Rick Since nobody has responded to your question, I'll answer: No, haven't tried that. Most of us work hard to keep a user from impersonating another user. ;-) Seriously, this whole system might get you fired someday. I can just see you trying to explain how this is a legitimate request several years ago, but you can't find the authorizing memo. At most sites, the answer is that if the manager wants the subordinate to act as them, he/she provides the password and changes the password upon return. Yep, this one has a bad odor.
Dennis Williams DBA, 80%OCP, 100% DBA Lifetouch, Inc. [EMAIL PROTECTED] -----Original Message----- Sent: Friday, August 01, 2003 11:24 AM To: Multiple recipients of list ORACLE-L Hi DBAs, Oracle 8.1.7.4 I want to be able to have users log into the database with an OS integrated account and set up only certain users that log in to act on the behalf of another integrated user account. (i.e. A manager is given access to a database where he may delegate his authority to an administrative assistant who logs into the database and when the assistant connects, the database automatically impersonates the assistants account to appear as the managers account. Giving them the same database permission's as the manager. Also I would want to be able to look at the "USER" keyword to determine who is really logged in, and who they are impersonating if anyone. I hope this makes sense. I have read some on n-tier authentication using the following but really do not understand how it works. ALTER USER app_user1 GRANT CONNECT THROUGH sh WITH ROLE warehouse_user; Has anyone done this? If so any help is appreciated. Thanks Rick -- Please see the official ORACLE-L FAQ: http://www.orafaq.net -- Author: INET: [EMAIL PROTECTED] Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). -- Please see the official ORACLE-L FAQ: http://www.orafaq.net -- Author: DENNIS WILLIAMS INET: [EMAIL PROTECTED] Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).