i am creating a role name developer
create role developer ;
grant create session,create table to developer
then again i am creating a user
create user dhoni identified by dhoni
granting the role to dhoni
grant role developer to dhoni ;
create table xx(sno number(11));
it not create the table
the error
ORA-01031: insufficient privileges
grant role developer to dhoni ;
That's invalid - it should be
grant developer to dhoni;
Then your create table will work.
May be below solution will help.
SQL> show user
USER is "SYS"
SQL>
SQL> create role developer;
Role created.
SQL> grant create session,create table to developer;
Grant succeeded.
SQL> create user dhoni identified by dhoni;
User created.
SQL> grant developer to dhoni;
Grant succeeded.
SQL> conn dhoni/dhoni
Connected.
SQL> show user
USER is "DHONI"
SQL> CREATE TABLE Persons (
PersonID int,
LastName varchar(255),
FirstName varchar(255),
Address varchar(255),
City varchar(255)
); 2 3 4 5 6 7
Table created.
SQL>
Related
My user only has the privilege to create session, manage scheduler. But I can create tables in the schema, can I change that?
Thank you.
The if the user is able to create a table, then he has more privs than you claim. Here I create a user, grant him ONLY the privs you say, then connect as that user and try to create a table:
SQL> show user
USER is "SYSTEM"
SQL> create user beetle identified by bailey;
User created.
SQL> grant create session to beetle;
Grant succeeded.
SQL> grant manage scheduler to beetle;
Grant succeeded.
SQL> select privilege
2 from dba_sys_privs
3 where grantee='BEETLE';
PRIVILEGE
----------------------------------------
MANAGE SCHEDULER
CREATE SESSION
2 rows selected.
SQL> select granted_role
2 from dba_role_privs
3 where grantee='BEETLE';
no rows selected
SQL> select owner ||'.'||table_name,
2 privilege
3 from dba_tab_privs
4 where grantee='BEETLE';
no rows selected
SQL> -- -------- create the tables
SQL> conn beetle/bailey#pdb01
Connected.
SQL> create table my_test(dob date);
create table my_test(dob date)
*
ERROR at line 1:
ORA-01031: insufficient privileges
SQL> -- -------- load tables
SQL> -- -------- Do the query
SQL> -- -------- clean up
SQL> conn system/halftrack#pdb01
Connected.
SQL> drop user beetle cascade;
User dropped.
How to invoke privileges to create a view in oracle 10g enterprise edition from the user scott? I am getting insufficient privilege error message while trying to create a view for an existing table
To give privileges to create a view, You need to grant CREATE VIEW to Scott user from sysdba user as follows:
GRANT CREATE ANY VIEW TO Scott;
-- OR --
GRANT CREATE VIEW TO Scott;
TL/DR: you need CREATE VIEW system privilege and SELECT object privilege on the related table.
Actually any user having been granted CREATE VIEW with admin option can grant CREATE VIEW this include SYSDBA and SYSTEM users but also any user having DBA role. To able to create a view on a table you generally also need SELECT privilege on the table.
Example with CREATE VIEW WITH ADMIN OPTION:
SQL> --
SQL> show user;
USER is "SYS"
SQL> --
SQL> create user scott identified by "tiger";
User created.
SQL> grant create session to scott;
Grant succeeded.
SQL> --
SQL> create user myadmin identified by "myadmin" quota unlimited on users;
User created.
SQL> grant create session to myadmin;
Grant succeeded.
SQL> grant create table to myadmin;
Grant succeeded.
SQL> grant create view to myadmin with admin option;
Grant succeeded.
SQL> --
SQL> connect myadmin/myadmin
Connected.
SQL> grant create view to scott;
Grant succeeded.
SQL> create table t(x int);
Table created.
SQL> insert into t values(4);
1 row created.
SQL> commit;
Commit complete.
SQL> grant select on t to scott;
Grant succeeded.
SQL> --
SQL> connect scott/tiger
Connected.
SQL> create view v as select * from myadmin.t;
View created.
SQL> select * from v;
X
----------
4
I am trying to create new user in PL/SQL. I am getting an error as follows:
User you use to create another user doesn't have required privileges.
In Oracle, such a "privileged" user is SYS. For example:
SQL> connect sys as sysdba
Enter password:
Connected.
