Creating Users

You create us ers with the Create Database User page in the Oracle Database XE graphical user interface. Before creating a user, determine the following:

Whether or not you want to permit the user to create database objects in his own schema.

If so, on the Create Database User page, grant the RESOURCE role or grant individual create object system privileges. See the following topics for more information:
- "User Privileges and Roles" for details on the RESOURCE role
- "Administering User Privileges, Roles, and Profiles" in Oracle Database Security Guide for more information on system privileges
- "Managing Database Objects" in Oracle Database Express Edition 2 Day Developer Guide for more information on database objects
Whether or not you want to grant the user DBA privileges.

If so, on the Create Database User page, grant the DBA role. See "User Privileges and Roles" for details on the DBA role.

Because DBA privileges include the ability to create database objects in any schema, if you grant the DBA role, you do not need to grant the RESOURCE role or individual create object system privileges.

Caution:
Granting the DBA r ole to a user has security implications, because the user can modify objects in other users' schemas.
Whether or not to create the user with an expired password.

When you do this, the password that you assign the user is used only for the user's first login. Upon first login, the user is prompted to select a new password.

Example: Creating a User

Suppose you want to create a user account for a database application developer named Nick. Because Nick is a developer, you want to grant him all CREATE system privileges so that he can create the schema objects that his applications require. In addition, you want to create his account with the password "firesign."

To create the user Nick:

Access the Database Home Page.

See "Accessing the Database Home Page" for instructions.
Click the Administration icon, and then click the Database Users icon.
If prompted for administrator credentials, enter the SYSTEM user name and password or another administrator user name and password, and then click Login.

See "About Administrative Accounts and Privileges" for more information.
On the Manage Database Users page, click Create.

Description of the illustration manage_database_users.gif

The Create Database User page appears.

Description of the illustration create_database_user.gif
Enter user information into text fields as follows (all fields are case-insensitive):
- In the Username field, enter nick.
- In the Password and Confirm Password fields, enter firesign.
Note that database passwords may not contain spaces, may not contain SQL keywords, and must use only characters in the database character set.
Grant all create object system privileges by clicking Check All at the lower right-hand corner of the User Privileges box.
Before finishing, note the following:
- The CONNECT and RESOURCE roles are selected by default.
  
  See "User Privileges and Roles" for information about these roles.
- The DBA role is by default not selected. This is correct for Nick, because you do not want to give him DBA privileges, which include the ability to create schema objects in other users' schemas, and to create other users.
- The Account Status list defaults to Unlocked. This means that the user can log in with this account. Because you want Nick to be able to log in, you accept this default.
  
  See "Locking and Unlocking User Accounts" for more information.
Click Create.

The Manage Database Users page reappears and displays a confirmation that the user was created.