Ignore user-password value under CAR 4.0

Hi All,
One of our NAS server, is using a default string for User-Password attribute value in the event that no password is set by the user in PAP authentication mode.
How can we ignore that value or set it to Null under CAR in order to use the AllowNullPassword Feature?
Please note that under CHAP Authentication mode the NAS Server does not modify CHAP-Password value so, if not set by user, AllowNullPassword works fine.

To grant administrative privileges to users, you must first log onto CAR using admin as the initial user name and password. Log onto CAR using this user name and password to grant CAR administrator rights to user(s) for the first time. This user ID and password will only work when there are no CAR administrators configured in the system. Once one or more users have been granted administrator rights, this initial logon (admin, admin) will be disabled. At this point, only CAR administrators (users who have been granted administrator rights initially using admin, admin, can grant CAR administrator rights to other users.
This URl should help you:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_administration_guide_chapter09186a00801ed126.ht

Similar Messages

AIX 5.2 : how to pass password value while creating a user on AIX server

Hi ,
Test connection is successful with AIX server , I can successfully create a user on AIX server, with defualt password.
I am not passing the any password value still some default value is being populated for the user...
In AIX while creating the user , use get force to set the password...
But while configuring the schema for AIX adapter ...if password attribute is given then it will give the error
as invalid attribute...while creating a user if password value pass...
how to set the password for the user..what attribute need to set for the password .
thanks ..

The default password might be the IdM account password of the user you are trying to provision. You don;t need to keep password in the resource schema. Just set password.password and password.confirmPassword and select AIX resource for password reset. Check the workflow-form-views document for more information on password view.

HT204053 How do I create an Apple ID for my kids which are linked to my Apple ID so that they can make purchases without me having to tell them my user/password?

How do I create an Apple ID for my kids which are linked to my Apple ID so that they can make purchases without me having to tell them my user/password?

Welcome to the community.
Unfortunately, you cannot do that. The first hurdle that you are going to face, is that mobile devices, by virtue of being prone to loss, will always require that a password is entered before a purchase of any kind is made.
If your concern about the password, is related to your privacy in regard to your mail, contacts and calendar information rather than their acces to make purchases, then the best solution would be for you to use another Apple ID for iCloud.
Apple have called the whole cloud thing iCloud, there are a number of features under the iCloud umbrella, some of which require their own login. iTunes is one of these, another is what Apple have unfortunately also called iCloud too.
You can use the same Apple ID (account) to login to both iCloud and iTunes, but you don't need to and often users will login to each service using a different ID.
The part that you need to remember is that the services available when you log into iCloud are completely different and unrelated to those when you log in to iTunes. Your iCloud login enables mail, contacts, calendars, find my phone, Back to My Mac, Documents & Data sharing and photostream, it does not affect any of your iTunes services.

User Password change fails in OWA 2013

User Password change fails in OWA with this error: Your password couldn't be changed. Make sure the old password you typed is correct and that the new password meets the minimum security requirements.
We are migrating from Exchange 2007 to Exchange 2013. Have mailboxes in both environments. OWA 2007 password changes succeed (user mailbox is still in Exchange 2007). When the user mailbox is moved to Exchange 2013, password changes fail
with the above error.
We have the Exch 2013 servers are on Windows 2012 and we are running Exch 2013 CU3. We have made changes to the Default Role Assignment Policy to prevent users from changing Contact information and setting user photos, etc. We are not exactly
sure when user password changes stopped working, or even if they ever did work, although we recently installed our Prod Exch 2013 servers alongside our 2007 servers without any RBAC delegation implemented and a quick test of a user password change was successful.
I reversed all the changes to the Default Role Assignment Policy but the password change still fails.

Hi,
Please try the following steps in your CAS server:
1. Click Start > Run and type regedit and click OK.
2. Navigate to the "HKLM\SYSTEM\CurrentControlSet\Services\MSExchange OWA" key.
3. Set the ChangeExpiredPasswordEnabled value from 1 to 0.
4. Close regedit and re-open it.
5. Set the ChangeExpiredPasswordEnabled value from 0 to 1.
6. Close regedit.
7. After you configure this DWORD value, please reset IIS. The recommended method to reset IIS is to use IISReset /noforce from a command prompt.
Here is the similar thread about password change issue in Exchange 2013 CU3, please refer to:
http://social.technet.microsoft.com/Forums/en-US/30b74c81-9b98-46f4-9ca0-1c3bb74f4a3f/users-with-expired-passwords-or-change-password-at-next-logon-unable-to-change-password-via-owa-in?forum=exchangesvrclients
Hope it helps.
Thanks,
Winnie Liang
TechNet Community Support

How to change user password from default realm programaticaly

Hello,
I would like to know if there are any ways to change a users password from a file
realm through java classes ie . programaticaly.

Thank you for the support.
After looking at the code, I noticed RealmManager is not documented in the BEA
Javadocs. Am I missing something or is it not documented. Lot of other methods
also not documented. Do you have the latest Javadocs?
Thanks
John
"Tom Moreau" <[email protected]> wrote:
>
See message #4589 - it posts the code magic needed
to change the password. The caller doesn't have to
be aware of which realm is being used - that's taken
care of for you.
-Tom
"John M" <[email protected]> wrote:
Hello,
I would like to know if there are any ways to change a users passwordfrom
a file
realm through java classes ie . programaticaly.

How to prevent user password being reset to the same password?

