Home » RDBMS Server » Security » Manage password for users (Linux, 11G)
Manage password for users [message #425882] Mon, 12 October 2009 18:05 Go to next message
rkl1
Messages: 97
Registered: June 2005
Member
Dear All,

Is it possible to create an user who could take care of changing the password of users if required, unlock their accounts etc. However this user should not be given the powerful dba role but allocated enough system privilege to do enforce security on users.

I was thinking of granting alter user but it seems very powerful. The users who got this role could even change the password for sys.

Any help would be appreciated.

Thanks.
Re: Manage password for users [message #425883 is a reply to message #425882] Mon, 12 October 2009 18:32 Go to previous message
BlackSwan
Messages: 26766
Registered: January 2009
Location: SoCal
Senior Member
>Any help would be appreciated.Any help would be appreciated.

One possible approach/solution is to have a "DBA" user create and own a stored procedure that can change passowrds; only.
Let's call it NEW_PWD procedure.
Then the owner of this new procedure does the following:

GRANT EXECUTE ON NEW_PWD TO PWD_CHANGER;

Now user, PWD_CHANGER, can only do what the procedure is capable of doing.
Previous Topic: ORA-28112: failed to execute policy function
Next Topic: privileges to access another objects
Goto Forum:
  


Current Time: Thu Mar 28 04:25:36 CDT 2024