oracle stale user accounts

Posted on 2014-02-14
Last Modified: 2014-03-02
would there be any tell tale signs in a an oracle database about "stale accounts", i.e. those that could be locked and epxired? I am not sure i there is a last login type flag, or whether that is the most appropriate marker, as perhaps some accounts dont "login" like a normal user would?
Question by:pma111
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
LVL 28

Accepted Solution

Naveen Kumar earned 167 total points
ID: 39858589
i think only after you enable audit - audit sessions etc then you will have a history of who is connecting, when etc, whether the remaining can be locked and the other information.

Is the auditing enabled ?
LVL 37

Assisted Solution

by:Geert Gruwez
Geert Gruwez earned 167 total points
ID: 39858609
audit .. or a login trigger which stores the last login attempt in a separate table

Author Comment

ID: 39858657
but by default there is no last login stamp? is that correct
Get Database Help Now w/ Support & Database Audit

Keeping your database environment tuned, optimized and high-performance is key to achieving business goals. If your database goes down, so does your business. Percona experts have a long history of helping enterprises ensure their databases are running smoothly.


Author Comment

ID: 39858684
can you have accounts that are neccesary but may not "login" as such, can you provide examples of these kinds of account?
LVL 37

Expert Comment

by:Geert Gruwez
ID: 39858705
well... sys is very necessary
but usually only dba's login with that when they setup the database

system also

that's the main 2, the rest is optional
but that again depends on what you are using

here is a list of the oracle default users
LVL 22

Assisted Solution

by:Steve Wales
Steve Wales earned 166 total points
ID: 39859362
You can query DBA_USERS to find out any accounts that are actually set to expired and/or locked (a column called ACCOUNT_STATUS).

No way short of a login trigger that immediately comes to mind to track last login.

In 12c, they've added last_login to dba_users, but prior to that, you have to track it yourself.
LVL 28

Expert Comment

by:Naveen Kumar
ID: 39863734
also unless you do a deep dig into all the user account details in your database, it would not be easy to say which all accounts are required and which are not required.

To start with, probably you can extract the information from dba_users and then start the investigation from there.

As mentioned already, do not delete/drop any internal/system accounts which are required for the database.


Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Help with Data Warehouse / Data Marts 4 42
T-sql question 13 32
construct a query sql 11 43
Oracle SQL_Error . 7 24
Azure Functions is a solution for easily running small pieces of code, or "functions," in the cloud. This article shows how to create one of these functions to write directly to Azure Table Storage.
Recently I was talking with Tim Sharp, one of my colleagues from our Technical Account Manager team about MongoDB’s scalability. While doing some quick training with some of the Percona team, Tim brought something to my attention...
This video shows syntax for various backup options while discussing how the different basic backup types work.  It explains how to take full backups, incremental level 0 backups, incremental level 1 backups in both differential and cumulative mode a…
This video shows how to Export data from an Oracle database using the Original Export Utility.  The corresponding Import utility, which works the same way is referenced, but not demonstrated.

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question