How to find out users with deadly roles assigned to them

SQL>select grantee, granted_role, admin_option
from   sys.dba_role_privs
where  granted_role in ('DBA', 'AQ_ADMINISTRATOR_ROLE',
                       'EXP_FULL_DATABASE', 'IMP_FULL_DATABASE',
                       'OEM_MONITOR')
  and  grantee not in ('SYS', 'SYSTEM', 'OUTLN', 'AQ_ADMINISTRATOR_ROLE',
                       'DBA', 'EXP_FULL_DATABASE', 'IMP_FULL_DATABASE',
                       'OEM_MONITOR', 'CTXSYS', 'DBSNMP', 'IFSSYS',
                       'IFSSYS$CM', 'MDSYS', 'ORDPLUGINS', 'ORDSYS',
                       'TIMESERIES_DBA');
                      
GRANTEE                        GRANTED_ROLE                                                     ADM
------------------------------ ------------------------------                                              ---
IX                                     AQ_ADMINISTRATOR_ROLE                                 NO
GHHCWS                        DBA                                                                             NO
BRIAN                             DBA                                                                             NO
DATAPUMP_EXP_FULL_DATABASE     EXP_FULL_DATABASE              NO
DATAPUMP_IMP_FULL_DATABASE     EXP_FULL_DATABASE              NO
DATAPUMP_IMP_FULL_DATABASE     IMP_FULL_DATABASE              NO
OWBSYS                         AQ_ADMINISTRATOR_ROLE                               NO                      

No comments:

Post a Comment