1.6 Administering User Accounts and Security


1. Overview


Purpose

In this tutorial you learn how to use Enterprise Manager Express to administer user accounts and roles, named groups of related system and object privileges.

Time to Complete

Approximately 1 hour

Introduction

For users to access your database, you must create user accounts and grant appropriate database access privileges to those accounts. A user account is identified by a user name and defines the attributes of the user.

Software Requirements

The following is a list of software requirements:
  • Oracle Database 12c
Prerequisites

Before starting this tutorial, you should:
  • Installed Oracle Database 12c
  • Configured the HTTPS port for Enterprise Manager Express

2. Administering Roles 


Roles are named groups of related system and object privileges. You can create roles and then grant them to users and to other roles.
  • Viewing Roles
1. Log in to Enterprise Manager Database Express as the SYSTEM user.

Administering User Accounts and Security

2. Select Roles in the Security menu.

Administering User Accounts and Security

3. The Roles page is displayed.

Administering User Accounts and Security

4. To view the privileges granted to a role, select a role of interest. The CONNECT role is selected in this example. Click View Details in the Actions menu.

Administering User Accounts and Security

5. The Privileges & Roles tab shows the system privileges and roles granted to the CONNECT role. Click the Object Privileges tab.

Administering User Accounts and Security


6. The Object Privileges tab shows the object privileges granted to the role. There are no object privileges granted to the CONNECT role.

Administering User Accounts and Security

7. Click ORCL to return to the Database Home page.

  • Creating a Role
1. Select Roles in the Security menu.

Administering User Accounts and Security

2. Click Create Role.

Administering User Accounts and Security

3. Enter a name such as appdev for the role. Click the right arrow.

Administering User Accounts and Security

4. Select the privileges to grant to the role by selecting the privilege name and clicking the right arrow. Select CREATE PROCEDURE, CREATE SEQUENCE, CREATE SYNONYM, CREATE TABLE, CREATE TRIGGER, and CREATE VIEW.

Administering User Accounts and Security

5. Select "With Admin" for each privilege. Click OK.

Administering User Accounts and Security

6. Click OK on the Confirmation page.

Administering User Accounts and Security

7. The new APPDEV role is displayed on the Roles page.

Administering User Accounts and Security

8. Click ORCL to return to the Database Home page.
  • Modifying a Role
1. Select Roles in the Security menu.

Administering User Accounts and Security

2. Select the role to modify, the APPDEV role. Select "Alter Privileges & Roles" in the Actions menu.

Administering User Accounts and Security

3. Select the CONNECT role. Click the right arrow.

Administering User Accounts and Security

4. Select "With Admin" for the CONNECT role. Click OK.

Administering User Accounts and Security

5. Click OK on the Confirmation page.

Administering User Accounts and Security

6. The Roles page is displayed again.

Administering User Accounts and Security

7. Click ORCL to return to the Database Home page.

3. Administering Database User Accounts


When you create a user account, you must assign a user name, a password, and default tablespaces for the account. You must also grant the appropriate system privileges, object privileges, and roles to the user account. If the user will create database objects, assign a space usage quota for each affected tablespace.
  • Viewing User Accounts
1. Select Users in the Security menu.

Administering User Accounts and Security

2. The Users page is displayed.

Administering User Accounts and Security

3. To view additional information about the user, select the user. Expand the Actions menu and select View Details.

Administering User Accounts and Security

4. Privileges and roles granted to the user are displayed. 

Administering User Accounts and Security

5. Click ORCL to return to the Database Home page.
  • Creating a User Account
1. Select Users in the Security menu.

Administering User Accounts and Security

2. Click Create User on the Users page.

Administering User Accounts and Security

3. Enter a user name such as appuser in the Name field. Enter a password in the Password field and in the Confirm Password field. Accept the Profile default value of DEFAULT. Click the right arrow.

Administering User Accounts and Security

4. Select the APPTS tablespace or another tablespace of your choice. Accept the Temporary Tablespace default of TEMP. Click the right arrow.

Administering User Accounts and Security

5. Select the APPDEV role and select With Admin. Click OK.

Administering User Accounts and Security

6. Click OK on the Confirmation page.

Administering User Accounts and Security

7. The new APPUSER user is listed on the Users page.

Administering User Accounts and Security

8. Click ORCL to return to the Database Home page.
    • Unlocking a User Account

1. Select Users in the Security menu.

Administering User Accounts and Security

2. Select the HR user. Select Alter Account in the Actions menu

Administering User Accounts and Security

3. Deselect Account Locked. Click OK.

Administering User Accounts and Security

4. Click OK on the Confirmation page.

Administering User Accounts and Security

5. The Account Status for the HR user indicates the user is unlocked.

Administering User Accounts and Security