Re: What privileges/roles are rquired to create a user

• From: Hemant K Chitale <hkchital@xxxxxxxxxxxxxx>
• To: JDunn@xxxxxxxxx, oracle-l@xxxxxxxxxxxxx
• Date: Thu, 16 Sep 2010 22:31:04 +0800

You could create an ADMIN user and grant the user the privileges :
CREATE SESSION
CREATE USER
GRANT ANY PRIVILEGE
GRANT ANY OBJECT PRIVILEGE

Thus, the ADMIN user is not a DBA (does not have the DBA role) and, itself, cannot create any objects (Tablespaces, Tables, Sequences, Packages etc) other than creating other Users. (But then ADMIN can grant any privilege to a user that it creates --- so that is a serious loophole !)

Hemant K Chitale

At 03:47 PM Thursday, you wrote:

Currently whenever we create a new user and grant that user privileges we do that as SYSDBA

We would prefer not to do this as SYSDBA

But what are the minimum privilege(s)/role(s) that a user needs to allow that user to create new users and grant them privileges?

Hemant K Chitale

http://hemantoracledba.blogspot.com




--
http://www.freelists.org/webpage/oracle-l

• References:
  • What privileges/roles are rquired to create a user
    • From: John Dunn

Other related posts:

• » What privileges/roles are rquired to create a user - John Dunn
• » RE: What privileges/roles are rquired to create a user - Goulet, Richard
• » Re: What privileges/roles are rquired to create a user - Hemant K Chitale

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page
• » View list details
• » Manage your subscription