0 Replies Latest reply on Dec 19, 2012 5:28 PM by Jeff Chirco

    How to restrict grant connect through with Data Vault

    Jeff Chirco
      I need to restrict the ability to grant proxy privileges in the database. This is the statement: alter user USER_A grant connect through USER_B;

      I tried creating this rule that looks at the sql text for %CONNECT THROUGH% in the statement and then added it to the "Can Maintain Own Account" Rule Set which is attached to the Alter System command but it doesn't appear to be working. How can I get this working? Is my rule that I created correct. Ultimately what I want to do is allow proxies to be created for most users but just restrict only certain special users.
      dbms_macadm.delete_rule(rule_name => 'NO_PROXY_PRIVILEGES');
      rule_expr => 'INSTR(UPPER(DVSYS.DV_SQL_TEXT),''%CONNECT THROUGH%'') = 0');
      I am running Oracle Enterprise on Windows Server 2008R2
      Thank you.