forked from docs/doc-exports
Lu, Huayi
a24ca60074
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com> Co-authored-by: Lu, Huayi <luhuayi@huawei.com> Co-committed-by: Lu, Huayi <luhuayi@huawei.com>
36 lines
5.1 KiB
HTML
36 lines
5.1 KiB
HTML
<a name="EN-US_TOPIC_0000001099134912"></a><a name="EN-US_TOPIC_0000001099134912"></a>
|
|
|
|
<h1 class="topictitle1">Setting Account Security Policies</h1>
|
|
<div id="body8662426"><div class="section" id="EN-US_TOPIC_0000001099134912__s1f3f187a2a1b4561ba81672245332f5e"><h4 class="sectiontitle">Background</h4><p id="EN-US_TOPIC_0000001099134912__a445fe8be77ed473691e50ecadbf21a27">For data security purposes, <span id="EN-US_TOPIC_0000001099134912__text254499444">GaussDB(DWS)</span> provides a series of security measures, such as automatically locking and unlocking accounts, manually locking and unlocking abnormal accounts, and deleting accounts that are no longer used.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001099134912__s0dcb0f12e0694cb09db6d8497c6ba38c"><h4 class="sectiontitle">Automatically Locking and Unlocking Accounts</h4><ul id="EN-US_TOPIC_0000001099134912__u54180f3c57dd43ab8f4436c726142217"><li id="EN-US_TOPIC_0000001099134912__lb914c4f0a4774a8aa0031af6b490c96d">If a user fails to enter the correct password for over 10 times during database connection, the system automatically locks the account.</li><li id="EN-US_TOPIC_0000001099134912__l4d5b92a68adf43e3ae9bb8a14616ac63">An account is automatically unlocked one day after it was locked.</li></ul>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001099134912__s8e045aa026174be8b2242de1b2a5340c"><h4 class="sectiontitle">Manually Locking and Unlocking Accounts</h4><p id="EN-US_TOPIC_0000001099134912__af6dd67cc26c84bdba0ad7392835b06c9">If administrators detect an abnormal account that may be stolen or illegally accesses the database, they can manually lock the account.</p>
|
|
<p id="EN-US_TOPIC_0000001099134912__aa98a29d580b3439f86806bb25bdeb6eb">The administrator can also manually unlock the account if the account becomes normal again.</p>
|
|
<p id="EN-US_TOPIC_0000001099134912__a965c39fa6c1b485d9531984163b5df7b">For details about how to create a user, see <a href="dws_04_0057.html">Users</a>. To manually lock and unlock user <strong id="EN-US_TOPIC_0000001099134912__b1880982642101335">joe</strong>, run commands in the following format:</p>
|
|
<ul id="EN-US_TOPIC_0000001099134912__ua39402c683cc44a98794544444d44c61"><li id="EN-US_TOPIC_0000001099134912__l433c967bd1cc45d1a9598a55533d7f77">To manually lock the user:<div class="codecoloring" codetype="Sql" id="EN-US_TOPIC_0000001099134912__sd7a7a6ffd93848ec82772e85e1152046"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span></pre></div></td><td class="code"><div><pre><span></span><span class="k">ALTER</span><span class="w"> </span><span class="k">USER</span><span class="w"> </span><span class="n">joe</span><span class="w"> </span><span class="n">ACCOUNT</span><span class="w"> </span><span class="k">LOCK</span><span class="p">;</span><span class="w"></span>
|
|
</pre></div></td></tr></table></div>
|
|
|
|
</div>
|
|
</li><li id="EN-US_TOPIC_0000001099134912__l8d8fdb8eba84471ca8434eadddafa7d2">To manually unlock the user:<div class="codecoloring" codetype="Sql" id="EN-US_TOPIC_0000001099134912__sfbbbae6fbe514ae7865f2696ee6b9e4c"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span></pre></div></td><td class="code"><div><pre><span></span><span class="k">ALTER</span><span class="w"> </span><span class="k">USER</span><span class="w"> </span><span class="n">joe</span><span class="w"> </span><span class="n">ACCOUNT</span><span class="w"> </span><span class="n">UNLOCK</span><span class="p">;</span><span class="w"></span>
|
|
</pre></div></td></tr></table></div>
|
|
|
|
</div>
|
|
</li></ul>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001099134912__sfd2be0ec3e7b4fccb9382999bd5ef3dd"><h4 class="sectiontitle">Deleting Accounts that Are No Longer Used</h4><p id="EN-US_TOPIC_0000001099134912__a30de1cc710954869bfa8debf54467741">An administrator can delete an account that is no longer used. This operation cannot be rolled back.</p>
|
|
<p id="EN-US_TOPIC_0000001099134912__a35ea53d4adb84afa97a56868db3c6c30">When an account to be deleted is in the active state, it is deleted after the session is disconnected.</p>
|
|
<p id="EN-US_TOPIC_0000001099134912__ac2826380827f4295a1ceaabbc3f48552">For example, if you want to delete account <strong id="EN-US_TOPIC_0000001099134912__b8991263259251">joe</strong>, run the command in the following format:</p>
|
|
<div class="codecoloring" codetype="Sql" id="EN-US_TOPIC_0000001099134912__saf2296eb7a554757b09ed7c4f05c4816"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span></pre></div></td><td class="code"><div><pre><span></span><span class="k">DROP</span><span class="w"> </span><span class="k">USER</span><span class="w"> </span><span class="n">joe</span><span class="w"> </span><span class="k">CASCADE</span><span class="p">;</span><span class="w"></span>
|
|
</pre></div></td></tr></table></div>
|
|
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="dws_04_0063.html">Setting Security Policies</a></div>
|
|
</div>
|
|
</div>
|
|
|