How To Audit All Create User Activities and Password Changes Including Those Made by GRANT?
Last updated on NOVEMBER 04, 2015
Applies to:Oracle Database - Enterprise Edition - Version 22.214.171.124 to 126.96.36.199 [Release 9.2 to 11.2]
Information in this document applies to any platform.
Checked for relevance on 06-JUN-2013
This note explains how to audit all create user activity including those that are implicitly created by a GRANT statement like:
GRANT DBA TO NEW_DBA_USER IDENTIFIED BY NEWPASSWORD;
Also, for existing users, it explains how password changes that can also be done with a GRANT statement can be collected out of the audit trail.
The following example can be used to test the results:
create role some_role;
-- test implicit user creation by GRANT statement:
create user user_type1 identified by tiger;
grant dba to user_type2 identified by tiger;
grant some_role to user_type3 identified by tiger;
-- test implicit password changes of existing users:
alter user user_type1 identified by tiger2;
grant dba to user_type2 identified by tiger2;
grant some_role to user_type3 identified by tiger2;
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms