Database SYSDBA无法删除Oracle 12.1.0.2中的用户
甲骨文的新手。我已在CentOS 6.8上成功安装了Oracle DB。我创建了两个数据库:Database SYSDBA无法删除Oracle 12.1.0.2中的用户,database,oracle,permissions,Database,Oracle,Permissions,甲骨文的新手。我已在CentOS 6.8上成功安装了Oracle DB。我创建了两个数据库: 奥克尔 AVDB “AVDB”数据库中存在一些用户。我希望在AVDB数据库中删除一个用户。但是,即使我作为SYSDBA用户以SYS身份连接,也会出现权限不足错误。我甚至无法使用sysuser创建用户 但是,当我作为不同的用户连接到同一个数据库时(我正试图删除的是avuser),我可以创建用户 [oracle@via7was ~]$ sqlplus sys as sysdba SQL*Plus: Rel
avuser
),我可以创建用户
[oracle@via7was ~]$ sqlplus sys as sysdba
SQL*Plus: Release 12.1.0.2.0 Production on Thu Feb 2 14:13:16 2017
Copyright (c) 1982, 2014, Oracle. All rights reserved.
Enter password:
Connected to:
Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production
With the Partitioning, Oracle Label Security, OLAP, Advanced Analytics,
Oracle Database Vault and Real Application Testing options
SQL> drop user avuser cascade;
drop user avuser cascade
*
ERROR at line 1:
ORA-01031: insufficient privileges
SQL> create user test1 identified by secret;
create user test1 identified by secret
*
ERROR at line 1:
ORA-01031: insufficient privileges
SQL> disconnect
Disconnected from Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production
With the Partitioning, Oracle Label Security, OLAP, Advanced Analytics,
Oracle Database Vault and Real Application Testing options
SQL> conn avuser
Enter password:
Connected.
SQL> create user test1 identified by secret;
User created.
首先,确定vault是否处于活动状态:
然后作为数据库所有者连接并禁用vault:
以SYSDBA身份连接并重新启动数据库:
通过以SYSDBA身份连接删除用户:
如果出现上述错误,请查找用户的活动会话
被扔下来杀了他们:
注意:为了安全起见,建议始终重新启用vault
活动完成后的原因
Oracle数据库Vault限制sysdba执行某些操作。然而,这就是我对Oracle数据库Vault的所有了解。。。我怀疑该数据库上的数据库Vault可能有一个规则设置,阻止为sysdba创建/删除用户(不过,这只是一个猜测)。尝试Oracle数据库Vault docs for 12c:这就是问题所在。我必须首先以数据库所有者的身份登录以禁用vault。只有这样,用户才能被删除。好东西。谢谢+1我考虑添加一个答案而不是评论,但由于答案可能只是对一项我一无所知的技术的瞎猜(除了简单的一行描述),这似乎是个坏主意。。。
SQL> SELECT PARAMETER, VALUE FROM V$OPTION WHERE PARAMETER = 'Oracle Database Vault';
PARAMETER
----------------------------------------------------------------
VALUE
----------------------------------------------------------------
Oracle Database Vault
TRUE
SQL> conn avuser
Enter password:
Connected.
SQL> EXEC DVSYS.DBMS_MACADM.DISABLE_DV;
PL/SQL procedure successfully completed.
SQL> conn sys as sysdba
Enter password:
Connected.
SQL> SHUTDOWN IMMEDIATE
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> startup
ORACLE instance started.
SQL> conn sys as sysdba
Enter password:
Connected.
SQL> drop user avuser cascade;
drop user avuser cascade
*
ERROR at line 1:
ORA-01940: cannot drop a user that is currently connected
SQL> SELECT s.sid, s.serial#, s.status, p.spid FROM v$session s, v$process p WHERE s.username = 'AVUSER' AND p.addr(+) = s.paddr;
SID SERIAL# STATUS SPID
---------- ---------- -------- ------------------------
17 48252 INACTIVE 45579
SQL> ALTER SYSTEM KILL SESSION '17,48252';
System altered.
SQL> drop user avuser cascade;
User dropped.