RE: account unlock/password reset
- From: "Bobak, Mark" <Mark.Bobak@xxxxxxxxxxxx>
- To: "JEREMY.SHEEHAN@xxxxxxx" <JEREMY.SHEEHAN@xxxxxxx>, "oracle-l@xxxxxxxxxxxxx" <oracle-l@xxxxxxxxxxxxx>
- Date: Mon, 12 Jan 2009 17:42:23 -0500
Standard approach would be to have DBA_ACCESS_ACCOUNT with ALTER USER priv.
Create definer rights PL/SQL package w/ procedures for locking, unlocking, and
password reset.
Then, create accounts for level 2 support personnel. Their accounts get only
create session and execute on the PL/SQL package you created. They can login,
they can lock/unlock/reset password, and that's it.
Hope that helps,
-Mark
--
Mark J. Bobak
Senior Database Administrator, System & Product Technologies
ProQuest
789 E. Eisenhower, Parkway, P.O. Box 1346
Ann Arbor MI 48106-1346
+1.734.997.4059 or +1.800.521.0600 x 4059
mark.bobak@xxxxxxxxxxxx<mailto:mark.bobak@xxxxxxxxxxxxxxx>
www.proquest.com<http://www.proquest.com>
www.csa.com<http://www.csa.com>
ProQuest...Start here.
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On
Behalf Of SHEEHAN, JEREMY
Sent: Monday, January 12, 2009 4:34 PM
To: oracle-l@xxxxxxxxxxxxx
Subject: account unlock/password reset
I've co-authored a procedure that does and account unlock and password reset.
It works great (if you're interested I'll post it, too).
Now I'd like to give this to level 2 support and have this taken out of the
hands of the DBA's. We've got a few support users that are ready to use it,
but I'm not thrilled with granting 'ALTER USER' to them.
Is there anyway around allowing users to unlock accounts and change password
without granting 'ALTER USER'?
Thanks!
Jeremy
P Consider the environment. Please don't print this e-mail unless you really
need to.
Other related posts:
