You are on page 1of 5

11/26/13

SQL Statements: CREATE SYNONYM to DROP ROLLBACK SEGMENT, 9 of 31

Oracle8i SQL Reference Release 3 (8.1.7) Part Number A85397-01

Library Product Contents Index

SQL Statements: CREATE SYNONYM to DROP ROLLBACK SEGMENT, 9 of 31

CREATE USER
Purpose
Use the C R E A T EU S E Rstatement to create and configure a database user, or an account through which you can log in to the database and establish the means by which Oracle permits access by the user.

Note: You can enable a user to connect to Oracle through a proxy (that is, an application or application server). For syntax and discussion, refer to ALTER USER.

Prerequisites
You must have C R E A T EU S E Rsystem privilege. When you create a user with the C R E A T EU S E Rstatement, the user's privilege domain is empty. To log on to Oracle, a user must have C R E A T ES E S S I O Nsystem privilege. Therefore, after creating a user, you should grant the user at least the C R E A T ES E S S I O Nprivilege. See Also: GRANT

Syntax

docs.oracle.com/cd/A87860_01/doc/server.817/a85397/statem9c.htm

1/5

11/26/13

SQL Statements: CREATE SYNONYM to DROP ROLLBACK SEGMENT, 9 of 31

Keywords and Parameters

u s e r
Specify the name of the user to be created. This name can contain only characters from your database character set and must follow the rules described in the section "Schema Object Naming Rules". Oracle recommends that the user name contain at least one single-byte character regardless of whether the database character set also contains multi-byte characters.

I D E N T I F I E D
The I D E N T I F I E Dclause lets you indicate how Oracle authenticates the user. See Also: Oracle8i Application Developer's Guide - Fundamentals and your operating system specific documentation for more information
B Yp a s s w o r d

The B Yp a s s w o r dclause lets you creates a local user and indicates that the user must specify p a s s w o r dto log on. Passwords can contain only single-byte characters from your database character set regardless of whether this character set also contains multibyte characters. Passwords must follow the rules described in the section "Schema Object Naming Rules", unless you are using Oracle's password complexity verification routine. That routine requires a more complex combination of characters than the normal naming rules permit. You implement this routine with the U T L P W D M G . S Q Lscript, which is further described in Oracle8i Administrator's Guide. See Also: Oracle8i Administrator's Guide to for a detailed description and explanation of how to use password management and protection

docs.oracle.com/cd/A87860_01/doc/server.817/a85397/statem9c.htm

2/5

11/26/13

SQL Statements: CREATE SYNONYM to DROP ROLLBACK SEGMENT, 9 of 31

E X T E R N A L L Y

Specify E X T E R N A L L Yto create an external user and indicate that a user must be authenticated by an external service (such as an operating system or a third-party service). Doing so causes Oracle to rely on the login authentication of the operating system to ensure that a specific operating system user has access to a specific database user. Caution: Oracle strongly recommends that you do not use I D E N T I F I E D E X T E R N A L L Ywith operating systems that have inherently weak login security. For more information, see Oracle8i Administrator's Guide.

The G L O B A L L Yclause lets you create a global user and indicates that a user must be 'e x t e r n a l _ n a m e ' authenticated by the enterprise directory service. The 'e x t e r n a l _ n a m e ' string can take one of two forms:
G L O B A L L YA S

The X.509 name at the enterprise directory service that identifies this user. It should be of the form 'C N = u s e r n a m e , o t h e r _ a t t r i b u t e s ' , where o t h e r _ a t t r i b u t e sis the rest of the user's distinguished name (DN) in the directory. A null string (' ') indicating that the enterprise directory service will map authenticated global users to the appropriate database schema with the appropriate roles

Note: You can control the ability of an application server to connect as the specified user and to activate that user's roles using the A L T E RU S E Rstatement. See Also: - Oracle Advanced Security Administrator's Guide for more information on global users - ALTER USER

D E F A U L TT A B L E S P A C E
Specify the default tablespace for objects that the user creates. If you omit this clause, objects default to the S Y S T E Mtablespace. See Also: CREATE TABLESPACE for more information on tablespaces

T E M P O R A R YT A B L E S P A C E
Specify the tablespace for the user's temporary segments. If you omit this clause, temporary segments default to the S Y S T E Mtablespace.

