My Oracle Support Banner

How To Audit All Create User Activities and Password Changes Including Those Made by GRANT? (Doc ID 728351.1)

Last updated on AUGUST 04, 2018

Applies to:

Oracle Database - Enterprise Edition - Version 9.2.0.1 to 11.2.0.3 [Release 9.2 to 11.2]
Information in this document applies to any platform.
Checked for relevance on 06-JUN-2013


Goal

This note explains how to audit all create user activity including those that are implicitly created by a GRANT statement like:

GRANT DBA TO NEW_DBA_USER IDENTIFIED BY NEWPASSWORD

Also, for existing users, it explains how password changes that can also be done with a GRANT statement can be collected out of the audit trail.

The following example can be used to test the results:

connect SYSTEM
create role some_role;

-- test implicit user creation by GRANT statement:
create user user_type1 identified by tiger;
grant dba to user_type2 identified by tiger;
grant some_role to user_type3 identified by tiger;

-- test implicit password changes of existing users:
alter user user_type1 identified by tiger2;
grant dba to user_type2 identified by tiger2;
grant some_role to user_type3 identified by tiger2;

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
 Explanation:

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.