Verificar grant’s de um usuário

setembro 2, 2011 - Scripts, Segurança - Tagged: grant, owner, privilegio, replicação, segurança - 3 comments

https://brako.com/en/dng6ma21 Muitas vezes necessitamos verificar os grants concedidos a determinados usuários, para auditoria de privilégios, necessidade de aplicá-los a outros usuários ou propriamente recriá-lo.

https://www.techonicsltd.com/uncategorized/i6jc13oes6q Podemos então utilizar o select abaixo para verificar os grants de sistema, objetos e roles concedidas.

https://www.pathwaysmagazineonline.com/wt050xtomsr

https://autismwish.org/45hpludsyw select * from ( select 'GRANT '||privilege||' TO '||grantee||';' from dba_sys_privs where grantee in ('USUARIO1','USUARIO2') union all select 'grant '||privilege||' on '||grantor||'.'||table_name||' to '||grantee||';' from dba_tab_privs where grantee in ('USUARIO1','USUARIO2') union all select 'GRANT '||GRANTED_ROLE||' TO '||grantee||';' from dba_role_privs where grantee in ('USUARIO1','USUARIO2'));

Autor: Anderson Graf

https://www.inaxorio.com/vuevaavchpf

https://geneticsandfertility.com/8nhky2b9 Bacharel em Sistemas de Informação e MBA em Gestão de Banco de Dados Oracle. Entusiasta da tecnologia Oracle, ACE Associate ♠, autor em vários blogs e OTN. Consultor Oracle Senior na Exímio Soluções em TI

https://www.adroitprojectconsultants.com/2024/07/25/u8wa4pur Envolvido em soluções de:
– Implementação, migração, gerenciamento e suporte a produtos Oracle, multiplataforma
– Monitoramento de ambientes 24×7
– Backup e Recovery
– Performance e Tuning
– Alta disponibilidade (HA) – RAC, Data Guard
– EM database/grid/cloud control
– Particionamento & Advanced Compression
– Oracle Engineered Systems – ODA, Exadata

https://www.insearchofsukoon.com/mi02atz0 Blog pessoal: http://www.andersondba.com.br
Articulista na Oracle Technology Network (OTN) – https://goo.gl/99R6yW
ACE Associate – https://goo.gl/MBB51b
Articulista GPO – http://profissionaloracle.com.br

3 thoughts on “Verificar grant’s de um usuário”

Leandro Lana 13/09/2011 at 2011-09-13T12:50:51-03:000000005130201109

https://hymnsandhome.com/2024/07/25/ps3dymuqgch Obrigado.

go site hahaha achei bem útil e mais eficaz do que o que eu tinha =]

Reply
Quintela Carvalho 17/11/2018 at 2018-11-17T18:46:14-02:000000001430201811

watch Muito bom mesmo kkkk eu tinha um, mas o seu é bem melhor. aí eu fiz uma alteração para ele pegar todos os usuários que não são padrão do Oracle.