Q U O T A
Use the Q U O T Aclause to allow the user to allocate space in the tablespace and optionally establishes a quota of i n t e g e rbytes. Use Kor Mto specify the quota in kilobytes or megabytes. This quota is the maximum space in
docs.oracle.com/cd/A87860_01/doc/server.817/a85397/statem9c.htm 3/5

11/26/13

SQL Statements: CREATE SYNONYM to DROP ROLLBACK SEGMENT, 9 of 31

the tablespace the user can allocate. AC R E A T EU S E Rstatement can have multiple Q U O T Aclauses for multiple tablespaces.
U N L I M I T E Dallows the user to

allocate space in the tablespace without bound.

P R O F I L E
Specify the the profile you want to reassign to the user. The profile limits the amount of database resources the user can use. If you omit this clause, Oracle assigns the D E F A U L Tprofile to the user. See Also: GRANT and CREATE PROFILE

P A S S W O R DE X P I R E
Specify P A S S W O R DE X P I R Eif you want the user's password to expire. This setting forces the user (or the DBA) to change the password before the user can log in to the database.

A C C O U N TClause
A C C O U N TL O C K A C C O U N TU N L O C K

Specify A C C O U N TL O C Kto lock the user's account and disables access. Specify A C C O U N TU N L O C Kto unlock the user's account and enables access to the account.

Examples
Creating a User Example If you create a new user with P A S S W O R DE X P I R E , the user's password must be changed before attempting to log in to the database. You can create the user s i d n e yby issuing the following statement:
C R E A T EU S E Rs i d n e y I D E N T I F I E DB Yw e l c o m e D E F A U L TT A B L E S P A C Ec a s e s _ t s Q U O T A1 0 MO Nc a s e s _ t s T E M P O R A R YT A B L E S P A C Et e m p _ t s Q U O T A5 MO Ns y s t e m P R O F I L Ee n g i n e e r P A S S W O R DE X P I R E ;

The user s i d n e yhas the following characteristics: The password w e l c o m e Default tablespace c a s e s _ t s , with a quota of 10 megabytes Temporary tablespace t e m p _ t s Access to the tablespace S Y S T E M , with a quota of 5 megabytes Limits on database resources defined by the profile e n g i n e e r
docs.oracle.com/cd/A87860_01/doc/server.817/a85397/statem9c.htm 4/5

11/26/13

SQL Statements: CREATE SYNONYM to DROP ROLLBACK SEGMENT, 9 of 31

An expired password, which must be changed before s i d n e ycan log in to the database To create a user accessible only by the operating system account g e o r g e , prefix g e o r g eby the value of the initialization parameter O S _ A U T H E N T _ P R E F I X . For example, if this value is "o p s $ ", you can create the user o p s $ g e o r g ewith the following statement:
C R E A T EU S E Ro p s $ g e o r g e I D E N T I F I E DE X T E R N A L L Y D E F A U L TT A B L E S P A C Ea c c s _ t s T E M P O R A R YT A B L E S P A C Et e m p _ t s Q U O T AU N L I M I T E DO Na c c s _ t s ;

The user o p s $ g e o r g ehas the following additional characteristics: Default tablespace a c c s _ t s Default temporary tablespace t e m p _ t s Unlimited space on the tablespaces a c c s _ t sand t e m p _ t s Limits on database resources defined by the D E F A U L Tprofile The following example creates user c i n d yas a global user:
C R E A T EU S E Rc i n d y I D E N T I F I E DG L O B A L L YA S' C N = c i n d y , O U = d i v i s i o n 1 , O = o r a c l e , C = U S ' D E F A U L TT A B L E S P A C El e g a l _ t s Q U O T A2 0 MO Nl e g a l _ t s P R O F I L El a w y e r ;

Copyright 1996-2000, Oracle Corporation. All Rights Reserved. Library Product Contents Index

docs.oracle.com/cd/A87860_01/doc/server.817/a85397/statem9c.htm

5/5