Oracle8i SQL Reference Release 2 (8.1.6) A76989-01 |
|
SQL Statements (continued), 5 of 10
To create and configure a database user, or an account through which you can log in to the database and establish the means by which Oracle permits access by the user.
Note: You can enable a user to connect to Oracle through a proxy (that is, an application or application server). For syntax and discussion, refer to "ALTER USER". |
You must have CREATE
USER
system privilege. When you create a user with the CREATE
USER
statement, the user's privilege domain is empty. To log on to Oracle, a user must have CREATE
SESSION
system privilege. Therefore, after creating a user, you should grant the user at least the CREATE
SESSION
privilege. See "GRANT system_privileges_and_roles".
user |
is the name of the user to be created. This name can contain only characters from your database character set and must follow the rules described in the section "Schema Object Naming Rules". Oracle recommends that the user name contain at least one single-byte character regardless of whether the database character set also contains multi-byte characters. |
|
|
indicates how Oracle authenticates the user. See Also: Oracle8i Application Developer's Guide - Fundamentals and your operating system specific documentation for more information. |
|
|
|
creates a local user and indicates that the user must specify password to log on. Passwords can contain only single-byte characters from your database character set regardless of whether this character set also contains multibyte characters.
Passwords must follow the rules described in the section "Schema Object Naming Rules", unless you are using Oracle's password complexity verification routine. That routine requires a more complex combination of characters than the normal naming rules permit. You implement this routine with the See Also: Oracle8i Administrator's Guide to for a detailed description and explanation of how to use password management and protection. |
|
|
creates an external user and indicates that a user must be authenticated by an external service (such as an operating system or a third-party service). Doing so causes Oracle to rely on the login authentication of the operating system to ensure that a specific operating system user has access to a specific database user. |
|
|
WARNING: Oracle strongly recommends that you do not use |
|
|
creates a global user and indicates that a user must be authenticated by the enterprise directory service. The 'external_name' string can take one of two forms: |
|
|
|
|
|
See Also: Oracle Advanced Security Administrator's Guide for more information on global users. |
|
Note: You can control the ability of an application server to connect as the specified user and to activate that user's roles using the ALTER USER statement. See Also: "ALTER USER" |
|
|
identifies the default tablespace for objects that the user creates. If you omit this clause, objects default to the See Also: "CREATE TABLESPACE" for more information on tablespaces. |
|
|
identifies the tablespace for the user's temporary segments. If you omit this clause, temporary segments default to the |
|
|
allows the user to allocate space in the tablespace and optionally establishes a quota of integer bytes. Use K or M to specify the quota in kilobytes or megabytes. This quota is the maximum space in the tablespace the user can allocate. |
|
|
A |
|
|
|
|
|
reassigns the profile named to the user. The profile limits the amount of database resources the user can use. If you omit this clause, Oracle assigns the See Also: "GRANT system_privileges_and_roles" and "CREATE PROFILE". |
|
|
causes the user's password to expire. This setting forces the user (or the DBA) to change the password before the user can log in to the database. |
|
|
locks the user's account and disables access. |
|
|
unlocks the user's account and enables access to the account. |
If you create a new user with PASSWORD EXPIRE
, the user's password must be changed before attempting to log in to the database. You can create the user SIDNEY
by issuing the following statement:
CREATE USER sidney IDENTIFIED BY welcome DEFAULT TABLESPACE cases_ts QUOTA 10M ON cases_ts TEMPORARY TABLESPACE temp_ts QUOTA 5M ON system PROFILE engineer PASSWORD EXPIRE;
The user SIDNEY
has the following characteristics:
WELCOME
CASES_TS
, with a quota of 10 megabytes
TEMP_TS
SYSTEM
, with a quota of 5 megabytes
ENGINEER
SIDNEY
can log in to the database
To create a user accessible only by the operating system account GEORGE
, prefix GEORGE
by the value of the initialization parameter OS_AUTHENT_PREFIX
. For example, if this value is "OPS$
", you can create the user OPS$GEORGE
with the following statement:
CREATE USER ops$george IDENTIFIED EXTERNALLY DEFAULT TABLESPACE accs_ts TEMPORARY TABLESPACE temp_ts QUOTA UNLIMITED ON accs_ts;
The user OPS$GEORGE
has the following additional characteristics:
ACCS_TS
TEMP_TS
ACCS_TS
and TEMP_TS
DEFAULT
profile
The following example creates user CINDY
as a global user:
CREATE USER cindy IDENTIFIED GLOBALLY AS 'CN=cindy,OU=division1,O=oracle,C=US' DEFAULT TABLESPACE legal_ts QUOTA 20M ON legal_ts PROFILE lawyer;
|
Copyright © 1999 Oracle Corporation. All Rights Reserved. |
|