Database Reference
In-Depth Information
If your Linux/Unix account is a member of the
dba
group (your shop might use a different group name, but
dba
is the most common), you can connect to your database with the required privileges via SQL*Plus by virtue of being
logged in to your Linux/Unix account.
On Windows, the OS user must be part of either the
ora_dba
group or the
ora_oper
group. In Windows
environments, you can verify which OS users belong to the
ora_dba
group as follows: select Control Panel
➤
Administrative Tools
➤
Computer Management
➤
Local Users and Groups
➤
Groups. You should see a group named
something like
ora_dba
. You can click that group and view which OS users are assigned to it. Additionally, for OS
authentication to work in Windows environments, you must have the following entry in your
sqlnet.ora
file:
SQLNET.
AUTHENTICATION_SERVICES=(NTS)
.
On Linux/Unix, you can quickly verify the operating system groups that your account belongs to using the
id
command without any parameters:
$ id
uid=500(oracle) gid=500(oinstall) groups=500(oinstall),501(dba),502(oper),503(asmdba),
504(asmoper),505(asmadmin),506(backupdba)
The prior output indicates that the
oracle
user is included in several groups, one of which is
dba
. Any user who
belongs to the
dba
group can connect to the database with
SYSDBA
privileges. A user with
SYSDBA
privileges can start
and stop the database. This example uses OS authentication to connect to your database as the user
SYS
:
$ sqlplus / as sysdba
No username or password is required when using OS authentication (hence just the slash without a user/
password) because Oracle first checks to see if the OS user is a member of a privileged OS group, and if so, connects
without checking the username/password. You can verify that you have connected as
SYS
by issuing the following:
SQL> show user
USER is "SYS"
The privileged OS groups are established when installing the Oracle software. There are a few OS groups that
pertain to backup and recovery:
•
dba
•
oper
backupdba
(available starting with Oracle 12c)
Each OS group corresponds to certain database privileges. Table
1-1
shows the mapping of OS groups to database
system privileges and operations.
•
Table 1-1.
Mapping of OS Groups to Privileges Related to Backup and Recovery
Operating System Group
Database System Privilege
Authorized Operations
dba
sysdba
Start up, shut down, alter database, create and drop database,
toggle archivelog mode, back up, and recover database.
oinstall
none
Install and upgrade Oracle binaries.
oper
sysoper
Start up, shut down, alter database, toggle archivelog
mode, back up, and recover database.
backupdba
sysbackup
Available starting with Oracle 12
c
, this privilege allows
you to start up, shut down, and perform all backup and
recovery operations.
