Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

CREATE USER ?!

Status
Not open for further replies.
fmsousa

fmsousa

IS-IT--Management
Nov 24, 2000
28
PT
Hi,

In a form, i have a button that would create a new user. this button has got the following code:

create_user :)user_name, :user_password, :user_database);
...
...

in this procedure i put the following code to create the new user:

CREATE OR REPLACE PROCEDURE CREATE_USER (user_name IN VARCHAR2, user_pass IN VARCHAR2, user_db IN VARCHAR2)
IS

V_CURSORID INTEGER;
V_NUMROWS INTEGER;
V_TRIGSTRING VARCHAR2(100);

BEGIN

V_CURSORID := DBMS_SQL.OPEN_CURSOR;
V_TRIGSTRING := 'CREATE USER' || user_name || 'IDENTIFIED BY ' || user_pass || ';';

DBMS_SQL.PARSE(V_CURSORID, V_TRIGSTRING, DBMS_SQL.NATIVE);
--DBMS_SQL.PARSE(V_CURSORID, V_TRIGSTRING, DBMS_SQL.NATIVE);
DBMS_SQL.CLOSE_CURSOR(V_CURSORID);
END;


But i haven´t got any results!
It brings to me this error:

ERROR at line 1:
ORA-01031: insufficient privileges
ORA-06512: at "SYS.DBMS_SYS_SQL", line 782
ORA-06512: at "SYS.DBMS_SQL", line 32
ORA-06512: at "create_user", line 16
ORA-06512: at line 1

How can i do this?
Thanks in advance. :)
 
Sort by date Sort by votes
Who are you logged in as (apparently not SYS!), and how did you get your privileges on DBMS_SQL? I believe you have to have the privileges granted explicitly to your account, not to a role that you have been granted.

Log in as SYS and grant execute on DBMS_SQL to the account you are using. You may also have to explicitly GRANT CREATE USER to your account. Alternatively, compile the code as SYS.
 
Upvote 0 Downvote
Normal Oracle installation gives you access to DBMS_SQL, so I suspect the problem is with the CREATE USER itself. Stand-alone procedures like yours execute using the privs of the user executing it, so you would have to give CREATE USER privs to everyone who might use it. :-(

Consider a package...
By default, packages (and the procedures in them) are executed using the rights of the package owner, not the person running it. This means that an account with DBA privs like SYS, SYSTEM, etc could own your package, but users can execute it (and whatever it does) as long as they have EXECUTE privs on the package. I wrote a package this way, and let the developers change user's passwords and kill sessions in the test database. By using a package owned by SYS, I only had to give them execute access to the package (not ALTER USER or ALTER SYSTEM as I normally would). I included safeguards in the procedure to prevent them from messing with non-user accounts as an added safeguard. I think an approach like this would work for you.

You can create a package and have it executed as the person running it, by specifying AUTHID CURRENT_USER when you create it (see SQL manual).

Hope this helps,
Rich Tefft ____________________________
Rich Tefft
PL/SQL Programmer
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Livia8
  • Locked
  • Question
How to forcibly logout users 2
Replies
17
Views
1K
carp
carp
lella2015
  • Locked
  • Question
Understanding Parallel hints on Tables and parallels in Create table as well.
Replies
0
Views
83
lella2015
lella2015
estersita
  • Locked
  • Question
Trying to create a new filed on the flue based on the existing one
Replies
1
Views
92
Beilstwh
Beilstwh
tekpr00
  • Locked
  • Question
Alter User sys Error in Oracle 10 , but worked in Oracle 11 1
Replies
1
Views
132
tekpr00
tekpr00
rk68
  • Locked
  • Question
giving user rights to access another schema
Replies
2
Views
117
LKBrwnDBA
LKBrwnDBA

Part and Inventory Search

Sponsor

Back
Top