Creating User Accounts

advertisement
Storage Structures & Creating Users
IS 475/595
A database within Oracle is a set of related tables. The database INSTANCE is made up of memory (system
global area = SGA), background processes, and the components of the database—tables, control files, and
redo logs. Remember the 3-tier architecture.
Storage
As the DBA, you define a tablespace (a logical structure) and associate it with a datafile (a physical/internal
structure). You assign users to tablespaces and the tables within those user schemas are stored in the
associated datafiles for the assigned tablespaces. The physical datafile is divided into data blocks. (The block
size, such as 4K or 8K bytes, depends on the operating system with your DBA account and some database
initialization parameters that are set when the database is created.)
Managing data storage
The CREATE statement below creates a tablespace called DEVELOPERS. This tablespace is assigned a
physical storage location through the specified drive\folder\filename. The size of the physical file sets aside that
much storage on the hard drive. The storage parameters allow the storage area to grow within certain
constraints. For example, there is an AUTOEXTEND option but that means the tablespace can grow beyond
the storage capacity of the physical storage area.
Use your DBA account name in place of "DEVELOPERS". Modify the drive letter and folder name, as
appropriate, for the database server operating system.
Complete these steps for in the “dba” database server. Change the example below to the appropriate drive letter
and folder. Get this information from the instructor. It may change from semester to semester.
1. Create a tablespace.
533569029 - 1
WINDOWS OS example:
create tablespace DEVELOPERS
datafile 'd:\bcs475\DEVELOPERS_01.ora'
size 5m default storage (initial 100k next 100k pctincrease 5);
LINUX example:
create tablespace DEVELOPERS
datafile '/opt/app/bcis475/DEVELOPERS_01.ora'
size 5m default storage (initial 100k next 100k pctincrease 5);
2. You can increase the storage area for a tablespace by attaching another database file to it. Add a second
file to your tablespace.
WINDOWS OS example:
alter tablespace DEVELOPERS
add datafile 'd:\oracle_data\users\bcis475\DEVELOPERS_02.ora' size 5M;
LINUX example:
alter tablespace DEVELOPERS
add datafile '/opt/app/bcis475/DEVELOPERS_02.ora' size 5M;
3. You can take a tablespace offline. You might do this while backing it up to make sure no one tries to write
to the tablespace during backup. Use the 'normal' setting to ensure all data in memory buffers is written to
the datafiles before taking the tablespace offline.
alter tablespace developers offline normal;
alter tablespace developers online;
NOTE: You can drop a tablespace but don't do so for this exercise.
drop tablespace <tablespace name>
including contents
and datafiles
cascade constraints;
Creating User Accounts
When user accounts are created they must be assigned to a particular tablespace. They should also have the
appropriate rights assigned so the account can be used. Rights can be assigned individually to each user
account or they can be assigned through roles which allow you to manage several users at once. Through a
ROLE you can give rights to a group of individual accounts that have that role. The rights assigned can be for
system privileges, such as having the right to create tables or views, or for object privileges, such as being able
to see someone else’s table (able to use SELECT for that table). Below is the syntax for creating a role.
Create role <rolename>;
Assigning a PROFILE to a user allows certain settings related to the use of database resources to be managed.
Some of the things you can control through a PROFILE are:
 the # of simultaneous sessions a user can have,
 how long a session can last,
 how long a session can be idle before closing it.
Below is the syntax for creating a profile and setting limits on resources.
Create profile <profilename> limit
<resource_parameter> <limit>
533569029 - 2
<resource_parameter> <limit>
…;
1. The SQL statements below assume the tablespaces have already been created.
Note: Oracle usernames and passwords must start with a letter, not a number.
The first statement creates a user, assigns a password, and assigns the new user to a tablespace. When
users are assigned a tablespace, the data they enter into tables are stored in the physical file on the local
drive which is assigned to that tablespace. The use of storage this tablespace can be restricted by setting a
quota that limits the amount of space an individual account can use.
CREATE USER NewUser
IDENTIFIED BY NewUser
DEFAULT TABLESPACE developers
PROFILE DEFAULT
QUOTA 2 M ON developers
ACCOUNT UNLOCK;
a. Create a user account and assign tablespaces to it. Replace the "NewUser" text with a user with your
last name. From now on you will need to distinguish between your “DBA” account and your “regular” user
account. Sometimes you’ll logon as a DBA. Other times, you’ll logon as a regular user.
b. Create another account with your last name + my initials. Example: smithjk
Do NOT use this account yourself. It is created for me to use.
