patternMajor
Duplicate an Oracle database user
Viewed 0 times
databaseduplicateoracleuser
Problem
We'll be having external auditors coming over to perform a review on our Oracle database. They will be running a tool to perform the review and for that, they require a user ID that can connect to the database and grab information from it.
We have an existing user in the database for this. However, it is a production ID and we cannot afford to have it locked out. We would like to clone / duplicate this ID including its roles and rights.
Is there a way we can do so in Oracle?
We have an existing user in the database for this. However, it is a production ID and we cannot afford to have it locked out. We would like to clone / duplicate this ID including its roles and rights.
Is there a way we can do so in Oracle?
Solution
User creation:
Default role:
System grants:
Object grants:
Role grants:
Quotas:
If any of the above have no output, you'll get an exception that looks something like this:
Then do a search and replace on the output to change the username.
select dbms_metadata.get_ddl( 'USER', 'PHIL' ) from dual;Default role:
select dbms_metadata.get_granted_ddl( 'DEFAULT_ROLE', 'PHIL' ) from dual;System grants:
select dbms_metadata.get_granted_ddl( 'SYSTEM_GRANT', 'PHIL' ) from dual;Object grants:
select dbms_metadata.get_granted_ddl( 'OBJECT_GRANT', 'PHIL' ) from dual;Role grants:
select dbms_metadata.get_granted_ddl( 'ROLE_GRANT', 'PHIL' ) from dual;Quotas:
select dbms_metadata.get_granted_ddl( 'TABLESPACE_QUOTA', 'PHIL' ) from dual;If any of the above have no output, you'll get an exception that looks something like this:
SQL> select dbms_metadata.get_granted_ddl( 'TABLESPACE_QUOTA', 'PHIL' ) from dual;
ERROR:
ORA-31608: specified object of type TABLESPACE_QUOTA not found
ORA-06512: at "SYS.DBMS_METADATA", line 4018
ORA-06512: at "SYS.DBMS_METADATA", line 5991
ORA-06512: at line 1
no rows selected
SQL>Then do a search and replace on the output to change the username.
Code Snippets
select dbms_metadata.get_ddl( 'USER', 'PHIL' ) from dual;select dbms_metadata.get_granted_ddl( 'DEFAULT_ROLE', 'PHIL' ) from dual;select dbms_metadata.get_granted_ddl( 'SYSTEM_GRANT', 'PHIL' ) from dual;select dbms_metadata.get_granted_ddl( 'OBJECT_GRANT', 'PHIL' ) from dual;select dbms_metadata.get_granted_ddl( 'ROLE_GRANT', 'PHIL' ) from dual;Context
StackExchange Database Administrators Q#30337, answer score: 23
Revisions (0)
No revisions yet.