Oracle教程之管理安全和资源（一）--Oracle策略文件

Profile 是口令限制、资源限制的命名集合。建立Oracle数据库时，Oracle会自动建立Default Profile，然后分配各用户，如果没有指定，用户会启用default profile。1、查看口令文件09:07:15 SQL> select username ,profile from dba_users;USERNAME PROFILE------------------------------ ------------------------------MGMT_VIEW DEFAULTSYS DEFAULTSYSTEM DEFAULTDBSNMP MONITORING_PROFILESYSMAN DEFAULTSCOTT DEFAULTOUTLN DEFAULTMDSYS DEFAULTORDSYS DEFAULTEXFSYS DEFAULTDMSYS DEFAULTWMSYS DEFAULTCTXSYS DEFAULTANONYMOUS DEFAULTXDB DEFAULTORDPLUGINS DEFAULTSI_INFORMTN_SCHEMA DEFAULTUSERNAME PROFILE------------------------------ ------------------------------OLAPSYS DEFAULTTSMSYS DEFAULTBI DEFAULTPM DEFAULTMDDATA DEFAULTIX DEFAULTSH DEFAULTDIP DEFAULT2、profile 管理口令的安全09:10:28 SQL> select * from dba_profiles;PROFILE RESOURCE_NAME RESOURCE LIMIT------------------------------ -------------------------------- -------- ----------------------------------------DEFAULT FAILED_LOGIN_ATTEMPTS PASSWORD 10DEFAULT PASSWORD_LIFE_TIME PASSWORD UNLIMITEDDEFAULT PASSWORD_REUSE_TIME PASSWORD UNLIMITEDDEFAULT PASSWORD_REUSE_MAX PASSWORD UNLIMITEDDEFAULT PASSWORD_VERIFY_FUNCTION PASSWORD NULLDEFAULT PASSWORD_LOCK_TIME PASSWORD UNLIMITEDDEFAULT PASSWORD_GRACE_TIME PASSWORD UNLIMITED3、建立新的profile（1）创建profile文件09:19:59 SQL> create profile pass_profile limit09:24:35 2 FAILED_LOGIN_ATTEMPTS 309:24:42 3 PASSWORD_LIFE_TIME 1009:24:48 4 PASSWORD_REUSE_TIME 209:24:52 5 PASSWORD_LOCK_TIME 1/144009:25:27 6 PASSWORD_GRACE_TIME 2;Profile created.（2）将profile应用到用户09:26:18 SQL> create user tom identified by tom profile pass_profile default tablespace users;User created.09:26:46 SQL> select username,profile from dba_users09:26:56 2 where username='TOM';USERNAME PROFILE------------------------------ ------------------------------TOM PASS_PROFILE09:27:44 SQL> select * from dba_profiles where profile='PASS_PROFILE';PROFILE RESOURCE_NAME RESOURCE LIMIT------------------------------ -------------------------------- -------- ----------------------------------------PASS_PROFILE COMPOSITE_LIMIT KERNEL DEFAULTPASS_PROFILE SESSIONS_PER_USER KERNEL DEFAULTPASS_PROFILE CPU_PER_SESSION KERNEL DEFAULTPASS_PROFILE CPU_PER_CALL KERNEL DEFAULTPASS_PROFILE LOGICAL_READS_PER_SESSION KERNEL DEFAULTPASS_PROFILE LOGICAL_READS_PER_CALL KERNEL DEFAULTPASS_PROFILE IDLE_TIME KERNEL DEFAULTPASS_PROFILE CONNECT_TIME KERNEL DEFAULTPASS_PROFILE PRIVATE_SGA KERNEL DEFAULTPASS_PROFILE FAILED_LOGIN_ATTEMPTS PASSWORD 3PASS_PROFILE PASSWORD_LIFE_TIME PASSWORD 10PASS_PROFILE PASSWORD_REUSE_TIME PASSWORD 2PASS_PROFILE PASSWORD_REUSE_MAX PASSWORD DEFAULTPASS_PROFILE PASSWORD_VERIFY_FUNCTION PASSWORD DEFAULTPASS_PROFILE PASSWORD_LOCK_TIME PASSWORD .0006PASS_PROFILE PASSWORD_GRACE_TIME PASSWORD 2验证：09:28:26 SQL> grant create session to tom;Grant succeeded.09:28:32 SQL> conn tom/t123ERROR:ORA-01017: invalid username/password; logon deniedWarning: You are no longer connected to ORACLE.09:28:37 SQL> conn tom/t1234ERROR:ORA-01017: invalid username/password; logon denied09:28:40 SQL> conn tom/t1235ERROR:ORA-01017: invalid username/password; logon denied09:28:44 SQL> conn tom/t1236ERROR:ORA-28000: the account is locked09:28:46 SQL> conn /as sysdbaConnected.09:29:07 SQL> select username ,account_status from dba_users09:29:14 2 where username='TOM';USERNAME ACCOUNT_STATUS------------------------------ --------------------------------TOM LOCKED(TIMED)
更多更全的oracle视频教程请访问：http://crm2.qq.com/page/portalpage/wpa.php?uin=800060152&f=1&ty=1&aty=0&a=&from=6