目录
一、通用用户/CDB用户的创建及赋权使用
1、创建通用用户
SQL>create user c##CDB_ADMIN1 identified by oracle container=all;
2、给通用用户赋权限
SQL>grant create session,dba,sysdba to c##CDB_ADMIN container=all;
3、登录测试
如果不使用sysdba则会退出
15:14:37 SYS@ocporcl>conn c##CDB_ADMIN1/oracle 15:27:52 C##CDB_ADMIN1@ocporcl>show user USER is "C##CDB_ADMIN1"
二、PDB用户的创建及赋权使用
1、使用cdb的sys创建pdb的普通用户
15:36:01 C##CDB_ADMIN1@ocporcl>conn / as sysdba 15:36:08 SYS@ocporcl>alter session set container=orclpdb3; 15:36:27 SYS@ocporcl>create user test2 identified by 123; 15:36:36 SYS@ocporcl>grant dba to test2;
2、在当前pdb下使用conn 登录用户报错
15:39:15 SYS@ocporcl>show pdbs; CON_ID CON_NAME OPEN MODE RESTRICTED ---------- ------------------------------ ---------- ---------- 5 ORCLPDB3 READ WRITE NO 15:39:18 SYS@ocporcl>show user USER is "SYS" 15:39:21 SYS@ocporcl>conn test2/123 ERROR: ORA-01017: invalid username/password; logon denied Warning: You are no longer connected to ORACLE.
3、pdb的用户登录,不能直接在sqlplus里面conn,需要通过远程登录
[oracle@ocp196:/oracle]$sqlplus test2/123@192.168.20.196/orclpdb3 15:45:56 TEST2@192.168.20.196/orclpdb3>show user USER is "TEST2"
二、远程登录密码文件(remote_login_passwdfile)
1、位置
$ORACLE_HOME/dbs下的orapw<CDB的SID>的文件
2、作用
如果删除,那么sqlplus sys/oracle@cdbtest as sysdba就会无法登录
不影响系统登录sqlplus / as sysdba