2. As mentioned above, a ROLE is used to apply several GRANTs through one statement. You can create a
role to assign rights to manipulate specific database objects within a schema, i.e. object privileges. For
example, the I might create a bcis475 role and assign it to anyone in the BCIS 475 class.
a. The CONNECT role is a standard ORACLE role which exists whenever the Oracle database software is
installed. The CONNECT role has the right to create a session (connect to the database server) and to
create views, tables, sequences, and other rights.
Grant the CONNECT role to your new accounts. Below is an example command.
GRANT CONNECT TO NewUser;
b. The RESOURCE role is also a standard ORACLE role. It allows the user to create procedures, triggers,
as well as tables, views, etc.
Grant the role to your new accounts. Below is an example command.
GRANT RESOURCE TO NewUser;
NOTE: The following grants have been assigned to the user through the CONNECT and RESOURCE
roles but the individual commands are shown here as examples of granting rights directly to a user.
GRANT CREATE SEQUENCE TO NewUser;
GRANT CREATE VIEW TO NewUser;
GRANT CREATE PROCEDURE TO NewUser;
GRANT CREATE SYNONYM TO NewUser;
GRANT CREATE TABLE TO NewUser;
533569029 - 3
3. Log in to the account you created for yourself as a regular user. Run the University scripts to create tables
and insert data (either the original script or the Chapter 10 revised script is OK).
What to turn in:
/*
Log on the database in SQL Developer using your DBA account on the “dba” server.
Read through the code below. In some places you’ll need to edit the code to fit the names of your tablesapce,
your user account, etc. Look for angle brackets <>.
Copy/paste the code below into the SQL Worksheet then use script mode to run the commands. Include the
PROMPT statements! Simply copy/paste all the code below.
*/
PROMPT Show who you are, which database you’re connected to and when.
PROMPT **********************
show user;
select property_name, property_value
from database_properties
where property_Name = 'GLOBAL_DB_NAME';
select sysdate from dual;
PROMPT View the tablespaces
PROMPT **********************
select tablespace_name, status from dba_tablespaces;
PROMPT Modify the above SELECT statement and limit the output to only your tablespace.
PROMPT **********************
Select tablespace_name, status
from dba_tablespaces
where tablespace_name = '<YOUR TABLESPACE>';
PROMPT View the data files for your tablespace.
PROMPT **********************
select file_name
from dba_data_files
where tablespace_name = '<YOUR TABLESPACE>';
PROMPT Show user information for the accounts you created. Repeat the code to show both accounts.
PROMPT **********************
select username, account_status, default_tablespace, profile, created
from dba_users
where username = 'JKREIE';
PROMPT Display information about EACH user’s roles using the following command.
PROMPT **********************
select * from dba_role_privs
where grantee = '<useraccount>';
PROMPT Show that your regular user account has the university tables.
PROMPT **********************
Select table_name from all_tables
Where owner = '<YOUR USER ACCOUNT>';
533569029 - 4
Save the output to a text file and submit it online.
533569029 - 5
FYI: This is more detailed information about storage, in case you’re interested. It won’t be covered in an exam.
Within a tablespace, a segment is associated with one schema object, such as a table or a view. The
segment consists of one or more extents. An extent is a group of contiguous data blocks. When more storage
area is needed for schema object, an extent is added to that object’s segment. The actual data stored in the
datafile may have a set of data blocks (extents) storing records for the STUDENTS table, followed by a set of
data blocks (extents) holding COURSES information, followed by another set of data blocks (extent) holding
more data for the STUDENTS table.
An Oracle data object, such as a table, is allocated a data segment for data storage. Each data segment is
made up of extents. An extent is a set of contiguous data blocks. A data block is a specific physical storage
area on a disk. When an extent is nearly filled another extent will be assigned to the segment (unless a storage
quota has been set and met). For example, the MOVIE table’s data is stored in its own data segment which
consists of one or more extents made up of contiguous data blocks.
533569029 - 6
Download