|
|
|
|
| Re: Can I log in into a user account without knowing his password? [message #210768 is a reply to message #210739] |
Fri, 22 December 2006 04:40  |
 |
Mahesh Rajendran
Messages: 10708
Registered: March 2002
Location: oracleDocoVille
|
Senior Member
Account Moderator |
|
|
>> without the users knowledge
If you have a DBA account, you can ***almost*** do everything on the user (Unless the FGA is enabled).
Would this help?
-change the password of user
-login as user and do the stuff
-logout and reset the password to whatever it was before you changed it (and you no need to know what the actual password was).
But still, if the user logs in during this period, the authentication will be denied and user gets to know something is happening.
Else as LittleFoot kindly said, there is no other way.
--
-- Assume the user to be logged in as ANOTHER_SCOTT.
-- The DBA user is SCOTT
SCOTT > select username,password from dba_users where username='ANOTHER_SCOTT';
USERNAME PASSWORD
------------------------------ ------------------------------
ANOTHER_SCOTT 96D42B57E14BB951
SCOTT > alter user another_scott identified by something;
User altered.
SCOTT > connect another_scott/something;
Connected.
ANOTHER_SCOTT > show user;
USER is "ANOTHER_SCOTT"
ANOTHER_SCOTT > connect scott/tiger;
Connected.
--
-- reset the password to whatever it was before. You still do not know the exact text password.
--
SCOTT > alter user another_scott identified by values '96D42B57E14BB951';
User altered.
SCOTT > select username,password from dba_users where username='ANOTHER_SCOTT';
USERNAME PASSWORD
------------------------------ ------------------------------
ANOTHER_SCOTT 96D42B57E14BB951
--
-- Let us crosscheck it by passing the text password (as i happen to know it :)
--
SCOTT > connect another_scott/another_tiger;
Connected.
ANOTHER_SCOTT > [Updated on: Fri, 22 December 2006 04:41] Report message to a moderator |
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
