Introduction
A common users, is a user that is created whilst connected to the root (CDB). When the command to create a common user is executed, the user gets created across all PDBs with the exception of the seed PDB. As such, a common users can connect to any PDB. Common users must also start with a c##. This distinguishes them from local users.
Local users are created in PDBs and only exist in the PDB they were created in. Furthermore, local users can only connect to the PDB they were created in and are not visible to other containers (PDBs).
This means that each container (PDB) can have common users and local users. A user, regardless of whether it is common or local, can only perform actions within the container (PDB) to which it is connected.
Step-By-Step
1. Create a common user.
- sqlplus '/ as sysdba'
- SQL> CREATE USER c##MyCommonUser IDENTIFIED BY MyCommonUserPassword CONTAINER=ALL;
2. Connect to a common user
- sqlplus '/ as sysdba'
- SQL> connect c##MyCommonUser@myplugdb1;
- NB Connect to myplugdb1
- SQL> connect c##MyCommonUser@myplugdb2;
- NB Connect to myplugdb2
3. Create a local user
- sqlplus '/ as sysdba'
- SQL> connect system@myplugdb1;
- SQL> create user myuser identified by mypassword;
Note The creation of a local user, uses the normal create user syntax that you would find in a non-multitenant architecture.
4. Creating a common role and issuing grants
- sqlplus '/ as sysdba'
- SQL> CREATE ROLE c##MyCommonRole CONTAINER=ALL;
- SQL> GRANT CREATE SESSION TO c##MyCommonUser CONTAINER=all;
Note The creation of the common role uses the same naming convention as the common users as does the grants