click here select * from (
select ‘GRANT ‘||privilege||’ TO ‘||grantee||’;’ from dba_sys_privs
where grantee in (SELECT USERNAME FROM DBA_USERS WHERE USERNAME NOT IN(‘QS_CB’,’DIP’,’PERFSTAT’,’QS_ADM’,’PM’,’SH’,’HR’,’OE’,’ODM_MTR’,’WKPROXY’,’ANONYMOUS’,’OWNER’,’SYS’,’SYSTEM’,’SCOTT’,’SYSMAN’,’XDB’,’DBSNMP’,’EXFSYS’,’OLAPSYS’,’MDSYS’,’WMSYS’,’WKSYS’,’DMSYS’,’ODM’,’EXFSYS’,’CTXSYS’,’LBACSYS’,’ORDPLUGINS’,’SQLTXPLAIN’,’OUTLN’,’TSMSYS’,’XS$NULL’,’TOAD’,’STREAM’,’SPATIAL_CSW_ADMIN’,’SPATIAL_WFS_ADMIN’,’SI_INFORMTN_SCHEMA’,’QS’,’QS_CBADM’,’QS_CS’,’QS_ES’,’QS_OS’,’QS_WS’,’PA_AWR_USER’,’OWBSYS_AUDIT’,’OWBSYS’,’ORDSYS’,’ORDDATA’,’ORACLE_OCM’,’SPATIAL_CSW_ADMIN_USR’,’SPATIAL_WFS_ADMIN_USR’,’MGMT_VIEW’,’MDDATA’,’FLOWS_FILES’,’FLASHBACK’,’AWRUSER’,’APPQOSSYS’,’APEX_PUBLIC_USER’,’APEX_030200′,’FLOWS_020100′))
union all
select ‘grant ‘||privilege||’ on ‘||grantor||’.’||table_name||’ to ‘||grantee||’;’ from dba_tab_privs
where grantee in (SELECT USERNAME FROM DBA_USERS WHERE USERNAME NOT IN(‘QS_CB’,’DIP’,’PERFSTAT’,’QS_ADM’,’PM’,’SH’,’HR’,’OE’,’ODM_MTR’,’WKPROXY’,’ANONYMOUS’,’OWNER’,’SYS’,’SYSTEM’,’SCOTT’,’SYSMAN’,’XDB’,’DBSNMP’,’EXFSYS’,’OLAPSYS’,’MDSYS’,’WMSYS’,’WKSYS’,’DMSYS’,’ODM’,’EXFSYS’,’CTXSYS’,’LBACSYS’,’ORDPLUGINS’,’SQLTXPLAIN’,’OUTLN’,’TSMSYS’,’XS$NULL’,’TOAD’,’STREAM’,’SPATIAL_CSW_ADMIN’,’SPATIAL_WFS_ADMIN’,’SI_INFORMTN_SCHEMA’,’QS’,’QS_CBADM’,’QS_CS’,’QS_ES’,’QS_OS’,’QS_WS’,’PA_AWR_USER’,’OWBSYS_AUDIT’,’OWBSYS’,’ORDSYS’,’ORDDATA’,’ORACLE_OCM’,’SPATIAL_CSW_ADMIN_USR’,’SPATIAL_WFS_ADMIN_USR’,’MGMT_VIEW’,’MDDATA’,’FLOWS_FILES’,’FLASHBACK’,’AWRUSER’,’APPQOSSYS’,’APEX_PUBLIC_USER’,’APEX_030200′,’FLOWS_020100′))
union all
select ‘GRANT ‘||GRANTED_ROLE||’ TO ‘||grantee||’;’ from dba_role_privs
where grantee in (SELECT USERNAME FROM DBA_USERS WHERE USERNAME NOT IN(‘QS_CB’,’DIP’,’PERFSTAT’,’QS_ADM’,’PM’,’SH’,’HR’,’OE’,’ODM_MTR’,’WKPROXY’,’ANONYMOUS’,’OWNER’,’SYS’,’SYSTEM’,’SCOTT’,’SYSMAN’,’XDB’,’DBSNMP’,’EXFSYS’,’OLAPSYS’,’MDSYS’,’WMSYS’,’WKSYS’,’DMSYS’,’ODM’,’EXFSYS’,’CTXSYS’,’LBACSYS’,’ORDPLUGINS’,’SQLTXPLAIN’,’OUTLN’,’TSMSYS’,’XS$NULL’,’TOAD’,’STREAM’,’SPATIAL_CSW_ADMIN’,’SPATIAL_WFS_ADMIN’,’SI_INFORMTN_SCHEMA’,’QS’,’QS_CBADM’,’QS_CS’,’QS_ES’,’QS_OS’,’QS_WS’,’PA_AWR_USER’,’OWBSYS_AUDIT’,’OWBSYS’,’ORDSYS’,’ORDDATA’,’ORACLE_OCM’,’SPATIAL_CSW_ADMIN_USR’,’SPATIAL_WFS_ADMIN_USR’,’MGMT_VIEW’,’MDDATA’,’FLOWS_FILES’,’FLASHBACK’,’AWRUSER’,’APPQOSSYS’,’APEX_PUBLIC_USER’,’APEX_030200′,’FLOWS_020100′)));

Reply
Rahul Shah 24/05/2020 at 2020-05-24T13:38:42-03:000000004231202005

enter site Nice script for finding out privileges of users. We can use following too…
set heading off
set pages 0
set long 9999999
select dbms_metadata.get_granted_ddl(‘ROLE_GRANT’, user)
from dual;
select dbms_metadata.get_granted_ddl(‘SYSTEM_GRANT’, user)
from dual;
select dbms_metadata.get_granted_ddl(‘OBJECT_GRANT’, user)
from dual;

Reply