To begin, please keep in mind that I am a very green DBA. I have done prior research and have not really found anything too promising, or maybe it just seems that way because I am still struggling in my understanding of the monster that is Oracle. So please forgive me and kindly point me in the proper direction if my question sounds arbitrary.
Scenario:
- some users create database links into several heavy data warehouses.
- these users neglect to close or drop DB link.
- users process continues to run and bogs down the DW's performance.
Goal:
- prevent these users from creating database links, BUT still allow DBAs to create DB links
How could this be done? Could the answer be within OID capabilities? It seems that there could be to me, but my understanding of Oracle does not seem sufficient enough to be able to determine for sure.
UPDATE: After investigating into user privileges, I discovered that privileges are not the problem. A remote database can be accessed with just a select statement and without a dblink. Revoking the CREATE DATABASE LINK
privilege would not stop a user from accessing database B from database A.
However, this is only true when the DB_DOMAIN
= "blank" and the global name = "fooDB"
A link is required if the DB_DOMAIN
= foo.com and the global name = "fooDB.foo.com"
I could not find any documentation similar to this scenario or that explains why this happens. Why do I need to create a link when the global name = "fooDB.foo.com" but not when the global name = "fooDB"?
Aucun commentaire:
Enregistrer un commentaire