Scribd Logo
Upload

Welcome to Scribd!

  • Resumen Perfiles Oracle

    Uploaded by

    Jose Lizana
    34 views4 pages
    Documento de resumen de perfiles en Oracle database

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Documento de resumen de perfiles en Oracle database

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    34 views4 pages

    Resumen Perfiles Oracle

    Uploaded by

    Jose Lizana
    Documento de resumen de perfiles en Oracle database

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    General

    Dependencies
    System Privileges

    profile$

    profname$

    dba_profiles

    alter profile
    create profile
    drop profile
    resource_limit = TRUE

    RESOURCE_LIMIT=TRUE is
    required for resource limiting
    portions of the profile. Password
    limiting functionality is not affected
    by this parameter.

    set linesize 121


    col name format a30
    col value format a30
    SELECT name, value
    FROM gv$parameter
    WHERE name = 'resource_limit';
    ALTER SYSTEM SET resource_limit=TRUE
    SCOPE=BOTH;
    SELECT name, value
    FROM gv$parameter
    WHERE name = 'resource_limit';

    Kernel Resources

    COMPOSITE_LIMIT

    Maximum weighted sum of: CPU_PER_SESSION,


    CONNECT_TIME,
    LOGICAL_READS_PER_SESSION, and PRIVATE_SGA. If
    this limit is exceeded, Oracle aborts the session and returns
    an error.
    composite_limit <value | UNLIMITED | DEFAULT>
    ALTER PROFILE developer LIMIT composite_limit
    5000000;
    Allowable connect time per session in minutes

    CONNECT_TIME

    connect_time <value | UNLIMITED | DEFAULT>


    ALTER PROFILE developer LIMIT connect_time 600;
    Maximum CPU time per call (100ths of a second)

    CPU_PER_CALL

    cpu_per_call <value | UNLIMITED | DEFAULT>


    ALTER PROFILE developer LIMIT cpu_per_call 3000;
    Maximum CPU time per session (100ths of a second)

    CPU_PER_SESSION

    cpu_per_session <value | UNLIMITED | DEFAULT>


    ALTER PROFILE developer LIMIT cpu_per_session
    UNLIMITED;
    Allowed idle time before user is disconnected (minutes)

    IDLE_TIME

    idle_time <value | UNLIMITED | DEFAULT>


    ALTER PROFILE developer LIMIT idle_time 20;

    Maximum number of database blocks read per call


    LOGICAL_READS_PER_CALL

    logical_reads_per_call <value | UNLIMITED | DEFAULT>


    ALTER PROFILE developer LIMIT logical_reads_per_call
    1000;
    Maximum number of database blocks read per session

    logical_reads_per_session <value | UNLIMITED |


    LOGICAL_READS_PER_SESSION DEFAULT>
    ALTER PROFILE developer LIMIT
    logical_reads_per_session UNLIMITED;
    Maximum integer bytes of private space in the SGA
    (useful for systems using multi-threaded server MTS)
    PRIVATE_SGA

    private_sga <value | UNLIMITED | DEFAULT>


    Only valid with TP-monitor
    ALTER PROFILE developer LIMIT private_sga 15K;
    Number of concurrent multiple sessions allowed per user

    SESSIONS_PER_USER

    sessions_per_user <value | UNLIMITED | DEFAULT>


    ALTER PROFILE developer LIMIT sessions_per_user 1;

    Password Resources
    The number of failed attempts to log in to the user account
    before the account is locked
    failed_login_attempts <value | UNLIMITED | DEFAULT>
    FAILED_LOGIN_ATTEMPTS

    ALTER PROFILE developer LIMIT failed_login_attempts 3;


    -- to count failed log in attempts:
    SELECT name, lcount
    FROM user$
    WHERE lcount <> 0;

    PASSWORD_GRACE_TIME

    The number of days after the grace period begins during


    which a warning is issued and login is allowed. If the
    password is not changed during the grace period, the
    password expires
    password_gracetime <value | UNLIMITED | DEFAULT>
    ALTER PROFILE developer LIMIT password_grace_time
    10;
    The number of days the same password can be used for
    authentication

    PASSWORD_LIFE_TIME

    password_life_time <value | UNLIMITED | DEFAULT>


    ALTER PROFILE developer LIMIT password_life_time 60;

    PASSWORD_LOCK_TIME

    the number of days an account will be locked after the


    specified number of consecutive failed login attempts
    defined by FAILED_LOGIN_ATTEMPTS
    password_lock_time <value | UNLIMITED | DEFAULT>
    ALTER PROFILE developer LIMIT password_lock_time 30;
    The number of times a password must be changed before it
    can be reused

    PASSWORD_REUSE_MAX

    password_reuse_max <value | UNLIMITED | DEFAULT>


    ALTER PROFILE developer LIMIT password_reuse_max 0;
    The number of days between reuses of a password

    PASSWORD_REUSE_TIME

    password_reuse_time <value | UNLIMITED | DEFAULT>


    ALTER PROFILE developer LIMIT password_reuse_time 0;

    Password Verification
    Sample script for creating a
    password verify function

    {ORACLE_HOME}/rdbms/admin/utlpwdmg.sql
    Verify passwords for length, content, and complexity

    password_verify_function <function_name | NULL |


    PASSWORD_VERIFY_FUNCTION DEFAULT>
    ALTER PROFILE developer LIMIT
    password_verify_function uw_pwd_verification;
    Changing passwords with a
    password verify function

    The function requires the old and new passwords so


    password changes can not be done with ALTER USER.
    Password changes should be performed with the SQL*Plus
    PASSWORD command or through a stored procedure that
    requires the correct inputs.

    Create Profiles
    List things that can be limited in a
    profile
    Create profile

    SELECT DISTINCT resource_name, limit


    FROM dba_profiles
    ORDER BY resource_name;
    CREATE PROFILE <profile_name> LIMIT
    <profile_item_name> <value>
    <profile_item_name> <value>
    ....;
    CREATE PROFILE developer LIMIT
    PASSWORD_LIFE_TIME 60
    PASSWORD_GRACE_TIME 10
    PASSWORD_REUSE_TIME 0
    PASSWORD_REUSE_MAX 0
    FAILED_LOGIN_ATTEMPTS 4
    PASSWORD_LOCK_TIME 2
    CPU_PER_CALL 3000
    PRIVATE_SGA 500K
    LOGICAL_READS_PER_CALL 1000;

    Alter Profile

    Alter profile syntax

    ALTER PROFILE <profile_name> LIMIT


    <profile_item_name> <value>;
    ALTER PROFILE developer LIMIT
    FAILED_LOGIN_ATTEMPTS 3;

    Assign Profile
    Assign During User Creation

    CREATE USER <user_name>


    IDENTIFIED BY <password>
    PROFILE <profile_name>;
    CREATE USER uwclass
    IDENTIFIED BY "N0Way!"
    DEFAULT TABLESPACE uwdata
    TEMPORARY TABLESPACE temp
    QUOTA 0 ON SYSTEM
    QUOTA 0 ON SYSAUX
    QUOTA UNLIMITED ON uwdata
    QUOTA 10M ON indx_sml
    PROFILE developer;

    Assign Profile After User Creation

    ALTER USER <user_name>


    PROFILE <profile_name>;
    ALTER USER uwclass PROFILE developer;

    Drop Profile
    Drop Profile without Users
    Drop Profile with Users

    DROP PROFILE <profile_name>


    DROP PROFILE developer;
    DROP PROFILE <profile_name> CASCADE
    DROP PROFILE developer CASCADE;

    You might also like