Scribd Logo
Cargar

¡Te damos la bienvenida a Scribd!

  • 05 Oracle Profiles

    Cargado por

    Istakhar Rajib
    83 vistas5 páginas
    m

    Derechos de autor

    © © All Rights Reserved

    Formatos disponibles

    DOCX, PDF, TXT o lea en línea desde Scribd

    ¿Le pareció útil este documento?

    ¿Este contenido es inapropiado?

    Denunciar este documento
    m

    Copyright:

    © All Rights Reserved
    Descargue como DOCX, PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    83 vistas5 páginas

    05 Oracle Profiles

    Cargado por

    Istakhar Rajib
    m

    Copyright:

    © All Rights Reserved
    Descargue como DOCX, PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    de 5

    Oracle PROFILES

    http://psoug.org/reference/profiles.html

    General
    Dependencies

    System Privileges

    RESOURCE_LIMIT=TRUE is required for


    resource limiting portions of the profile.
    Password limiting functionality is not
    affected by this parameter.

    profile$
    profname$
    dba_profiles
    alter profile
    create profile
    drop profile
    resource_limit = TRUE
    set linesize 121
    col name format a30
    col value format a30
    SELECT name, value
    FROM gv$parameter
    WHERE name = 'resource_limit';
    ALTER SYSTEM SET resource_limit=TRUE
    SCOPE=BOTH;
    SELECT name, value
    FROM gv$parameter
    WHERE name = 'resource_limit';

    Kernel Resources

    COMPOSITE_LIMIT

    Maximum weighted sum of: CPU_PER_SESSION,


    CONNECT_TIME,
    LOGICAL_READS_PER_SESSION, and PRIVATE_SGA. If this
    limit is exceeded, Oracle aborts the session and returns
    an error.
    composite_limit <value | UNLIMITED | DEFAULT>
    ALTER PROFILE developer LIMIT composite_limit
    5000000;
    Allowable connect time per session in minutes

    CONNECT_TIME

    CPU_PER_CALL
    CPU_PER_SESSION

    connect_time <value | UNLIMITED | DEFAULT>


    ALTER PROFILE developer LIMIT connect_time 600;
    Maximum CPU time per call (100ths of a second)
    cpu_per_call <value | UNLIMITED | DEFAULT>
    ALTER PROFILE developer LIMIT cpu_per_call 3000;
    Maximum CPU time per session (100ths of a second)
    cpu_per_session <value | UNLIMITED | DEFAULT>

    ALTER PROFILE developer LIMIT cpu_per_session


    UNLIMITED;
    Allowed idle time before user is disconnected (minutes)
    IDLE_TIME

    idle_time <value | UNLIMITED | DEFAULT>


    ALTER PROFILE developer LIMIT idle_time 20;
    Maximum number of database blocks read per call

    LOGICAL_READS_PER_
    CALL

    logical_reads_per_call <value | UNLIMITED |


    DEFAULT>
    ALTER PROFILE developer LIMIT logical_reads_per_call
    1000;
    Maximum number of database blocks read per session

    LOGICAL_READS_PER_
    SESSION

    logical_reads_per_session <value | UNLIMITED |


    DEFAULT>
    ALTER PROFILE developer LIMIT
    logical_reads_per_session UNLIMITED;
    Maximum integer bytes of private space in the SGA
    (useful for systems using multi-threaded server MTS)

    PRIVATE_SGA

    private_sga <value | UNLIMITED | DEFAULT>


    Only valid with TP-monitor
    ALTER PROFILE developer LIMIT private_sga 15K;
    Number of concurrent multiple sessions allowed per user

    SESSIONS_PER_USER

    sessions_per_user <value | UNLIMITED | DEFAULT>


    ALTER PROFILE developer LIMIT sessions_per_user 1;

    Password Resources
    The number of failed attempts to log in to the user
    account before the account is locked

