Changing expired password on a cbckend database from a frontend database

I have a split database with an Oracle backend (BE) and MS Access frontend (FE). My question is how to reset an expired password on the BE from the FE.
If I log on to the backend via sqlplus an error ORA-28001 (Password expired) occurs and the system immediately prompts for a new password before completing the login process.
If I log on from the frontend I get the same ORA error from the BE, but as far as I can tell, I can't reset the password from the FE.
I can capture the error fine at the FE and I am thinking that I could use this to open a dialog to reset the password and change it over the ODBC connection. The problem is that I need to get a connection to the BE database before sending a command to change the password from the FE, but since login cannot be completed from the FE, because of the expired password, I can't get an ALTER USER statement to execute on the BE to reset the password.
Is there a way to change a pre-expired password on an Oracle backend database from a frontend database? I don't see this as an Oracle/Access problem but as a problem that exists for any split database.

I have thought about this a little and I am thinking about keeping a table of password update information. I can use this to create a "soft" expired password, using an expiration date in the table for each account. If the password is expired by the database then we can just update it with sqlplus or one of the other options.
As far as getting the organization to change it is waaaay to big and stupid to change their policy.

Similar Messages

  • Changing expired password

    Is it possible to change expired password from JDBC 2.0?

    By JS page, I'm assuming you mean JSP (Javaserver Page?)
    The answer greatly depends on the middle-tier technology you are using.. For example straight JDBC, BC4J etc..
    If you give more info on your middle tier technology we could probably help out better..
    -Chris

  • 802.1X cannot change expired password at login

    Hi all,
    I'm trying to roll out 802.1X authentication for wifi access at my company, however there's one major problem I can't for the life of me figure out. I'm not able to get the Macs to prompt for a password change when the password has expired at login.
    On Windows when you log in it will prompt you to change your password when it's expired. However on OSX when you're on the workstation login screen, you can see the wireless icon briefly connect, then it will think for a bit and the user cannot log in at all.
    OSX can definitely can change expired passwords via 802.1X, as if I log into a local account and connect to the wifi with the user whose password has expired, it will prompt to change it, and changes it successfully.
    I'm using NPS for RADIUS authentication against AD, and using Profile Manager in OSX Server to create the 802.1X profile.
    Does anyone have any experience with OSX and using WPA Enterprise/802.1X Profiles?
    Thanks!

    Hi,
    Can you post a screenshot for this situation?
    Sometimes, the third party credential provider would lead to some issue like this, I suggest you check the
     current credential provider via the following path:
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\SessionData\x\LastLoggedOnProvider
    You should compare the result with the values in the following path:
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\credential providers
    If the current value is third party credential provider, try to disable it:
    To disable the provider add a REG_DWORD value "Disabled"=1 to that provider’s CLSID subkey.
    The provider will be disabled on the next session creation (sessions are created when you log off, switch users, or reboot.
    If you have any feedback on our support, please click
    here
    Alex Zhao
    TechNet Community Support

  • Changing expired password from a JS page

    Hi,
    We are developing an application in which one JS page will be used to login to the database using database user id and password. If the database user id has expired then the JS page will display another JS page to change the password. While displaying the change password page can be accomplished by trapping the ORA-28001 error, can anybody tell me how actually to go about in changing the password for the user. I am not allowed to hardcode any userid and password in the JS pages for achieving this.
    Thanks in advance.
    Cheers,
    Lala

    By JS page, I'm assuming you mean JSP (Javaserver Page?)
    The answer greatly depends on the middle-tier technology you are using.. For example straight JDBC, BC4J etc..
    If you give more info on your middle tier technology we could probably help out better..
    -Chris

  • Changing expired password in forms 6.0

    I'm trying to offer a possibility to users to change their passwords.
    in forms they user is prompt to change is password, but after changes an validation the message FRM-10201 Impossible de changer le mot de passe (unable to change the password)
    When i try it on sql plus i got this :
    SQL> connect ntci/ntci@post
    ERREUR:
    ORA-28001: le mot de passe est expiré
    Modification de mot de passe pour ntci
    Ancien mot de passe : *****
    Erreur du système d'exploitation (Operating system error, password not modified)
    Mot de passe non modifié
    I dont know what is happening.
    Would you mind helping me

    Thank you for replying to my message.
    I've read in doc 52718.1 that from forms release 6.0 it is possible to handle this situation.
    After expiring the password an trying a connection, the system first prompt that the password is expired and ask for a password replacement but this never reach (the operating system error is raised).
    I'm using Forms 6.0 against Database 9.0.2..on windows XP client
    Maybe this could explain moore
    thank you once again

  • Changing expired password with OCIPasswordChange

    I know that ODP.NET has a option to open a connection with a new password when the old one has expired. I'm using System.Data.OracleClient from .Net instead of ODP because I'm using the Instant Client, which does not seem to work with ODP. Can somebody tell me how to call OCIPasswordChange?

    Hi,
    OCIPasswordChange is an OCI call. You'd have to write a complete OCI application in C to be able to use that, and OCI coding isnt for the faint of heart.
    I do have a complete OCI sample that does it though.. here you go.
    Cheers,
    Greg
    This sample demonstrates the use of OCIPasswordChange once the
    password has expired, which requires setting the session into
    the service context. Tested with oci 8.1.5, vc++ 6.0 sp3.
    first create the user with expired password:
    SQL> create user testuser identified by oldpass password expire;
    SQL> grant create session to testuser;
    #include <stdio.h>
    #include <stdlib.h>
    #include <string.h>
    #include <oci.h>
    static OCIEnv          *p_env;
    static OCIError          *p_err;
    static OCIServer *p_srv;
    static OCISession *p_ses;
    static OCISvcCtx     *p_svc;
    void main()
         int          rc;
         char     errbuf[100];
         int          errcode;
         // Step 1: Initialize OCI
         rc = OCIInitialize((ub4) OCI_DEFAULT, (dvoid *)0,
              (dvoid * (*)(dvoid *, size_t)) 0,
              (dvoid * (*)(dvoid *, dvoid *, size_t))0,
              (void (*)(dvoid *, dvoid *)) 0 );
         // Step 2: Initialize the OCI evironment
         rc = OCIEnvInit( (OCIEnv **) &p_env, OCI_DEFAULT, (size_t) 0, (dvoid **) 0 );
         // Step 3: Initialize the OCI handles
         rc = OCIHandleAlloc( (dvoid *) p_env, (dvoid **) &p_err, OCI_HTYPE_ERROR,
              (size_t) 0, (dvoid **) 0);
         rc = OCIHandleAlloc( (dvoid *) p_env, (dvoid **) &p_svc, OCI_HTYPE_SVCCTX,
              (size_t) 0, (dvoid **) 0);
         rc = OCIHandleAlloc( (dvoid *) p_env, (dvoid **) &p_srv, OCI_HTYPE_SERVER,
              (size_t) 0, (dvoid **) 0);
         rc = OCIHandleAlloc((dvoid *) p_env, (dvoid **)&p_ses, (ub4) OCI_HTYPE_SESSION,
              (size_t) 0, (dvoid **) 0);
         // Step 4: Connect using a mutli-session connect
         rc = OCIServerAttach( p_srv, p_err,
              (text *)"local", 5, 0);
         // Create a server context
         rc = OCIAttrSet( (dvoid *) p_svc, OCI_HTYPE_SVCCTX,
              (dvoid *)p_srv, (ub4) 0,
              (ub4) OCI_ATTR_SERVER, (OCIError *) p_err);
         // Create a session context
         rc = OCIAttrSet((dvoid *) p_ses, (ub4) OCI_HTYPE_SESSION,
              (dvoid *) "testuser", (ub4) 8,
              (ub4) OCI_ATTR_USERNAME, p_err);
         rc = OCIAttrSet((dvoid *) p_ses, (ub4) OCI_HTYPE_SESSION,
              (dvoid *) "oldpass", (ub4) 7,
              (ub4) OCI_ATTR_PASSWORD, p_err);
         rc = OCIAttrSet((dvoid *) p_svc, (ub4) OCI_HTYPE_SVCCTX,
              (dvoid *) p_ses, (ub4) 0,
              (ub4) OCI_ATTR_SESSION, p_err);
         // Open the session on the server
         rc = OCISessionBegin ( p_svc, p_err, p_ses, OCI_CRED_RDBMS,
              (ub4) OCI_DEFAULT);
         // This is a generic error checking routine
         if (rc != 0)
              OCIErrorGet((dvoid *)p_err, (ub4) 1, (text *) NULL, &errcode,
                   (text*)errbuf, (ub4) sizeof(errbuf), OCI_HTYPE_ERROR);
              printf("Error - %.*s\n", 512, errbuf);
              // If the error is a 28001, change the password.
              if(errcode==28001)
                   // You need to set the Session into the service context
                   // before you can call OCIPasswordChange(), and you also need
                   // to allocate both the session and service context handles
                   // before hand. Then you can call OCIPasswordChange.
                   rc = OCIAttrSet((dvoid *)p_svc, OCI_HTYPE_SVCCTX,
                        (dvoid *)p_ses,0,OCI_ATTR_SESSION, p_err);
                   rc = OCIPasswordChange(p_svc, p_err, "testuser",8,
                        "oldpass",7, "newpass",8, OCI_DEFAULT);
                   if(rc != 0) printf("Password change failed.\n");
                   else printf("Password successfully changed.\n");
         // Step 10: Disconnect from the server and free the
         rc = OCIServerDetach( p_srv, p_err, OCI_DEFAULT );
         rc = OCIHandleFree((dvoid *) p_srv, OCI_HTYPE_SERVER);
         rc = OCIHandleFree((dvoid *) p_svc, OCI_HTYPE_SVCCTX);
         rc = OCIHandleFree((dvoid *) p_err, OCI_HTYPE_ERROR);
         printf("Disconnected.\n\n");
         return;
    }

  • Change expired password using oracle jdbc thin driver

    Hello,
    I have a java program that uses the oracle jdbc thin driver (ojdbc6 - version 11.2.0.3) for database connection. My question is if I have any possibility to change an expired password (java.sql.SQLException: ORA-28001: the password has expired) using the thin driver - NOT OCI?

    No - the thin driver doesn't have any password management features.

  • Change "require password to wake this computer from sleep or screensaver"

    Does anyone know how to change the checkbox in sys prefs > security > require password to wake this computer from sleep or screensaver via cli?
    I would like to always have this enabled, but individual users can shut this off...
    Thanks

    Code an AppleScript using the SystemsEvents>SecuritySuite>SecurityPreferencesObject>RequirePasswordtoWake then use the cli 'open' to run it?

  • JSSO change expired password

    Hi,
    Does JSSO has support to enable users to change their password when it expires (we use OID with passwd policies)?
    If not, is there an alternative method of authenticating users agains ldap(OID) with functionality to change passwords and notify when a user is in his grace period.
    We want to use/create one authentication/authorisation instance which we can use for multiple applications.
    Kind regards,
    Albert

    JSSO usually uses a xml file to store the passwords. When you use OID it implies that you already have an AS Infrastructure.
    Why don't you use the Oracle SSO server?
    It does solve a part of your problem.
    Unfortunately the issue with the grace periods (or better to receive a notification before your password expires) is not yet solved. You need to build your own (nifty script scanning the last pwd change time and the expiration time).
    cu
    Andreas

  • User cannot change expired password at logon

    Hi
    I've got 4 Fujitsu laptop with Windows 7 business SP1 x64 (Fujitsu setup). When the domain password expired, users cannot change their password at logon. Also, they can change password in their opened session before it expire (CTRL+ALT+DEL ==>
    change password).
    The change password at logon windows is buggy : It only display one field to put password in, the confirmation field does not display.
    When user valid is change, Windows display error "wrong username or password ". Only way to unlock this situation is to reset user password in ADUC and never let expire.
    I seen no sofware or driver wich could interfe.
    Domain controler (only one) is Windows server 2012 standard.
    Has somebody ever seen this type of problem ?

    Hi,
    Can you post a screenshot for this situation?
    Sometimes, the third party credential provider would lead to some issue like this, I suggest you check the
     current credential provider via the following path:
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\SessionData\x\LastLoggedOnProvider
    You should compare the result with the values in the following path:
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\credential providers
    If the current value is third party credential provider, try to disable it:
    To disable the provider add a REG_DWORD value "Disabled"=1 to that provider’s CLSID subkey.
    The provider will be disabled on the next session creation (sessions are created when you log off, switch users, or reboot.
    If you have any feedback on our support, please click
    here
    Alex Zhao
    TechNet Community Support

  • User can't change expired password

    Hi,
    Using Solaris 9 Clients and DS 5.2p4.
    In my old NIS+ installation users with expired passwords (not expired accounts!!) where foreced to change their password during login.
    Now using ldap naming service, such users are NOT asked to change their passwords, they just can't login, seeing:
    Your password has expired.
    Access denied
    Using keyboard-interactive authentication.
    Password:Is this a bug, a feature or do I need to change my config?
    my pam.conf looks like:
    other   auth requisite          pam_authtok_get.so.1
    other   auth required           pam_dhkeys.so.1
    other   auth binding            pam_unix_auth.so.1 server_policy
    other   auth required           pam_ldap.so.1 use_first_pass
    other   account requisite       pam_roles.so.1
    other   account required        pam_projects.so.1
    other   account required        pam_unix_account.so.1 server_policy
    other   account required        pam_ldap.so.1
    other   password required       pam_dhkeys.so.1
    other   password requisite      pam_authtok_get.so.1
    other   password requisite      pam_authtok_check.so.1
    other   password required       pam_authtok_store.so.1 server_policyThe only workarround I found so far is, to change the account flag to optional
    other   account optional        pam_ldap.so.1This allows the user to login, but he is still not forces to change his password.

    There is a way arround.
    The password policy which appies to this user needs to have passwordExpireWithoutWarning=off.Than the user gets a "new chance". His passwordexpirationtime gets expended to the current date + passwordWarning periode. This allows the user to login and change his password. In adddition passwordexpwarned=1 for this user is set, to prevent doing this over and over.
    See Sun Document 75326
    http://sunsolve.sun.com/search/document.do?assetkey=1-25-75326-1
    Message was edited by:
    mzeilinger

  • HT2204 If I change my password does stop the kids from using I tunes?

    If I change my password on apple I'd will my kids be able to order off I tunes with the old password?

    It would stop them from purchasing through iTunes, but not from using it otherwise. But you may be able to do that through Parental Controls. Or create a user account exclusively for their use, then change your admin account password so they cannot access your account. Use Parental Controls on their account to restrict their use of iTunes.

  • Getting invalid username/ password when trying to change expired password

    I am using Oracle Database 11g Enterprise Edition Release 11.2.0.2.0 - 64bit Production.
    I created a user with password expire option and gave create session grant. When I tried to connect with the user it gives me password expired message as expected but when I try to put new password it gives me invalid username/password as show below. I have tried many times and made sure new password and retype new password are same and long enough.
    Could anyone please advice what am I missing?
    SQL> conn schu/xxx@abc
    ERROR:
    ORA-28001: the password has expired
    Changing password for schu
    New password: ********
    Retype new password: ********
    ERROR:
    ORA-01017: invalid username/password; logon denied
    Password unchanged
    SQL>

    spur230 wrote:
    sb92075 wrote:
    spur230 wrote:
    It works that way but I need to use password expire option.
    I see the words, but do not understand what they/you mean.The code you asked me to run work perfectly but I am getting ORA-01017 when I use password expire option.
    With your code if I do
    alter user schu password expire.
    It will ask me to enter new password and verify password after which I am getting
    ERROR:
    ORA-01017: invalid username/password; logon deniedI am not sure what you are doing & doing wrong; but it works OK for me.
    SQL> CREATE USER USER3 IDENTIFIED BY USER3 PASSWORD EXPIRE;
    User created.
    SQL> GRANT CREATE SESSION TO USER3;
    Grant succeeded.
    SQL> CONNECT USER3/USER3
    ERROR:
    ORA-28001: the password has expired
    Changing password for USER3
    New password:
    Retype new password:
    Password changed
    Connected.
    SQL> CONNECT USER3/USER4
    Connected.
    SQL> show user
    USER is "USER3"
    SQL>

  • Changing expired password of "system" user

    Hello,
    today I got a message that said that "system"-s password is expired.
    I used sqlplus:
    sqlplus system/mypass@myserver:1521/dwh
    Then I got:
    SQL*Plus: Release 10.2.0.1.0 - Production on Wed Oct 14 12:05:50 2009
    Copyright (c) 1982, 2005, Oracle. All rights reserved.
    ERROR:
    ORA-28001: the password has expired
    Changing password for system
    New password:
    But when I entered the new password twice after prompting, I got:
    ERROR:
    ORA-01017: invalid username/password; logon denied
    Password unchanged
    Weird, can somebody explain this?

    user10298630 wrote:
    Hello,
    today I got a message that said that "system"-s password is expired.
    I used sqlplus:
    sqlplus system/mypass@myserver:1521/dwh
    Then I got:
    SQL*Plus: Release 10.2.0.1.0 - Production on Wed Oct 14 12:05:50 2009
    Copyright (c) 1982, 2005, Oracle. All rights reserved.
    ERROR:
    ORA-28001: the password has expired
    Changing password for system
    New password:
    But when I entered the new password twice after prompting, I got:
    ERROR:
    ORA-01017: invalid username/password; logon denied
    Password unchanged
    Weird, can somebody explain this?What exactly is weird in it? There must be a mistake in the typing of yours due to which you have got this error, the same worked for me dandy,
    SQL*Plus: Release 10.2.0.1.0 - Production on Wed Oct 14 17:19:10 2009
    Copyright (c) 1982, 2005, Oracle.  All rights reserved.
    Connected to an idle instance.
    SQL> startup
    ORACLE instance started.
    Total System Global Area  167772160 bytes
    Fixed Size                  1247900 bytes
    Variable Size              67110244 bytes
    Database Buffers           96468992 bytes
    Redo Buffers                2945024 bytes
    Database mounted.
    Database opened.
    SQL> conn fortest/test
    ERROR:
    ORA-01017: invalid username/password; logon denied
    Warning: You are no longer connected to ORACLE.
    SQL> conn / as sysdba
    Connected.
    SQL> drop user fortest cascade;
    User dropped.
    SQL> create user fortest identified by test password expire;
    User created.
    SQL> grant create session to fortest;
    Grant succeeded.
    SQL> conn fortest/test
    ERROR:
    ORA-28001: the password has expired
    Changing password for fortest
    New password:
    Retype new password:
    Password changed
    Connected.
    SQL> +So the reason you got the error is 99.99% a typing mistake. To get back the user working, like others have suggested already, use Sys account and unlock it.
    HTH
    Aman....

  • Cannot change password expired password

    Hi there,
    I am not able to change expired password on Windows server 2012. I am getting the error message that "You must change your password before logging on the first time. Please update your password or contact your system administrator or technical support"
    I had similar issue in Windows 2008 servers and was resolved when I changed the the RDP security layer to negociate. But I couldn't find Session host configuration snap-in since RDS is not enabled.
    Any one faced same issue?
    Thanks,
    Ranjith

    Hi Ranjith,
    How are things going?
    You could try to change the Security Layer to
    RDP Security Layer in the Security section of
    Session Collection properties.
    In addition, if you are using remote desktop over RD Gateway, there is no support for being able to use the “User must change password at next logon”.
    Please refer to these two threads which is similar with your issues.
    https://social.technet.microsoft.com/Forums/windowsserver/en-US/320ef31a-1160-4c33-9912-79a3838fc24d/forcefuly-user-should-change-his-password-when-loggin-for-the-first-time?forum=winserverTS
    https://social.technet.microsoft.com/Forums/windowsserver/en-US/8761e29a-72a0-4f9c-b31b-ff81633020dd/user-must-change-password-setting-using-rdp-to-server-2012?forum=winserverTS
    Hope this helps.
    Best Regards,
    Tina

Maybe you are looking for

  • Invoice Document Date - PGI Date Vs Invoice creation date

    Hello Guys, The way our system works right now is the date on the invoice document is always the date of PGI. The business requires that the invoice date be the date it is billed. But on the last day of the month it will be the date of PGI. and not t

  • What are the required settings for Quality Certificate

    Hi Team What are the required settings for Quality Certificate for Raw material from vendor. This is my RR - Result Recording  for inspection lot. Please sugget me T-Code to view this. Can I see say for 6-9 months RR done insp. lot. Thanks

  • Using browser javascript to copy selected text from a pdf file opened in Air app.

    I have posted this question on reader forum as well, but I think it is more suited here... I am trying to create a note-taking application in air. I want to extract selected text from pdf file as a string object or to the clipboard. Obviously, all pd

  • Compressing to 16:9 MPEG

    Hi, I'm having real trouble here. I'm exporting a 16:9 (Anamorphic) video from FCP through compressor but it keeps ending up as a 4:3 video. I've tried various changes on the cropping etc to 16:9 but no joy. It needs to be a just a small sized vid fo

  • How to replace table cell elements position

    Hello Experts, I have a requirement where i have to replace the table cell elements at runtime. lets say for example i have a node structure  like this: Root Node     table Node data         cell 1 (Name)         cell 2 (Description) Now once the tab