RE: logon trigger cannot prevent DBA account from logging in data ba se
- From: TU Lijie <Lijie.Tu@xxxxxxxxxxxxx>
- To: 'David Sharples' <davidsharples@xxxxxxxxx>, TU Lijie <Lijie.Tu@xxxxxxxxxxxxx>
- Date: Tue, 4 Apr 2006 13:50:59 -0400
Well, in that case, Oracle should only prevent the logon trigger from
killing sys/system session, while still allow the killing of other sessions.
Anyway, logon trigger does not seem to get what I want, just wondering if
there is a workaround to this.
-----Original Message-----
From: David Sharples [mailto:davidsharples@xxxxxxxxx]
Sent: Tuesday, April 04, 2006 12:42 PM
To: Lijie.Tu@xxxxxxxxxxxxx
Cc: oracle-l@xxxxxxxxxxxxx
Subject: Re: logon trigger cannot prevent DBA account from logging in databa
se
you cant stop dba accounts from logging into the database. The reason being
is that if you wrote a login trigger that didnt work then no-one could ever
log into change it
Revoke dba from the user and grant him the priveleges he needs
On 04/04/06, TU Lijie <Lijie.Tu@xxxxxxxxxxxxx> wrote:
Hi all,
I want to prevent certain OS users from logging in database using certain DB
accounts (say: ORAUSR1). The following code works only if ORAUSR1 is NOT a
DBA account. Can anybody please help?
We have to grant the DBA role to the schema owner of our ERP system , but
the password for this account is well-known and changing it is not advisable
as many applications are using this account with hard-code the password.
Other related posts:
