connect as sysdba

[shailendra]

Hi Friends

I have created one user and I have given only the create session PRIVILEGE and there is no other PRIVILEGE. But when I connect to that user as sysdba I am able to connect as well as I can access all the data dictionary. I wanted to know how to restrict this thing.

Please tell me as soon as possible.

Thanks in advance
Shailendra

[aarroyob]

Are you sure? Have you tried to query any dba_ table.

Cheers

Angel

[aarroyob]

Excuse me I haven't read correctl your question. Of course if you can connect as sysdba, then all the catalog is visible for you. Could you post how have you created the user, grants, privilegies ..?

Cheers

Angel

[shailendra]

I am writing the command which I had executed

Create user [user_name] identified by [passowrd] default tablespace [tablespace_name];

grant create session to [user_name];

conn [user_name]/[password] as sysdba;

it is connected and showing all the internal tables.
Now I want to restrict it. How do I?

Thanks
Shailendra

[aarroyob]

Just revoke the sysdba privilege.

Cheers

Angel

[shailendra]

Hi

I have revoke the sysdba privilege from that user but it is still not working, I can see all the tables owned by the system.

I need more suggestion on that
Thanks
Shailendra

[SANJAY_G]

I think you are using OS authentication.
On Unix if you are logging in as osuser who is in dba group, you can connect "as sysdba" using any db user.

Try this..
Logout from OS and login as osuser who is not in dba group.
Then try connecting "as sysdba" for the db user. I am sure you will get insufficient privilege error.

Sanjay

[SANJAY_G]

On NT/2000 the group is ORA_DBA

Sanjay

[ctcyl]

Hi friends..

How we can check in WIN-NT where a Windows NT User who have login and in oracle that login user is in DBA_GROUP...


Thanks

Rajeev