    FAILED_LOGIN_ATTEMP
    TS

    PASSWORD_GRACE_TI
    ME

    failed_login_attempts <value | UNLIMITED |


    DEFAULT>
    ALTER PROFILE developer LIMIT failed_login_attempts
    3;
    -- to count failed log in attempts:
    SELECT name, lcount
    FROM user$
    WHERE lcount <> 0;
    The number of days after the grace period begins during
    which a warning is issued and login is allowed. If the
    password is not changed during the grace period, the

    password expires
    password_gracetime <value | UNLIMITED |
    DEFAULT>
    ALTER PROFILE developer LIMIT password_grace_time
    10;
    The number of days the same password can be used for
    authentication
    PASSWORD_LIFE_TIME

    PASSWORD_LOCK_TIM
    E

    PASSWORD_REUSE_MAX

    PASSWORD_REUSE_TIME

    password_life_time <value | UNLIMITED |


    DEFAULT>
    ALTER PROFILE developer LIMIT password_life_time
    60;
    the number of days an account will be locked after the
    specified number of consecutive failed login attempts
    defined by FAILED_LOGIN_ATTEMPTS
    password_lock_time <value | UNLIMITED |
    DEFAULT>
    ALTER PROFILE developer LIMIT password_lock_time
    30;
    The number of times a password must be
    changed before it can be reused
    password_reuse_max <value | UNLIMITED |
    DEFAULT>
    ALTER PROFILE developer LIMIT
    password_reuse_max 0;
    The number of days between reuses of a
    password
    password_reuse_time <value | UNLIMITED |
    DEFAULT>
    ALTER PROFILE developer LIMIT
    password_reuse_time 0;

    Password Verification
    Sample script for
    creating a password
    verify function

    {ORACLE_HOME}/rdbms/admin/utlpwdmg.sql

    Verify passwords for length, content, and complexity


    PASSWORD_VERIFY_FU
    NCTION

    password_verify_function <function_name | NULL


    | DEFAULT>
    ALTER PROFILE developer LIMIT
    password_verify_function uw_pwd_verification;

    Changing passwords
    with a password verify
    function

    The function requires the old and new passwords so


    password changes can not be done with ALTER USER.
    Password changes should be performed with the
    SQL*Plus PASSWORD command or through a stored
    procedure that requires the correct inputs.

    Create Profiles
    List things that can be
    limited in a profile

    Create profile

    SELECT DISTINCT resource_name, limit


    FROM dba_profiles
    ORDER BY resource_name;
    CREATE PROFILE <profile_name> LIMIT
    <profile_item_name> <value>
    <profile_item_name> <value>
    ....;
    CREATE PROFILE developer LIMIT
    PASSWORD_LIFE_TIME 60
    PASSWORD_GRACE_TIME 10
    PASSWORD_REUSE_TIME 0
    PASSWORD_REUSE_MAX 0
    FAILED_LOGIN_ATTEMPTS 4
    PASSWORD_LOCK_TIME 2
    CPU_PER_CALL 3000
    PRIVATE_SGA 500K
    LOGICAL_READS_PER_CALL 1000;

    Alter Profile
    Alter profile syntax

    ALTER PROFILE <profile_name> LIMIT


    <profile_item_name> <value>;
    ALTER PROFILE developer LIMIT
    FAILED_LOGIN_ATTEMPTS 3;

    Assign Profile

    Assign During User


    Creation

    Assign Profile After


    User Creation

    CREATE USER <user_name>


    IDENTIFIED BY <password>
    PROFILE <profile_name>;
    CREATE USER uwclass
    IDENTIFIED BY "N0Way!"
    DEFAULT TABLESPACE uwdata
    TEMPORARY TABLESPACE temp
    QUOTA 0 ON SYSTEM
    QUOTA 0 ON SYSAUX
    QUOTA UNLIMITED ON uwdata
    QUOTA 10M ON indx_sml
    PROFILE developer;
    ALTER USER <user_name>
    PROFILE <profile_name>;

    ALTER USER uwclass PROFILE developer;

    Drop Profile
    Drop Profile without
    Users
    Drop Profile with
    Users

    DROP
    DROP
    DROP
    DROP

    PROFILE
    PROFILE
    PROFILE
    PROFILE

    <profile_name>
    developer;
    <profile_name> CASCADE;
    developer CASCADE;

    También podría gustarte