Specify ACCOUNT LOCK to lock the user's account and disable access. This setting forces the user or the DBA to change the password before the user can log in to the database. Specify PASSWORD EXPIRE if you want the user's password to expire. You can control the ability of an application server to connect as the specified user and to activate that user's roles using the ALTER USER statement. This form is the same as specifying the GLOBALLY keyword alone and creates a shared global schema. This form creates a private global schema.Ī null string (' ') indicating that the enterprise directory service will map authenticated global users to this database schema with the appropriate roles. It should be of the form CN= username,other_attributes, where other_attributes is the rest of the user's distinguished name (DN) in the directory. The X.509 name at the enterprise directory service that identifies this user. The directory_DN string can take one of two forms: Such a user must be authorized by the enterprise directory service (Oracle Internet Directory). The GLOBALLY clause lets you create a global user. "Creating External Database Users: Examples" Oracle Database Identity Management Integration Guide for more information on externally identified users Oracle recommends that the user name contain at least one single-byte character regardless of whether the database character set also contains multibyte characters. This name can contain only characters from your database character set and must follow the rules described in the section "Schema Object Naming Rules".
Specify the name of the user to be created. Please refer to GRANT for more information.ĭescription of the illustration create_user.gif Therefore, after creating a user, you should grant the user at least the CREATE SESSION system privilege.
To log on to Oracle Database, a user must have the CREATE SESSION system privilege. When you create a user with the CREATE USER statement, the user's privilege domain is empty. You must have the CREATE USER system privilege.
For syntax and discussion, refer to ALTER USER. You can enable a user to connect to the database through a proxy application or application server. Use the CREATE USER statement to create and configure a database user, which is an account through which you can log in to the database, and to establish the means by which Oracle Database permits access by the user.