SQL> select tablespace_name from dba_tablespaces;
TABLESPACE_NAME
------------------------------
SYSTEM
SYSAUX
UNDOTBS1
TEMP
USERS
SQL> create user brisime identified by blabla
2 default tablespace users
3 temporary tablespace temp
4 quota unlimited on users;
User created.
SQL>
If I try to do the same as a non-privileged user (i.e. the one that doesn't have create user privilege), it'll fail:
SQL> drop user brisime;
User dropped.
SQL> connect scott/tiger
Connected.
SQL> create user brisime identified by blabla
2 default tablespace users
3 temporary tablespace temp
4 quota unlimited on users;
create user brisime identified by blabla
*
ERROR at line 1:
ORA-01031: insufficient privileges
SQL>
But, if SYS grants create user to scott, Scott will also be able to do that:
SQL> connect sys as sysdba
Enter password:
Connected.
SQL> grant create user to scott;
Grant succeeded.
SQL> connect scott/tiger
Connected.
SQL> create user brisime identified by blabla
2 default tablespace users
3 temporary tablespace temp
4 quota unlimited on users;
User created.
SQL>
Therefore, make sure to acquire required privileges before trying to create user.
The same goes for altering the user - you need to have those privileges.
I have created a user(new_user) with a password.
I have granted create session to that user.
I still cannot connect to database as new_user.
ORA-01017.
I can connect as admin.
I can see the user(new_user) in the other users menu in SQL Developer.
When I go to create a table like CREATE TABLE new_user.SALES, I get ORA-01918: user 'NEW_USER' does not exist.
I can right-click and create a table.
I know I have the right password.
Sounds very much like the double quotes issue.
Here's how it is supposed to be done:
SQL> connect sys as sysdba
Enter password:
Connected.
SQL>
SQL> create user new_user identified by new_user
2 default tablespace users
3 temporary tablespace temp
4 quota unlimited on users;
User created.
SQL> grant create session, create table to new_user;
Grant succeeded.
SQL> connect new_user/new_user
Connected.
SQL> create table test (id number);
Table created.
This is what I suspect you did: drop the old user first:
SQL> connect sys as sysdba
Enter password:
Connected.
SQL> drop user new_user cascade;
User dropped.
SQL>
Now, start over. Pay attention to all double quotes in the following code:
SQL> create user "new_user" identified by new_user
2 default tablespace users
3 temporary tablespace temp
4 quota unlimited on users;
User created.
SQL> grant create session, create table to new_user;
grant create session, create table to new_user
*
ERROR at line 1:
ORA-01917: user or role 'NEW_USER' does not exist
SQL> grant create session, create table to "new_user";
Grant succeeded.
SQL> connect new_user/new_user
ERROR:
ORA-01017: invalid username/password; logon denied
Warning: You are no longer connected to ORACLE.
SQL> connect "new_user"/new_user
Connected.
SQL> create table new_user.test (id number);
create table new_user.test (id number)
*
ERROR at line 1:
ORA-01918: user 'NEW_USER' does not exist
SQL> create table "new_user".test (id number);
Table created.
SQL>
See? If you created it using double quotes, every time you reference it, you must use double quotes.
I suggest you get rid of them (double quotes) when working with Oracle. That includes users, table names, column names, procedure names, everything.
I create user A and B with system admin
-- CREATE USER1 SQL
CREATE USER USERA IDENTIFIED BY 123456 ;
GRANT CREATE SESSION TO USERA;
CREATE USER USERB IDENTIFIED BY 123456 ;
GRANT CREATE SESSION TO USERB;
and set Privileges to USERA
-- SYSTEM PRIVILEGES USERA
GRANT CREATE TABLE TO USERA;
GRANT DELETE ANY TABLE TO USERA;
GRANT GRANT ANY PRIVILEGE TO USERA;
and create table by USERA
CREATE TABLE tableA
(ID VARCHAR2(5)
, DATA VARCHAR2(20) );
and create Privileges to USERB by USERA set select tableA
GRANT SELECT ON tableA to USERB;
but USERB can't select tableA
ERROR:ORA-00942: table or view does not exist
How do I solve the problem?
If you don't specify the owner for a table, Oracle will assume the owner is the current user.
select * from usera.tablea;
To avoid this issue, it's usually recommended to create a local synonym (owned by userb):
create synonym userb.tablea for usera.tablea;
Now, userb can query the table:
select * from tablea;