Every DBA must have come through terminologies like user account,service account, schema account. We will see these terminology below
User :
User account is account created in database for individual use. if employees name is John then account with his name will be personal account. Ideally DBA will set some profile to personal user account which forces to reset password after certain period say 90 days or 180 days. ideally it will have only read only access on certain objects or certain schemas, it depends on requirements.
This will only limited some quota defined on USERS tablespaces.
for example : john01
Service account :
Service account is account created in database for the purpose of accessing certain schemas by group of people using same account to avoid individual logins. Service account don't own any objects under it, but it can have certain synonyms for security purpose and ease of use.
This will have read only and or read write access on certain schemas according to requirements.
for example : appdata_ro, appdata_rw
Schema account :
Schema account is account created in database to own objects like tables, index, materialized views, views, procedure, functions etc. Schema account will have its individual tablespace granted.schema account will have its own objects and will be able perform all operations on it.Generally this account will have non expiry password profile.
for example : appdata
consider below scenario
database : asgard
schema : appdata
service account : appdata_ro
user account : john01
john01 will have read only access on appdata schema and service account appdata_ro will have read only access on schema appdata in database asgard. service account appdata_ro can be used by number of users with same credentials.
comment below in case of any issues or help.
you may also like to see create database user, Oracle Database schema refresh
0 comments:
Post a Comment