Trying to access default Database from Oracle 12c but Oracle 12c not accessing by default Username Scott and Password Tiger, Why?. While 11g provide the access.
Per the Docs
When you install Oracle Database with the Oracle Universal Installer,
the sample schemas are installed by default if you select the Basic
Installation option. Selecting the sample schemas option installs all
sample schemas (HR, OE, PM, SH, IX) in the database. If you choose not
to install the sample schemas at that time, you can add them later by
following the instructions in section "Manually Installing Sample
Schemas".
At the end of the installation process, a dialog box displays the
accounts that have been created and their lock status. By default, all
sample schemas are locked and their passwords are expired. Before you
can use a locked account, you must unlock it and reset its password.
You can unlock the accounts at this point in the installation process.
Alternatively, after the installation completes, you can unlock the
schemas and reset their passwords by using the ALTER USER ... ACCOUNT
UNLOCK statement.
Related
I am using Oracle database 21c Express edition in Windows x64.
With system user, I run
alter user `bichvan` account lock
With system user
but, in Oracle SQL Developer, session of user bichvan, I still can query.
Why alter user lock, still can query?
Documentation says:
To temporarily deny access to the database for a particular user account, you can lock the user account. If the user then attempts to connect, then the database displays an error message and does not allow the connection.
It means that lock won't affect currently logged users. But, if you disconnect and then try to connect, you won't be allowed to do that.
I'm new to Oracle and I'm currently hardening a database.
It's a good idea to drop SYS and SYSTEM users? normally default accounts are dropped because of security reasons, I can do that on Oracle, or I will break something?
From the documentation (emphasis added):
All databases include the administrative accounts SYS, SYSTEM, and DBSNMP. Administrative accounts are highly privileged accounts, and are needed only by individuals authorized to perform administrative tasks such as starting and stopping the database, managing database memory and storage, creating and managing database users, and so on. You log in to Oracle Enterprise Manager Database Express (EM Express) with SYS or SYSTEM. You assign the passwords for these accounts when you create the database with Oracle Database Configuration Assistant (DBCA). You must not delete or rename these accounts.
And:
All base (underlying) tables and views for the database data dictionary are stored in the SYS schema. These base tables and views are critical for the operation of Oracle Database.
So no, it is not a good idea, and it would destroy your database.
normally default accounts are dropped because of security reasons, I can do that on Oracle, or I will break something?
The first documentation link above also says (emphasis added again):
All databases also include internal accounts, which are automatically created so that individual Oracle Database features or components such as Oracle Application Express can have their own schemas. To protect these accounts from unauthorized access, they are initially locked and their passwords are expired. (A locked account is an account for which login is disabled.) You must not delete internal accounts, and you must not use them to log in to the database.
And it mentions sample schema accounts, which you can choose not to install in the first place, but which could be dropped if required.
The main thing is to secure all accounts, and you should limit any accounts you create to only have the minimum privileges necessary.
You can also read more about this in the database administrator's guide,
It is a very bad idea. I don't think the database will even work without them and doubt that the drop is allowed. Make sure the accounts are safe instead.
I just downloaded the Oracle Database 11g and I can't select,create,update or do anything. Every command that I entered and run only results to "ORA-01435: user does not exist"
What are the things that i need to do in order to enable creating and running some commands?
Here is a picture of ORA-01435: user does not exist
Please look at right upper corner SCHEMA:XS$NULL:
From Securing Oracle Database User Accounts
XS$NULL
An internal account that represents the absence of a user in a session. Because XS$NULL is not a user, this account can only be accessed by the Oracle Database instance. XS$NULL has no privileges and no one can authenticate as XS$NULL, nor can authentication credentials ever be assigned to XS$NULL.
Expired and locked
You need to change it to some specific schema.
I'm just getting started with Oracle data export and import and things worked perfectly fine the first time around. But then I came back next day repeated the exact same steps on the same systems, but get ORA-01435: user does not exist error.
System Specs for all machines:
-OS: Windows 2012 R2 x64
-Oracle Server: Oracle 11G Express x64
Objective:
I'm exporting data from Oracle server 1 and importing to Oracle server 2.
Procedure:
Export data dump is successful from Oracle server 1.
but when importing the data dump on Oracle server 2, I follow this procedure:
-Stop IIS service
net stop WAS
Create Schema/user account and Grant privileges before import
net stop WAS
sqlplus / as sysdba;
CREATE user PIE1 identified by PASS1;
GRANT ALL PRIVILEGES TO PIE1;
GRANT IMP_FULL_DATABASE TO PIE1;
According to oracle, all goes well, but look at the first image bellow. In DBeaver, I can see that only the User account PIE1 has been created, but NO schema.
Oracle issue 1. User account created, but not the Schema
Question 1: According to Oracle, the command "Create User" IS supposed to also create an associated Schema. Anyone have an idea why this is no longer working for me? It worked once the night before.
I then continue the import procedure as follows:
imp PIE1/PASS1#xe file=c:\Backups\AVUSER2_6_7.dmp log=c:\Backups\import.log fromuser=AVUSER2_6_7 touser=PIE1;
But get the following error:
Oracle claims the User doesn't exist even though it does
Oracle claims the User doesn't exist even though it does. I repeated the entire procedure and even created an identical import/export user account and credentials, and this error still comes up.
Question 2: Any idea why Oracle "Can't find" a user account that's clearly in the database?
Additional Info:
Checked that my windows account is in admin group
Checked that my windows account is in ORA_DBA group
Opened all CMD prompt as Admin
As you implied, users and schemas as the same in Oracle, you can't have a user without a schema. No idea about DBeaver, but as there are other users that aren't listed under 'schemas' (according to your second image - ANONYMOUS, DIP, ...) that seems to be unrelated.
(Purely a guess, but perhaps the user you're connect as in DBeaver just doesn't have visibility of any objects owned by those users - maybe it only lists users it can see in all_objects, say. Pure speculation, but you could investigate that by looking at the data dictionary while connect through SQL*Plus as the same user. According to this old forum post, there is an option to hide empty schemas...)
The import is connecting successfully as PIE1 - you'd get a different error, ORA-01017, if it wasn't and you wouldn't see the 'Connected to...' banner or anything after that.
Your import command has a trailing semicolon that should not be there. The "importing ... objects into" message shows that it's trying to import into the PIE1; user and not the one you actually created, PIE1. Remove that semicolon and try again.
Incidentally, you can probably also remove the #xe TNS alias and stick to a local connection, assuming the environment is configured as it was whenyou ran SQL*Plus. You should also consider using datapump expdp/impdp rather than the legacy exp/imp.
Today I have a problem with Oracle.
I have Oracle Label Security (OLS) and Oracle Database Vault installed, but OLS is registered, ODV is not.
Today I register ODV too, and now, I can login to Enterprise Manager with user LBACSYS (of OLS) but when I click to OLS on Security tab, EM show me error :
You have been logged in to a Database with Database Vault installed on it. You do not have sufficient privileges to access the Database Vault features on Enterprise Manager. Please contact your administrator
I don't know how to use OLS with ODV enabled, can you tell me ?
Thanks.