Database Reference
In-Depth Information
Granting the Authority to Create User Accounts
Users who have been granted the CREATE USER system privilege can create user
accounts. To create common users in the multitenant environment you must have the
CREATE USER system privilege. For a common user to create a local user in a PDB, they
must have the CREATE USER privilege either granted as a common privilege or granted
as a local privilege in the PDB. When you create the user, the current container must be
the target PDB.
As the DBA, you can grant CREATE USER to a local or common user and grant CREATE
SESSION so that they may log on to the target database. If you grant CREATE USER and
CREATE SESSION and include the WITH ADMIN OPTION to a common or local user,
that user can then create users and grant them the privilege to log on.
Creating a New User Account
If you have the CREATE USER system privilege, you can create a database user with the
CREATE USER
statement. This system privilege should be restricted to the database adminis-
trator, security administrator, and in some cases, a local PDB application administrator.
Following is an example of how to create a local user account, specifying the password,
default tablespace, temporary tablespace, and quota on a tablespace. We also grant this new
user the privilege to log on to the PDB.
SQL> ALTER SESSION SET CONTAINER=lne6;
SQL> CREATE USER lne_nd
2 IDENTIFIED BY cgyoomm
3 DEFAULT TABLESPACE user_data
4 QUOTA 1G ON example
5 TEMPORARY TABLESPACE temp
6 CONTAINER = CURRENT;
User created.
SQL>
By default, a newly created user cannot log onto the database. You must grant the
CREATE SESSION system privileges or a role that includes the system privilege to the
new user, and then they'll be able to log on. Roles and privileges will be discussed more
later in this chapter.
SQL> GRANT CREATE SESSION TO lne_nd;
Grant succeeded.
SQL>
Search WWH ::
Custom Search