Overview of Manually Granting Administrator, Operator, and Task-Specific Privileges for Databases
Describes how to enable Windows to grant the database administrator (SYSDBA), database operator (SYSOPER), database administrator for ASM (SYSASM), and new task-specific and less privileged than the ORA_DBA/SYSDBA system privileges to administrators.
With these privileges, the administrator can issue the following commands from a client computer and connect to Oracle Database without entering a password:
SQL> CONNECT / AS SYSOPER SQL> CONNECT / AS SYSDBA SQL> CONNECT / AS SYSASM SQL> CONNECT / AS SYSBACKUP SQL> CONNECT / AS SYSDG SQL> CONNECT / AS SYSKM
To enable this feature, a Windows local or a domain user name of the administrator must belong to one of the Windows local groups listed in Windows Local Groups with SYSDBA, SYSOPER, SYSASM, SYSDG, SYSBACKUP, and SYSKM Privileges.
Table 11-1 Windows Local Groups with SYSDBA, SYSOPER, SYSASM, SYSDG, SYSBACKUP, and SYSKM Privileges
| Local Group | System Privileges |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Note
All the groups mentioned in the table above are automatically created during installation and the Oracle Home User is automatically added to ORA_HOMENAME_DBA group. See section "Overview of Operating System Authentication Enabled at Installation" for information.
See Also:
The manual procedure for enabling administrators to connect as SYSOPER, SYSDBA, SYSASM, SYSDG, SYSKM, or SYSBACKUP without a password is divided into two sets of tasks performed on different computers:
- Running System Privilege Authentication Tasks on the Oracle Database Server
Learn about running system privilege authentication tasks on the Oracle Database server. - Running System Privilege Authentication Tasks on the Client Computer
Learn about running system privilege authentication tasks on the client computer.