I want our server to prompt for a password when someone other than a member of the DBA group attempts a connect internal. How do I password protect internal? Alter user?
Instead of INTERNAL, it is probably best if you create an account for each of these people who will be doing privileged operations, such as shutdown the database. There are two main reasons here. One, you can control security better. This gives you the ability to do independent audits of each account if you wish. And there is no "group" password that needs to be shared which must be changed when someone leaves your group. Two, INTERNAL is no longer available in Oracle 9i. So if you engineer a solution now, you'll have to re-engineer a solution when you upgrade to 9i.
Instead, create individual accounts for these people. They will have their own passwords. Then set REMOTE_LOGIN_PASSWORDFILE=EXCLUSIVE in your INIT.ORA. Then create a password file with the ORADIM utility. Then bounce the database. Now sign on as INTERNAL or an account with SYSDBA privileges. To grant the ability to do INTERNAL-type functions to these individual accounts, issue "GRANT sysdba TO the_user;" for each of the users. They will need to sign on to the database 'as sysdba'. For instance:
edcsns18 gast% svrmgrl Oracle Server Manager Release 220.127.116.11.0 - Production Copyright (c) 1997, 1999, Oracle Corporation. All Rights Reserved. Oracle8i Enterprise Edition Release 18.104.22.168.0 - Production With the Partitioning option JServer Release 22.214.171.124.0 - Production SVRMGR> connect my_user as sysdbaThat's all there is to it!
For More Information
- Dozens more answers to tough Oracle questions from Brian Peasland are available.
- The Best Oracle Web Links: tips, tutorials, scripts, and more.
- Have an Oracle or SQL tip to offer your fellow DBAs and developers? The best tips submitted will receive a cool prize. Submit your tip today!
- Ask your technical Oracle and SQL questions -- or help out your peers by answering them -- in our live discussion forums.
- Ask the Experts yourself: Our SQL, database design, Oracle, SQL Server, DB2, metadata, object-oriented and data warehousing gurus are waiting to answer your toughest questions.
Dig Deeper on Oracle database design and architecture
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.