Oracle creates user Ora-01045:user lacks create SESSION privilege;

Conn Internal/oracle

Grant user aaaa identified by AAAA;

Conn AAAA/AAAA will error:

Sql>conn AAAA/AAAA will error:

ERROR:

Ora-01045:user AAAA lacks CREATE SESSION privilege; Logon denied

Reason:

The user needs at least the right to session, or the connection is unsuccessful;

The user shall have the right to have other actions on the right of the session;

Workaround: 1

Grant Connect, resource to AAAA;

2

Grant create session to AAAA;

Oracle's security

First: User Management *******************************************

The user needs at least the right to session, or the connection is unsuccessful;

The user shall have the right to have other actions on the right of the session;

Oracle's user and password is not case-sensitive, it is really surprising;

Oralce, all users must be explicitly authorized in order to operate;

In SQL Server, the user created automatically has some permissions;

Oracle does not rely on the operating system; SQL Server relies on Windows;

Microsoft assumes that most users are legitimate users and take an optimistic attitude;

Oracle first assumes that the user is insecure and takes a pessimistic attitude;

Users in Oracle are isolated from each other, known as user mode;

Built-in Users:

SYS, network administrator, highest authority;

When you try to enter the user name: sys

Password: Universal

After that, you find that the connection is not up;

and enter the user name: System

Password: Universal

or user name: Scott

Password: Tiger

Can be connected, so you think

SYS has no system-high permissions;

In fact, because SYS has a high authority, you have to

DBA identity to login: sys/General as Sysdba

You can use the data dictionary user_users to view the users managed by the current user:

SELECT * from user_users;

Dba_users can view DBA-managed users;

System, manage only the database on this computer ;

And All_users View all users, only the DBA to view;

To create a user:

Create user username identified by password [externally]

[Default TABLESAPCE tablespace name]

[Temporary tablespace temp table space name]

[Quota integer k| m|unlimited on table space name]

Note: The creation user must have DBA authority;

Query users:

is actually the table user_users/dba_users/all_users to query,

Just don't call them a table, a data dictionary, and a data dictionary is a system

maintenance of;

To modify a user:

Alter user.....//back and create the same;

An instance of Oracle is a database that is equivalent to all SQL Server databases;

A database of Oracle is divided into a number of table spaces, each of which corresponds to a database in SQL Server;

Example Demo:

Create User Student_user

Identified by student

Default Tablespace users

Temporary Tablespace Temp

Quota 5m on users

Quota 3m on Temp

/Among them, users,temp are built-in table space, Student_user has 5m space in the users, 3m in temp;

The newly created user is not entitled to:

Sql> Conn Student_user/student;

ERROR:

Ora-01045:user Student_user lacks CREATE SESSION privilege; Logon denied

Warning: You are no longer connected to ORACLE.

Restrict users

Lock: Alter user username account lock;

Effect:

sql> ALTER user Student_user account lock;

The user has changed.

Sql> Conn Student_user/student;

ERROR:

Ora-28000:the account is locked

Warning: You are no longer connected to ORACLE.

Unlock: Alter user username account unlock;

Invalid password: Alter user name password expire; When a user creates a number of tables,

If you delete the user directly, the table below will be deleted, so we can

Only makes its password invalid;

Visible, the table is the user's hand, the user has not, the user created the table, occupy the space is gone;

Therefore, in general, we do not delete users;

To delete a user:

Drop user username [cascade]

Cascade is forced to delete even if someone else is using this user's table;

The database management statement is the automatic end transaction, does not have the rollback opportunity;

Second: Rights Management ***********************************************

Authorization: Grant [System privilege name] [role] [on authorized action table name] to [list of user names]

[Public] [with admin option]

If it is a DCL statement, you do not have to be authorized to manipulate the table name

Grant all on student to public: grants all users all permissions to student;

Data dictionary: User_sys_privs

Oracle creates user Ora-01045:user lacks create SESSION privilege;