Vous êtes sur la page 1sur 2

A user account is identified by a user name and defines the user's attributes, i

ncluding the following:


Password for database authentication
Privileges and roles
Default tablespace for database objects
Default temporary tablespace for query processing work space
What Is the Relation of a User Account and a Schema?
User accounts and schemas have a one-to-one relation. When you create a user, yo
u are also implicitly creating a schema for that user. A schema is a logical con
tainer for the database objects (such as tables, views, triggers, and so on) tha
t the user creates. The schema name is the same as the user name, and can be use
d to unambiguously refer to objects owned by the user.
What Is a User Role?
A user role is a group of privileges. Privileges are assigned to users through u
ser roles. You create new roles, grant privileges to the roles, and then grant r
oles to users.
What Are the System Predefined User Roles?
Oracle 10g XE comes with 3 predefined roles:
CONNECT - Enables a user to connect to the database. Grant this role to any user
or application that needs database access.
RESOURCE - Enables a user to create certain types of schema objects in his own s
chema. Grant this role only to developers and to other users that must create sc
hema objects. This role grants a subset of the create object system privileges.
DBA - Enables a user to perform most administrative functions, including creatin
g users and granting privileges; creating and granting roles; creating and dropp
ing schema objects in other users' schemas; and more. It grants all system privi
leges, but does not include the privileges to start up or shut down the database
. It is by default granted to user SYSTEM.
What Are Internal User Account?
An internal user account is a system predefined user account. Oracle 10g XE come
s with a number of internal accounts:
SYSTEM - This is the user account that you log in with to perform all administra
tive functions other than starting up and shutting down the database. SYSTEM is
automatically created when you install the server. It's password is the one you
specified during the installation process.
SYS - This is another user account automatically created when you install the se
rver. It's password is the one you specified during the installation process. Al
l base tables and views for the database data dictionary are stored in the SYS s
chema. So avoid log in as user SYS as much as possible to reduce the risk of dam
aging those important data objects. User SYSTEM is preferred for all administrat
ive tasks except starting up and shutting down.
Other internal user accounts - Other special user accounts are predefined for sp
ecial purposes. For example, CTXSYS is a special user account used by the Oracle
Text product.
How To Connect to the Server with User Account: SYS?
SYS is a very special user account. It has been associated with the highest priv
ilege call SYSDBA. Normally, you should not connect to the server with SYS. But
if you want to use it, you need to use a special connect command:
>cd (OracleXE home directory)
>.\bin\sqlplus /nolog
SQL> connect SYS/fyicenter AS SYSDBA
Connected.
SQL> quit
Note that the "/nolog" option is used to start SQL*Plus without login immediatel
y. A special form of the "connect" command is used to include the user name, pas
sword, and the privilege in the same line.
You can not log in with SYS without SYSDBA privilege.
How To Use Windows User to Connect to the Server?
During the installation process, 10g XE will create a special Windows user group
called ORA_DBA, and put your Windows user into this group. Any Windows users in
this group can be connected to Oracle server with SYSDBA privilege without any
Oracle server user account. This process is called connecting the server as SYSD
BA with OS Authentication. Here is how to do this with a special form of the "co
nnect" command:
(Log in with the same user you used to install 10g XE)
>cd (OracleXE home directory)
>.\bin\startdb
>.\bin\sqlplus /nolog
SQL> connect / AS SYSDBA
Connected.
SQL> quit
So if "connect" is used without user name and password, the current Windows user
will be trusted if he/she is in the ORA_DBA user group on the Windows system.
How To List All User Accounts?
User accounts can be accessed through a system view called ALL_USERS. A simple S
ELECT statement can be used to get a list of all user accounts. Try the followin
g script:
>.\bin\sqlplus /nolog
SQL> connect SYSTEM/fyicenter
Connected.
SQL> SELECT * FROM ALL_USERS;
USERNAME USER_ID CREATED
------------------------------ ---------- ---------
FLOWS_020100 35 07-FEB-06
FLOWS_FILES 34 07-FEB-06
HR 33 07-FEB-06
MDSYS 32 07-FEB-06
ANONYMOUS 28 07-FEB-06
XDB 27 07-FEB-06
CTXSYS 25 07-FEB-06
DBSNMP 23 07-FEB-06
TSMSYS 20 07-FEB-06
DIP 18 07-FEB-06
OUTLN 11 07-FEB-06
SYSTEM 5 07-FEB-06
SYS 0 07-FEB-06