Database Users and Administrators

Types of Oracle Users


Oracle databases categorize users based on their roles and responsibilities to
ensure controlled access and efficient management.

Administrative Users
 These users manage and maintain the database.
 Key Examples:

SYS: The primary administrative user with the highest privileges. It
owns the data dictionary and can perform all administrative tasks.

SYSTEM: Another administrative user with slightly fewer privileges
than SYS, typically used for routine administrative tasks.
 Types of Oracle Users

Application Users
 End-users who interact with the database through applications to
perform specific tasks like querying or updating data.
 Access is limited to ensure they can only perform operations relevant to
their role.

Power Users
 Users with advanced access compared to application users but not as
extensive as administrators.
 Typically used in data analysis or business intelligence roles.
 Types of Oracle Users

Schema Owners
 Users who own database objects like tables, views, and
procedures.
 The schema name is the same as the username.

Read-Only Users
 Have privileges to view data but not modify it.
 Ideal for reporting or auditing tasks.
 Responsibilites of DBA

A Database Administrator (DBA) plays a crucial role in managing,
maintaining, and securing the Oracle database. Their responsibilities include:

Database Installation and Configuration
 Install Oracle Database software.
 Configure the database according to organizational requirements.

Database Design
 Plan and implement the logical and physical structure of the database.
 Create schemas, tablespaces, and indexes.
 Responsibilites of DBA

Backup and Recovery
 Schedule regular backups to ensure data safety.
 Use tools like RMAN (Recovery Manager) to recover data in case
of failure.

Performance Tuning
 Monitor and optimize database performance.
 Use tools like Oracle Enterprise Manager (OEM) and SQL tuning
utilities.
 Responsibilites of DBA

User Management
 Create and manage user accounts.
 Assign roles and privileges to users based on their requirements.

Security Management
 Enforce security policies to protect the database from
unauthorized access.
 Use encryption and auditing tools.
 Responsibilites of DBA

Monitoring and Maintenance
 Monitor database health and resolve issues promptly.
 Ensure the database is running smoothly with minimal downtime.

Software Updates and Patching
 Keep the database software up-to-date with patches and updates.

Ensuring High Availability
 Configure and maintain high-availability solutions like RAC (Real
Application Clusters) or Data Guard.
 DBA Privileges

Oracle provides two system privileges for administrators:

SYSDBA

SYSOPER

SYSDBA
 The SYSDBA privilege is the highest administrative privilege in an
Oracle database. It allows complete control over the database,
including starting, shutting down, and performing recovery operations.

Key Features
 Associated with the SYS user, the default administrative user of
Oracle.
 Grants full access to the database and data dictionary.

Capabilities of SYSDBA
 With the SYSDBA privilege, an operator can:

Start and Shut Down the Database:
 Use commands like STARTUP and SHUTDOWN.

Perform Recovery Operations:
 Execute RECOVER DATABASE and manage recovery scenarios using
RMAN.

Create and Drop Databases:
 Essential during the initial setup or removal of the database.

Perform Administrative Tasks on All Schema Objects:
 Access and modify any schema objects.

Manage Users and Roles:
 Create, modify, and drop users or roles.

Access the Database in Restricted Mode:
 Useful for maintenance tasks that require limited user
access.

SYSOPER
 The SYSOPER privilege is a limited administrative privilege
compared to SYSDBA. It is designed for operators who manage basic
database operations but do not require full access to the database.

Key Features
 Provides limited administrative capabilities to maintain the database's
operational state.
 Does not allow access to user data or modification of the data
dictionary.

Capabilities of SYSOPER
 With the SYSOPER privilege, an operator can:

Start and Shut Down the Database:
 Manage database availability.

Perform Instance Recovery:
 Execute recovery operations when needed.

Manage Database Archiving:
 Enable or disable archive log mode.

Perform Backup and Restore Operations:
 Limited to maintenance tasks, not full recovery scenarios.

Access the Database in Restricted Mode:
 Useful for basic troubleshooting or maintenance.

 Comparison: SYSDBA vs SYSOPER
Aspect SYSDBA SYSOPER
Scope of Privileges Full administrative access Limited administrative access
Access to User Data Yes No
Typical Use Cases Maintenance, recovery, Basic operations like
database creation startup/shutdown
Critical Operations Yes (e.g., recovery, data No (restricted to operational
modification) tasks)