Automatic Roles
The roles listed below are automatically created by the CREATE DATABASE command. In fact, the SQL statements to do this are included in the sql.bsq file. Note, however, that Oracle warns that the CONNECT, DBA, and RESOURCE roles may not be automatically created in the future.
- CONNECT
Based upon the CONNECT system privilege in Oracle V6. With this role, you can connect to the database and create objects that are not segments. Interestingly, this role also has the CREATE TABLE privilege, but you must be explicitly granted quotas in order to create the table.
As part of backward compatibility with Oracle V6, you can bypass the CREATE USER command and simply issue a GRANT CONNECT TO userid IDENTIFIED BY password statement. In this case, Oracle will first execute a CREATE USER userid IDENTIFIED BY password statement, followed by the GRANT CONNECT TO userid statement. We strongly recommend that you not use this feature, since it is not guaranteed to remain valid in future releases.
- DBA
Based upon the DBA system privilege in Oracle V6. This role has every system privilege except UNLIMITED TABLESPACE, which cannot be granted to a role. The DBA role has also been granted the EXP_FULL_TABLESPACE, IMP_FULL_TABLESPACE, DELETE_CATALOG_ROLE, EXECUTE_CATALOG_ROLE, and SELECT_CATALOG_ROLE roles.
- DELETE_CATALOG_ROLE
Required to delete from any object owned by SYS. Granted explicitly to the DBA role and SYS schema.
- EXECUTE_CATALOG_ROLE
Required to execute any object owned by SYS. Granted to ...
Get Oracle Database Administration: The Essential Refe now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
