分类: Oracle
2022-11-28 14:52:10
| Operating System Group Names | Database Privileges | Description |
|---|---|---|
|
ORA_ASMADMIN |
SYSASM system privileges for Oracle ASM administration |
The OSASM group for the Oracle ASM instance. Using this group and the SYSASM system privileges enables the separation of SYSDBA database administration privileges from Oracle ASM storage administration privileges. Members of the OSASM group are authorized to connect using the SYSASM privilege and have full access to Oracle ASM, including administrative access to all disk groups that the Oracle ASM instance manages. |
|
ORA_ASMDBA |
SYSDBA system privileges on the Oracle ASM instance |
The OSDBA group for the Oracle ASM instance. This group grants access for the database to connect to Oracle ASM. During installation, the Oracle Installation Users are configured as members of this group. After you create an Oracle Database, this groups contains the Oracle Home Users of those database homes. |
|
ORA_ASMOPER |
SYSOPER for Oracle ASM system privileges |
The OSOPER group for the Oracle ASM instance. Members of this group are granted SYSOPER system privileges on the Oracle ASM instance, which permits a user to perform operations such as startup, shutdown, mount, dismount, and check disk group. This group has a subset of the privileges of the OSASM group. Similar to the ORA_HOMENAME_OPER group, this group does not have any members after installation, but you can manually add users to this group after the installation completes. |
|
ORA_GRIDHM_DBA |
SYSDBA system privileges for the Oracle Grid Infrastructure Management Repository database |
Members of this group are granted the SYSDBA system privileges for managing the Oracle Grid Infrastructure Management Repository database, where GRIDHM is the name of the Oracle Grid Infrastructure home. The default home name is OraGrid12Home1, so the default group name is ORA_OraGrid12Home1_DBA. |
|
ORA_GRIDHM_OPER |
SYSOPER system privileges for the Oracle Grid Infrastructure Management Repository database |
Members of this group are granted the SYSOPER system privileges for managing the Oracle Grid Infrastructure Management Repository database, where GRIDHM is the name of the Oracle Grid Infrastructure home. If you use the default Grid home name of OraGrid12Home1,then the default operating system group name is ORA_OraGrid12Home1_OPER. |
|
ORA_DBA |
SYSDBA system privileges for all Oracle Database installations on the server |
A special OSDBA group for the Windows operating system. Members of this group are granted SYSDBA system privileges for all Oracle Databases installed on the server. |
|
ORA_OPER |
SYSOPER system privileges for all Oracle databases installed on the server |
A special OSOPER group for the Windows operating system. Members of this group are granted SYSOPER system privileges all Oracle Databases installed on the server. This group does not have any members after installation, but you can manually add users to this group after the installation completes. |
|
ORA_HOMENAME_DBA |
SYSDBA system privileges for all database instances that run from the Oracle home with the name HOMENAME |
An OSDBA group for a specific Oracle Home with a name of HOMENAME. Members of this group can use operating system authentication to gain SYSDBA system privileges for any database that runs from the specific Oracle home. If you specified an Oracle Home User during installation, the user is added to this group during installation. |
|
ORA_HOMENAME_OPER |
SYSOPER system privileges for all database instances that run from the Oracle home with the name HOMENAME |
An OSDBA group for the Oracle Home with a name of HOMENAME. Members of this group can use operating system authentication to gain SYSOPER system privileges for any database that runs from the specific Oracle home. This group does not have any members after installation, but you can manually add users to this group after the installation completes. |
|
ORA_HOMENAME_SYSBACKUP |
SYSBACKUP system privileges for all database instances that run from the Oracle home with a name of HOMENAME |
OSBACKUPDBA group for a specific Oracle Home with a name of HOMENAME. Members of this group have privileges necessary for performing database backup and recovery tasks on all database instances that run from the specified Oracle Home directory. |
|
ORA_HOMENAME_SYSDG |
SYSDG system privileges for all database instances that run from the Oracle home with a name of HOMENAME |
OSDGDBA group for a specific Oracle Home with a name of HOMENAME. Members of this group have privileges necessary for performing Data Guard administrative tasks on all database instances that run from the specified Oracle Home directory. |
|
ORA_HOMENAME_SYSKM |
SYSKM system privileges for all database instances that run from the Oracle home with a name of HOMENAME. |
OSKMDBA group for a specific Oracle Home with a name of HOMENAME. Members of this group have privileges necessary for performing encryption key management tasks on all database instances that run from the specified Oracle Home directory. |
|
ORA_CRS_USERS |
None |
Members of this group have privileges necessary for file system permissions on the Grid Infrastructure Oracle Base directory. When you configure a CRS wallet of type OSUSER, for a user using the crsctl add wallet command, that user is automatically added to this group. This process enables CRS to start user-defined resources as the user that was added to this group. Refer to the for details about adding users to a wallet. |
|
ORA_RAC |
SYSRAC privileges for all Oracle Database installations on the server. |
The OSRACDBA group for the Windows Operating System. Members of this group have SYSRAC privileges for all Oracle Databases installed on the server. |
|
ORA_CLIENT_LISTENERS |
None |
This group is created with service-specific SIDs for Listeners in the Client home. |
|
ORA_HOMENAME_SVCSIDS |
None |
This group is created with service-specific SIDs for all Services in the DB Client home. |
|
ORA_GRID_LISTENERS |
None |
This group is created with Service specific SIDs for all Grid Home Listeners on the system. |
|
ORA_INSTALL |
None |
This group is created with Oracle Home Users for all Oracle homes on the system . Virtual accounts for databases and listeners for all virtual account-based homes are added to this group. |
| Operating System Group Name | Type of Group | Members |
|---|---|---|
|
ORA_DBA |
OSDBA group |
oracle, RACDOMAIN\grid, and the Local System built-in Windows account |
|
ORA_OraRAC21c_home1_DBA |
OSDBA group for the Oracle RAC home directory |
RACDOMAIN\oradba1 |
|
ORA_OraDB21c_home1_DBA |
OSDBA group for the Oracle Database home directory |
oradba2 |
|
ORA_OPER |
OSOPER group |
none |
|
ORA_OraRAC21c_home1_OPER |
OSOPER group for the Oracle RAC home directory |
none |
|
ORA_OraDB21c_home1_OPER |
OSOPER group for the Oracle Database home directory |
none |
|
ORA_ASMADMIN |
OSASM group |
RACDOMAIN\grid and the Local System built-in Windows account, and the database service IDs |
|
ORA_ASMOPER |
OSOPER for ASM group |
none |
|
ORA_ASMDBA |
OSDBA for ASM group for Oracle ASM clients |
RACDOMAIN\grid, oracle, the Local System built-in Windows account, and Oracle Home Users of database homes |
|
ORA_RAC21c_home1_SYSBACKUP,ORA_RAC21c_home1_SYSDG, andORA_RAC21c_home1_SYSKM |
Specialized role groups that authorize users with the SYSBACKUP, SYSDG, and SYSKM system privileges. |
none |
|
ORA_DB21c_home1_SYSBACKUP, ORA_DB21c_home1_SYSDG, and ORA_DB21c_home1_SYSKM |
Specialized role groups that authorize users with the SYSBACKUP, SYSDG, and SYSKM system privileges. |
none |
3、Win10一个命令查看全部用户账户信息(win7同样适用)
wmic useraccount list full
C:\Users\hgc>where oracle
D:\tools\ora19software\bin\oracle.exe
C:\Users\hgc>type D:\tools\ora19software\bin\oracle.key
SOFTWARE\ORACLE\KEY_OraDB19Home1
C:\Users\hgc>reg query HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE\KEY_OraDB19Home1
HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE\KEY_OraDB19Home1
ORACLE_HOME REG_SZ D:\tools\ora19software
ORACLE_HOME_NAME REG_SZ OraDB19Home1
ORACLE_GROUP_NAME REG_SZ Oracle - OraDB19Home1
ORACLE_BUNDLE_NAME REG_SZ Enterprise
NLS_LANG REG_SZ SIMPLIFIED CHINESE_CHINA.ZHS16GBK
OLEDBOLAP REG_SZ D:\tools\ora19software\oledbolap\mesg
OLEDB REG_SZ D:\tools\ora19software\oledb\mesg
ORACLE_HOME_READONLY REG_SZ N
ORACLE_HOME_TYPE REG_SZ 1
ORACLE_SVCUSER REG_SZ ORA_OraDB19Home1_SVCACCTS
ORACLE_SVCUSER_TYPE REG_SZ V
ORACLE_SVCUSER_PWDREQ REG_SZ 0
ORACLE_BASE REG_SZ D:\tools\app\hgc
ORACLE_HOME_KEY REG_SZ SOFTWARE\ORACLE\KEY_OraDB19Home1
SQLPATH REG_SZ D:\tools\ora19software\dbs
MSHELP_TOOLS REG_SZ D:\tools\ora19software\MSHELP
RDBMS_CONTROL REG_SZ D:\tools\ora19software\DATABASE
RDBMS_ARCHIVE REG_SZ D:\tools\ora19software\DATABASE\ARCHIVE
ORA_ORCL_AUTOSTART REG_EXPAND_SZ TRUE
ORA_ORCL_SHUTDOWN REG_EXPAND_SZ TRUE
ORA_ORCL_SHUTDOWNTYPE REG_EXPAND_SZ immediate
ORA_ORCL_SHUTDOWN_TIMEOUT REG_EXPAND_SZ 90
ORACLE_SID REG_SZ orcl
HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE\KEY_OraDB19Home1\ODE
HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE\KEY_OraDB19Home1\OLEDB
HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE\KEY_OraDB19Home1\OLEDBOLAP
https://www.dbi-services.com/blog/oracle-12cr2-on-windows-virtual-accounts/
Managed Service Accounts are created by the administrator in the Active Directory (using New-ADServiceAccount). And you can use them in 12c by mentioning the name in ‘Use Existing Windows User’.
Virtual Accounts are enabled by default in Windows. In 12.2 you can use this feature for Oracle Home account. It is the first option, the default one, and the one recommended if you have no reason to use another user:
Here ORACLE_SVCUSER_TYPE is new with value ‘V’ which means that the ORACLE_SVCUSER is a Virtual Account. ORACLE_SVCUSER_PWDREQ mentions that no password has to be provided for the instances services.
Note that the old method, the ‘built-in account’ had the following, mentioning the internal SYSTEM, and without a TYPE:
