Wednesday, 5 February 2014

DB User Creation



CREATE USER
Simple way to create user:-
Syntax:
CREATE USER <User Name> IDENTIFIED BY <'Password'>

If you don't want to create give password then follow below syntax.
CREATE USER <User Name>

 Example:
CREATE USER sample_user IDENTIFIED BY 'Password';

See also:

Actual way to create user:-
Adds a name to the list of authorized database users.
Syntax
CREATE USER name
... [ ACCOUNT {LOCK | UNLOCK} ]
... [ IDENTIFIED BY 'password' ]
... [ PASSWORD EXPIRE ]
... [ MEMORYCAP {'memory-limit' | NONE} ]
... [ PROFILE {profile | DEFAULT} ]
... [ RESOURCE POOL pool-name ]
... [ RUNTIMECAP {'time-limit' | NONE} ]
... [ TEMPSPACECAP {'space-limit' | NONE} ] 


Parameters:
  •  name: Specifies the name of the user to create; names that contain special characters must be double-quoted.
  • LOCK | UNLOCK:  Specifying LOCK prevents the user from logging in. Specifying UNLOCK unlocks the account, allowing the user to log in
  •  password:  If this parameter is omitted, then it will not ask for the password, while the time connecting to the data base using this user. 
  •  PASSWORD EXPIRE: The user will be forced to change the password when he or she next logs in.
  • memory-limit: Limits the amount of memory that the user's requests can use. This value is a number representing the amount of space, followed by a unit (for example, '10G'). The unit can be one of the following:
    • % percentage of total memory available to the Resource Manager. (In this case value for the size must be 0-100)
    • K Kilobytes
    • M Megabytes
    • G Gigabytes
    • T Terabytes
Note: Setting this value to NONE means the user's sessions have no limits on memory use. This is the default value.
  • profile | DEFAULT :  Profiles set the user's password policy.Using the value DEFAULT here assigns the user to the default profile. If this parameter is omitted, the user is assigned to the default profile.
  •  pool-name: Sets the name of the resource pool from which to request the user's resources. This command creates a usage grant for the user on the resource pool unless the resource pool is publicly usable. 
  • time-limit: Sets the maximum amount of time any of the user's queries can execute. time-limit is an interval, such as '1 minute' or '100 seconds'. The maximum duration allowed is one year. Setting this value to NONE means there is no time limit on the user's queries.
  • space-limit: Limits the amount of temporary file storage the user's requests can use. This parameter's value has the same format as the MEMORYCAP value.

Notes:-
  • Only a superuser can create a user.
  • User names created with double-quotes are case sensitive. For example:
    => CREATE USER "FrEd1";
    In the above example, the login name must be an exact match. If the user name was created without double-quotes (for example, FRED1), then the user can log in as FRED1, FrEd1, fred1, and so on.
    • ALTER USER and DROP USER are case-insensitive.
  • Newly-created users do not have access to schema PUBLIC by default. Make sure to GRANT USAGE ON SCHEMA PUBLIC to all users you create.
  • You can change a user password by using the ALTER USER statement. If you want to configure a user to not have any password authentication, you can set the empty password ‘’ in CREATE or ALTER USER statements, or omit the IDENTIFIED BY parameter in CREATE USER.
  • By default, users have the right to create temporary tables in the database.

No comments:

Post a Comment