Creating User Accounts
advertisement
Storage Structures & Creating Users IS 475/595 A database within Oracle is a set of related tables. The database INSTANCE is made up of memory (system global area = SGA), background processes, and the components of the database—tables, control files, and redo logs. Remember the 3-tier architecture. Storage As the DBA, you define a tablespace (a logical structure) and associate it with a datafile (a physical/internal structure). You assign users to tablespaces and the tables within those user schemas are stored in the associated datafiles for the assigned tablespaces. The physical datafile is divided into data blocks. (The block size, such as 4K or 8K bytes, depends on the operating system with your DBA account and some database initialization parameters that are set when the database is created.) Managing data storage The CREATE statement below creates a tablespace called DEVELOPERS. This tablespace is assigned a physical storage location through the specified drive\folder\filename. The size of the physical file sets aside that much storage on the hard drive. The storage parameters allow the storage area to grow within certain constraints. For example, there is an AUTOEXTEND option but that means the tablespace can grow beyond the storage capacity of the physical storage area. Use your DBA account name in place of "DEVELOPERS". Modify the drive letter and folder name, as appropriate, for the database server operating system. Complete these steps for in the “dba” database server. Change the example below to the appropriate drive letter and folder. Get this information from the instructor. It may change from semester to semester. 1. Create a tablespace. 533569029 - 1 WINDOWS OS example: create tablespace DEVELOPERS datafile 'd:\bcs475\DEVELOPERS_01.ora' size 5m default storage (initial 100k next 100k pctincrease 5); LINUX example: create tablespace DEVELOPERS datafile '/opt/app/bcis475/DEVELOPERS_01.ora' size 5m default storage (initial 100k next 100k pctincrease 5); 2. You can increase the storage area for a tablespace by attaching another database file to it. Add a second file to your tablespace. WINDOWS OS example: alter tablespace DEVELOPERS add datafile 'd:\oracle_data\users\bcis475\DEVELOPERS_02.ora' size 5M; LINUX example: alter tablespace DEVELOPERS add datafile '/opt/app/bcis475/DEVELOPERS_02.ora' size 5M; 3. You can take a tablespace offline. You might do this while backing it up to make sure no one tries to write to the tablespace during backup. Use the 'normal' setting to ensure all data in memory buffers is written to the datafiles before taking the tablespace offline. alter tablespace developers offline normal; alter tablespace developers online; NOTE: You can drop a tablespace but don't do so for this exercise. drop tablespace <tablespace name> including contents and datafiles cascade constraints; Creating User Accounts When user accounts are created they must be assigned to a particular tablespace. They should also have the appropriate rights assigned so the account can be used. Rights can be assigned individually to each user account or they can be assigned through roles which allow you to manage several users at once. Through a ROLE you can give rights to a group of individual accounts that have that role. The rights assigned can be for system privileges, such as having the right to create tables or views, or for object privileges, such as being able to see someone else’s table (able to use SELECT for that table). Below is the syntax for creating a role. Create role <rolename>; Assigning a PROFILE to a user allows certain settings related to the use of database resources to be managed. Some of the things you can control through a PROFILE are: the # of simultaneous sessions a user can have, how long a session can last, how long a session can be idle before closing it. Below is the syntax for creating a profile and setting limits on resources. Create profile <profilename> limit <resource_parameter> <limit> 533569029 - 2 <resource_parameter> <limit> …; 1. The SQL statements below assume the tablespaces have already been created. Note: Oracle usernames and passwords must start with a letter, not a number. The first statement creates a user, assigns a password, and assigns the new user to a tablespace. When users are assigned a tablespace, the data they enter into tables are stored in the physical file on the local drive which is assigned to that tablespace. The use of storage this tablespace can be restricted by setting a quota that limits the amount of space an individual account can use. CREATE USER NewUser IDENTIFIED BY NewUser DEFAULT TABLESPACE developers PROFILE DEFAULT QUOTA 2 M ON developers ACCOUNT UNLOCK; a. Create a user account and assign tablespaces to it. Replace the "NewUser" text with a user with your last name. From now on you will need to distinguish between your “DBA” account and your “regular” user account. Sometimes you’ll logon as a DBA. Other times, you’ll logon as a regular user. b. Create another account with your last name + my initials. Example: smithjk Do NOT use this account yourself. It is created for me to use. 2. As mentioned above, a ROLE is used to apply several GRANTs through one statement. You can create a role to assign rights to manipulate specific database objects within a schema, i.e. object privileges. For example, the I might create a bcis475 role and assign it to anyone in the BCIS 475 class. a. The CONNECT role is a standard ORACLE role which exists whenever the Oracle database software is installed. The CONNECT role has the right to create a session (connect to the database server) and to create views, tables, sequences, and other rights. Grant the CONNECT role to your new accounts. Below is an example command. GRANT CONNECT TO NewUser; b. The RESOURCE role is also a standard ORACLE role. It allows the user to create procedures, triggers, as well as tables, views, etc. Grant the role to your new accounts. Below is an example command. GRANT RESOURCE TO NewUser; NOTE: The following grants have been assigned to the user through the CONNECT and RESOURCE roles but the individual commands are shown here as examples of granting rights directly to a user. GRANT CREATE SEQUENCE TO NewUser; GRANT CREATE VIEW TO NewUser; GRANT CREATE PROCEDURE TO NewUser; GRANT CREATE SYNONYM TO NewUser; GRANT CREATE TABLE TO NewUser; 533569029 - 3 3. Log in to the account you created for yourself as a regular user. Run the University scripts to create tables and insert data (either the original script or the Chapter 10 revised script is OK). What to turn in: /* Log on the database in SQL Developer using your DBA account on the “dba” server. Read through the code below. In some places you’ll need to edit the code to fit the names of your tablesapce, your user account, etc. Look for angle brackets <>. Copy/paste the code below into the SQL Worksheet then use script mode to run the commands. Include the PROMPT statements! Simply copy/paste all the code below. */ PROMPT Show who you are, which database you’re connected to and when. PROMPT ********************** show user; select property_name, property_value from database_properties where property_Name = 'GLOBAL_DB_NAME'; select sysdate from dual; PROMPT View the tablespaces PROMPT ********************** select tablespace_name, status from dba_tablespaces; PROMPT Modify the above SELECT statement and limit the output to only your tablespace. PROMPT ********************** Select tablespace_name, status from dba_tablespaces where tablespace_name = '<YOUR TABLESPACE>'; PROMPT View the data files for your tablespace. PROMPT ********************** select file_name from dba_data_files where tablespace_name = '<YOUR TABLESPACE>'; PROMPT Show user information for the accounts you created. Repeat the code to show both accounts. PROMPT ********************** select username, account_status, default_tablespace, profile, created from dba_users where username = 'JKREIE'; PROMPT Display information about EACH user’s roles using the following command. PROMPT ********************** select * from dba_role_privs where grantee = '<useraccount>'; PROMPT Show that your regular user account has the university tables. PROMPT ********************** Select table_name from all_tables Where owner = '<YOUR USER ACCOUNT>'; 533569029 - 4 Save the output to a text file and submit it online. 533569029 - 5 FYI: This is more detailed information about storage, in case you’re interested. It won’t be covered in an exam. Within a tablespace, a segment is associated with one schema object, such as a table or a view. The segment consists of one or more extents. An extent is a group of contiguous data blocks. When more storage area is needed for schema object, an extent is added to that object’s segment. The actual data stored in the datafile may have a set of data blocks (extents) storing records for the STUDENTS table, followed by a set of data blocks (extents) holding COURSES information, followed by another set of data blocks (extent) holding more data for the STUDENTS table. An Oracle data object, such as a table, is allocated a data segment for data storage. Each data segment is made up of extents. An extent is a set of contiguous data blocks. A data block is a specific physical storage area on a disk. When an extent is nearly filled another extent will be assigned to the segment (unless a storage quota has been set and met). For example, the MOVIE table’s data is stored in its own data segment which consists of one or more extents made up of contiguous data blocks. 533569029 - 6
