascade;
User dropped.
SQL> create user u1 identified by u1;
User created.
SQL> grant create session, create database link to u1;
Grant succeeded.
SQL> create user u2 identified by u2;
User created.
SQL> grant create session to u2;
Grant succeeded.
SQL> alter user u1 grant connect through u2;
User altered.
SQL> connect u2[u1]/u2
Connected.
SQL> show user
USER is "U1"
SQL> create database link a connect to b identified by c using 'd';
Database link created.
SQL>

--romas

On Wed, Nov 19, 2008 at 1:22 PM, Jared Still <jkstill@xxxxxxxxx> wrote:

> On Wed, Nov 19, 2008 at 5:41 AM, <Joel.Patterson@xxxxxxxxxxx> wrote:
>
>>
>> The script would be better off changing the password back to its
>> original immediately after connecting to the local user account.   There
>> is no need to do all the work first if as the description warns about
>> changing a password even for a few seconds.   Well if you change it back
>> immediately it wouldn't be your password for longer than it takes to
>> connect.
>>
>>
> Here is something to check for when temporarily changing passwords.
>
> The account may be assigned to a profile that prevents the reuse of a
> password,
> and may also prevent the use of your temporary password if it doesn't
> meet the criteria of the verify password function.
>
> Best to check beforehand and plan for it.
>
> There is a way to work around the profile problem.
>
> Create a new profile with no options, for temporary use only.
>
> I will call it empty_profile here.
>
>   alter user dblink_owner identified by new_password profile empty_profile;
>
> Do the rest of the work as this user.
>
> Change the password back;
>
>   alter user dblink_owner identified by old_password;
>   alter user dblink_owner profile <original_profile>;
>
> You best document it if you are routinely audited, as these changes
> will appear in sys.user_history$, which a sharp auditor may know about.
>
> Jared
>
>

• Follow-Ups:
  • Re: Dblink in Oracle10g
    • From: Rich Jesse

• References:
  • Re: Dblink in Oracle10g
    • From: Rich Jesse
  • RE: Dblink in Oracle10g
    • From: Joel.Patterson
  • Re: Dblink in Oracle10g
    • From: Jared Still

Other related posts:

• » Dblink in Oracle10g - Nagaraj S
• » Re: Dblink in Oracle10g - Bradd Piontek
• » Re: Dblink in Oracle10g - Yechiel Adar
• » Re: Dblink in Oracle10g - David Ballester
• » Re: Dblink in Oracle10g - Dan Norris
• » Re: Dblink in Oracle10g - Bradd Piontek
• » Re: Dblink in Oracle10g - Yechiel Adar
• » Re: Dblink in Oracle10g - Jared Still
• » Re: Dblink in Oracle10g - Rich Jesse
• » Re: Dblink in Oracle10g - Nagaraj S
• » Re: Dblink in Oracle10g - Dan Norris
• » Re: Dblink in Oracle10g - Dan Norris
• » Re: Dblink in Oracle10g - Nagaraj S
• » RE: Dblink in Oracle10g - Joel.Patterson
• » Re: Dblink in Oracle10g - Jared Still
• » Re: Dblink in Oracle10g - Greg Norris
• » Re: Dblink in Oracle10g - Roman Podshivalov
• » Re: Dblink in Oracle10g - Rich Jesse
• » Re: Dblink in Oracle10g - Rich Jesse
• » Re: Dblink in Oracle10g - Jared Still
• » Re: Dblink in Oracle10g - Kurt Franke
• » RE: Dblink in Oracle10g - Barun, Vlado

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription