Oracle Created Database Users: Password, Usage and Files References (Doc ID 160861.1)
This document is no longer actively maintained, for info on specific (new)
users in recent product editions,
please check the relevant product/feature documentation.
Purpose
~~~~~~~
The following table lists the default usernames and passwords you may encounter
in your database as a result of installing various additional
--> products/components
--> options
--> new features of the version
It provides references to
--> which option or product should be installed to have it
--> what script created it
--> what it is used for
--> suggestion to secure the account
SCOPE & APPLICATION
~~~~~~~~~~~~~~~~~~~
Database Administrators who need to export full databases, manage users and
security.
List Of Users Created at Database Creation
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By default, are automatically created during database creation :
SCOTT by script $ORACLE_HOME/rdbms/admin/utlsampl.sql
OUTLN by script $ORACLE_HOME/rdbms/admin/sql.bsq
Optionally:
DBSNMP if Enterprise Manager Intelligent Agent is installed
MGMT_VIEW is part of the DB Control Repository
SYSMAN is part of the DB Control Repository and Grid
see Note:270516.1 for details
TRACESVR if Enterprise Manager is installed
AURORA$ORB$UNAUTHENTICATED \
AURORA$JIS$UTILITY$ -- if Oracle Servlet Engine (OSE) is installed
OSE$HTTP$ADMIN /
MDSYS if Oracle Spatial option is installed
MDDATA if Oracle Spatial option is installed
ORDSYS if interMedia Audio option is installed
ORDPLUGINS if interMedia Audio option is installed
SI_INFORMTN_SCHEMA if interMedia option is installed
CTXSYS if Oracle Text option is installed
WKSYS if Oracle Ultra Search option is installed
WKUSER (9i)/WK_TEST (10g) if Oracle Ultra Search option is installed
REPADMIN if Replication Option is installed
LBACSYS if Oracle Label Security option is installed
DVF if Oracle Database Vault option is installed
DVSYS if Oracle Database Vault option is installed
ODM if Oracle Data Mining option is installed
ODM_MTR idem
DMSYS (10g) if Oracle Data Mining 10g option is installed
DMSYS in 10g version to replace ODM and ODM_MTR schemas
OLAPSYS if OLAP option is installed
WMSYS if Oracle Workspace Manager script owmctab.plb is
executed.
ANONYMOUS if catqm.sql catalog script for SQL XML management
XDB is executed
EXFSYS is the Expression Filter Feature repository
DIP for provisioning event processing
TSMSYS Transparent Session Migration
Oracle9i Sample Schemas if you need to test through a complete sample
system of information (see note 207560.1)
Note
~~~~
If you have already the 9i sample schemas (hr, oe, pm, etc.) and you don't need
them, you can removed them safely and without damage to the database.
a. The SCOTT user is created by default to provide sample user tables. You can
alter the password. To create the default tables, run the script
$ORACLE_HOME/sqlplus/demo/demobld.sql. To drop the objects, run
$ORACLE_HOME/sqlplus/demo/demodrop.sql connected as SCOTT.
b. The OUTLN (OUTLiNes) user is automatically created during installation of
Oracle8i and Oracle9i. OULTN is the schema of Stored Outlines.
The package OUTLN_PKG is used to manage stored outlines and categories.
OUTLN is the owner of tables OL$, OL$HINTS (Oracle8i) as well as OL$NODES
(Oracle9i) used to store hints for stored outlines.
You can change the password for the OUTLN schema just as for the SYS and SYSTEM
schemas.
b. The DBSNMP user can be dropped by running the catnsnmp.sql script. If you
need to re-create it, run the catsnmp.sql script. Ensure that there are no
jobs running or scheduled in Oracle Enterprise Manager before you run the
script.
MGMT_VIEW is part of the DB Control Repository, it is created by running
the script $OH/sysman/admin/emdrep/bin/RepManager, the password is
autogenerated (it does not have a fixed or default value).
SYSMAN belongs to the same feature ( see Note:270516.1 for details):
it is the schema of the Grid OMS repository of the 10G Enterprise Manager Grid.
c. The TRACESVR user is created by $ORACLE_HOME/otrace/admin/otrcsvr.sql during
the installation of OEM.
If you change TRACESVR user's password, you will not be able to do OTrace
collections. This user is only used with 7.x Databases where stored procedures
are used by OTrace to start and stop data collections. The TRACESVR/stored
procedure mechanism is no longer used to control OTrace collections starting
with Oracle 8.x Databases. Therefore in this case you can change the password
(or drop that user).
d. The three JSERV accounts (AURORA$JIS$UTILITY$, AURORA$ORB$UNAUTHENTICATED and
OSE$HTTP$ADMIN) are used internally by Enterprise Java Beans and CORBA Tools
and created with randomly-generated passwords 'INVALID_ENCRYPTED_PASSWORD'.
-> jisorb.sql creates user AURORA$ORB$UNAUTHENTICATED.
-> jisbgn.sql creates user AURORA$JIS$UTILITY$
-> jishausr.sql creates user OSE$HTTP$ADMIN
These 3 scripts are launched by init_jis.sql script to install the Oracle
Servlet Engine (OSE)
Changing their passwords would prevent the ORB from working.
This is supposed to change in a future version so that you can change their
password.
e. MDSYS, MDDATA, ORDSYS, CTXSYS, ORDPLUGINS and SI_INFORMTN_SCHEMA are created
to support Oracle Intermedia.
The default password for the ORDSYS and SI_INFORMTN_SCHEMA users during
automatic installation is 'ORDSYS', and for ORDPLUGINS is 'ORDPLUGINS'.
The schema MDDATA is used by Oracle Spatial for storing Geocoder and router
data Geocoding is the process of converting tables of address data into
standardized address, location, and possibly other data.
f. WKSYS is a privileged Oracle user who owns the Ultra Search data dictionary
and internal objects. Ultra Search uses the WKSYS user for storing Ultra
Search packages and metadata. WKUSER (9i)/WK_TEST (10g) is a test user.
g. REPADMIN user: it is usual to have a separate user for the replication
administrator to protect master groups from being managed by snapshot
administrators.
This user configures the replicated environment and performs administration
of all replicated schemas / groups.
h. LBACSYS user: the Oracle Label Security administrator username.
i. DVSYS schema stores the database objects needed to process Oracle data for
Oracle Database Vault. This schema contains the roles, views, accounts,
functions, and other database objects that Oracle Database Vault uses.
j. The DVF schema contains public functions to retrieve (at run time) the
factor values set in the Oracle Database Vault access control configuration.
k. ODM user: who performs data mining operations.
In 10g, a user can be created with a chosen name.
l. ODM_MTR user: the account associated with the data repository for data
mining sample programs.
In 10g, DMSYS is the schema for the data repository.
m. OLAPSYS user: identity used to create OLAP metadata structures.
n. WMSYS user: used to store all the metadata information for Oracle Workspace
Manager.
o. ANONYMOUS user: allows HTTP access to Oracle XML DB.
p. XDB user: Used for storing Oracle XML DB data and metadata.
q. EXFSYS is the Expression Filter Feature repository (see Note:258618.1):
the user is created with the script exfsys.sql that asks for a password.
r. DIP is created in rdbms/admin/catdip.sql (password is DIP): for provisioning
event processing
s. TSMSYS is created in rdbms/admin/cattsm.sql for Transparent Session Migration
t. The Oracle9i Sample Schemas provides installed schemas meant to be used for
demonstration purposes only:
-> HR: Human Resources schema
The Human Resources division tracks information on the company's
employees and facilities.
-> OE: Order Entry schema requires "Oracle Spatial" option.
The Order Entry division tracks product inventories and sales of the
company�s products through various channels.
-> PM: Product Media schema requires "Oracle JVM" and "Oracle Intermedia"
options.
The Product Media division maintains descriptions and detailed
information on each product sold by the company.
-> SH: Sales History schema requires "Oracle OLAP" set up.
The Sales History division tracks business statistics to facilitate
business decisions.
-> QS: Queued Shipping schema
The Shipping division manages the shipping of products to customer.
The sample company has decided to test the use of messaging to
manage its proposed B2B applications.
-> QS_ES (Eastern Shipping)
-> QS_WS (Western Shipping)
-> QS_OS (Overseas Shipping)
-> QS_CB (Customer Billing)
-> QS_CS (Customer Service)
-> QS_ADM (Administration)
-> QS_CBADM (Customer Billing Administration)
If any of the user accounts is locked and expired upon installation and needs to
be activated, unlock and assign a new meaningful password to that user account:
SQL> ALTER USER "schema_name" IDENTIFIED BY "newpass" ACCOUNT UNLOCK;
Passwords and Referenced Files List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Username | Description | Default Password | Created or Referenced |Comments
| | | in $ORACLE_HOME/ files |
------------+-------------------------+------------------+-------------------------------+--------
| | | |
CTXSYS | Intermedia Text schema | CTXSYS |./ctx/admin/dr0csys.sql |change
| | |./bin/ctxsrv -user ctxsys/* |
------------+-------------------------+------------------+-------------------------------+--------
DBSNMP | Intelligent Agent user | DBSNMP |./rdbms/admin/catsnmp.sql |change
| | |./bin/dbsnmp |
| | |./network/admin/snmp_rw.ora |
------------+-------------------------+------------------+-------------------------------+--------
MGMT_VIEW | DB Control Repository | autogenerated |./sysman/admin/emdrep/bin/RepManager|
------------+-------------------------+------------------+-------------------------------+--------
SYSMAN | DB Control Repository | asked | |See Note 259379.1
------------+-------------------------+------------------+-------------------------------+--------
MDSYS | Spatial Data Option user| MDSYS |./md/admin/mdinst.sql |change
| | |./ord/admin/ordisysc.sql |
MDDATA | Spatial Data Option user| MDDATA |./md/admin/catmd.sql |lock
------------+-------------------------+------------------+-------------------------------+--------
WKSYS | Ultra Search option user| WKSYS (admin) |./ultrasearch/admin/wk0csys.sql|change
WKUSER (9i) | Ultra Search option user| WKUSER (end-user)|./ultrasearch/admin/wk0csys.sql|
WK_TEST (10g)| | WK_TEST (same) |./ultrasearch/admin/wk0csys.sql|
------------+-------------------------+------------------+-------------------------------+--------
ODM | Oracle Data Mining | ODM |./dm/admin/dmcrt.sql |change
ODM_MTR | Oracle Data Mining | MTRPW |./dm/admin/dmcrt.sql |change
DMSYS (10g) | Oracle Data Mining | DMSYS |./dm/admin/odmcrtm.sql |change
any name | Oracle Data Mining | any pasword |./dm/admin/odmcrt.sql |
------------+-------------------------+------------------+-------------------------------+--------
ORDPLUGINS | InterMedia Audio option | ORDPLUGINS |./ord/admin/ordisysc.sql |change
ORDSYS | InterMedia Audio option | ORDSYS |./ord/admin/ordisysc.sql |change
SI_INFORMTN_SCHEMA |InterMedia option | SI_INFORMTN_SCHEMA | ./ord/admin/ordisysc.sql |lock
------------+-------------------------+------------------+-------------------------------+--------
OUTLN | Stored Outlines | OUTLN |./rdbms/admin/c0703040.sql |lock
| | |./rdbms/admin/c0800050.sql |
| | |./rdbms/admin/sql.bsq |
------------+-------------------------+------------------+-------------------------------+--------
PERFSTAT | STATSPACK Repository | PERFSTAT |./rdbms/admin/spcreate.sql |change
| | |(./rdbms/admin/spcusr.sql) |
------------+-------------------------+------------------+-------------------------------+--------
RMAN | RMAN catalog Owner | RMAN | manually |change
------------+-------------------------+------------------+-------------------------------+--------
SCOTT | Demo user | TIGER |./rdbms/admin/utlsampl.sql |*drop
------------+-------------------------+------------------+-------------------------------+--------
WKPROXY | Ultraseach user | change_on_install|./ultrasearch/admin/wk0csys.sql|change
WKSYS | Ultraseach user | change_on_install|./ultrasearch/admin/wk0install.sql| ""
------------+-------------------------+------------------+-------------------------------+--------
WMSYS | Oracle Workspace Manager| wmsys |./rdbms/admin/owmctab.plb |lock
------------+-------------------------+------------------+-------------------------------+--------
XDB | SQL XML management | change_on_install|./rdbms/admin/catqm.sql |lock
ANONYMOUS | SQL XML management | values anonymous |./rdbms/admin/catqm.sql |lock
------------+-------------------------+------------------+-------------------------------+--------
TRACESVR | Oracle Trace user | trace |./rdbms/admin/otrcsvr.sql |change
------------+-------------------------+------------------+-------------------------------+--------
OAS_PUBLIC | Web Toolkit/Content | manager | See Note:99088.1 |change
WEBSYS | Web Toolkit/Content | manager | See Note:99088.1 |change
------------+-------------------------+------------------+-------------------------------+--------
REPADMIN | Replication user | managed by DBA |created manually by CREATE USER|
| | |./ldap/admin/oidrsrms.sql |change
| | |./ldap/admin/oidrsms.sql |
------------+-------------------------+------------------+-------------------------------+--------
AURORA$ORB$UNAUTHENTICATED| OSE | random value |./javavm/install/jisorb.sql |lock
AURORA$JIS$UTILITY$ | OSE | random value |./javavm/install/jisbgn.sql |lock
OSE$HTTP$ADMIN | OSE | random value |./javavm/install/jishausr.sql |lock
------------+-------------------------+------------------+-------------------------------+--------
LBACSYS | Label Security | LBACSYS |./rdbms/admin/catlbacs.sql |change
------------+-------------------------+------------------+-------------------------------+--------
DVSYS | Database Vault | DVSYS |./rdbms/admin/catmacs.sql |change
------------+-------------------------+------------------+-------------------------------+--------
DVF | Database Vault | DVF |./rdbms/admin/catmacs.sql |change
------------+-------------------------+------------------+-------------------------------+--------
SYS | Administrative | change_on_install|./rdbms/admin/sql.bsq |change
SYSTEM | Administrative | manager |./rdbms/admin/sql.bsq |change
------------+-------------------------+------------------+-------------------------------+---------
EXFSYS | Expression Filter Feature repository |asked|./rdbms/admin/exfsys.sql |locked
------------+-------------------------+------------------+-------------------------------+--------
DIP | Provision event processing| DIP |./rdbms/admin/catdip.sql |locked
------------+-------------------------+------------------+-------------------------------+--------
TSMSYS | Transparent Session Migration| TSMSYS |./rdbms/admin/cattsm.sql |locked
------------+-------------------------+------------------+-------------------------------+--------
* User SCOTT is for test purposes: drop it if of no use.
Related Documents:
~~~~~~~~~~~~~~~~~~
Note:227010.1 Script to check for Default Passwords being used for common
usernames.
Note:131752.1 Security Check List: Steps to Make Your Database Secure
from Attacks
Note:1071358.6 What is the OUTLN User?
Note:98572.1 Script to create user OUTLN
Note:1060420.6 ORACLE_8 NEW ROLE SNMPAGENT
Note.206870.1 Security risk with catsnmp.sql launched by catproc.sql
Note.1027776.6 CONTEXT SERVER SHOWING THE CTXSYS PASSWORD
Note:120093.1 Initial steps required to a create Snapshot Replication
environment v8.1
Note:117434.1 Initial steps required to a create Multi Master Replication
environment v8.1
Note:99088.1 Manually create the Web Toolkit/Content Services
Note:207560.1 Can the 9i Sample Schemas Be Safely Removed?
Note:217135.1 Usernames which cannot be exported
Note:270516.1 How To Change The SYSMAN Password Used For Grid Control
Note:258618.1 How To Install and Uninstall Expression Filter Feature or
EXFSYS schema
Note:234712.1 Managing Schemas of the 9iAS Release 2 (9.0.2.x) Metadata
Repository
Note:329600.1 How To Completely Remove Intermedia, ORDSYS, ORDPLUGIN And
MDSYS Schemas
Note:263428.1 How to De-install Oracle Workspace Manager
Note:232648.1 Ultra Search Frequently Asked Questions
Note:472937.1 Information On Installed Database Components and Schemas
No comments:
Post a Comment