Hi,
As you all know, domain admin has the power to reset user password. Let's think of the following scenario:
if an admin lets a user reset his password to use the same string, this action means he could nullify company policy on password which requires user's last N passwords being recorded in the history.
We could very well imagine that the admin reset his own personal password in order to bypass company policy.
I have asked partner forum to see if there's a way to prevent such thing, but the reply I got is "No".
I wanted to know if anyone of you have any idea to prevent such thing from happening?
Or if it's possible to get the hash value of users past N password to see if he's always using the same password?
Thanks in advance for your ideas.

Good rules is better alternative to complex policy.
Combine password history with time interval between changes.
Regards
Milos
You don't understand what I mean.
He knows exactly what you mean.
check out this link below:
http://technet.microsoft.com/en-us/library/cc757692%28v=ws.10%29.aspx
Enforce password history
The Enforce password history policy setting determines the number of unique new passwords that must be associated with a
user account before an old password can be reused .
The possible values for this Group Policy setting are:
A user-defined number from 0 through 24.
Not defined.
Discussion
Password reuse is an important concern in any organization. Many users want to reuse the same password for their account over a long period of time. The longer the same password is used for
a particular account, the greater the chance that an attacker will be able to determine the password through brute force attacks. If users are required to change their password, but nothing prevents them from using the old password or continually reusing a
small number of passwords, the effectiveness of a good password policy is greatly reduced.
Specifying a low number for Enforce password history allows users to continually use the same small number of passwords repeatedly. If you do not also set Minimum
password age, users can change their password as many times in a row as necessary in order to reuse their original password.
If you set Enforce password history to a number greater than zero, users must come up with a new password every time they are required to change their old one. This
improves security, but it can increase the risk that users will write down their passwords so they do not forget them.
If you set the value to the maximum of 24, it helps to ensure that vulnerabilities caused by password reuse are kept to a minimum.
For this policy setting to be effective in your organization, configure Minimum password age so that you do not allow passwords to be changed immediately. Enforce
password history should be set at the level that combines a reasonable maximum password age with a reasonable password change interval requirement for users.
Location
GPO_name\Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy\
Every second counts..make use of it. Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
IT Stuff Quick Bytes

[SOLVED] How to get sudo and kdesu to honor my user password?

Hi folks,
Well, I must be missing something. I think I've tried everything listed here https://bbs.archlinux.org/viewtopic.php?id=143487 and in the referenced links, but I still have the problem of my system rejecting my password for some uses of sudo and kdesu but not others. I've included my /etc/sudoers file below.
My problem may be due to screwing around with users: I started out using bruce (1000), then switched to bbraley (1001), then deleted bruce in kusers, then changed bbraley to 1000. When that created more problems without solving the original one, I switched back to 1001. I've played with adding and removing my user from groups, including creating a sudo group, making sure I am a member of wheel group, etc.
What seemed to be everyone's magic fix,
pacman -S pambase
didn't work when I tried it successfully with my bbraley password, then later, when that began failing, using the root password. pambase reinstalls, but there is no resulting change in the behavior of sudo.
Side question: Most of my experience is with kubuntu in which I never created a root user and never had any trouble having my user password work with sudo or kdesu. Is there a reason Archwiki beginners guide suggests assigning a separate root account and password?
Can anyone help?
Here's the output of
groups
root adm disk wheel log locate network video audio optical storage scanner power users nm-openconnect systemd-network bbraley sudo sddm
Here's the output of
cat /etc/group |grep `id -un`
root:x:0:bbraley
adm:x:4:root,daemon,bbraley
disk:x:6:root,bbraley
wheel:x:10:root,bbraley
log:x:19:root,bbraley
locate:x:21:bbraley
network:x:90:bbraley
video:x:91:bbraley
audio:x:92:bbraley
optical:x:93:bbraley
storage:x:95:bbraley
scanner:x:96:bbraley
power:x:98:bbraley
users:x:100:bbraley
systemd-network:x:193:bbraley
nm-openconnect:x:104:bbraley
sddm:x:619:bbraley
bbraley:x:500:
sudo:*:501:bbraley
Here's what
ls -l /etc/sudoer
yields:
-r--r----- 1 root root 2948 Mar 22 07:25 /etc/sudoers
And here's my sudoers file:
## Defaults specification
## You may wish to keep some of the following environment variables
## when running commands via sudo.
## Locale settings
# Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET"
## Run X applications through sudo; HOME is used to find the
## .Xauthority file. Note that other programs use HOME to find
## configuration files and this may lead to privilege escalation!
# Defaults env_keep += "HOME"
## X11 resource path settings
# Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH"
## Desktop path settings
# Defaults env_keep += "QTDIR KDEDIR"
## Allow sudo-run commands to inherit the callers' ConsoleKit session
# Defaults env_keep += "XDG_SESSION_COOKIE"
## Uncomment to enable special input methods. Care should be taken as
## this may allow users to subvert the command being run via sudo.
# Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
## Uncomment to enable logging of a command's output, except for
## sudoreplay and reboot. Use sudoreplay to play back logged sessions.
# Defaults log_output
# Defaults!/usr/bin/sudoreplay !log_output
# Defaults!/usr/local/bin/sudoreplay !log_output
# Defaults!REBOOT !log_output
## Runas alias specification
## User privilege specification
root ALL=(ALL) ALL
## Uncomment to allow members of group wheel to execute any command
##%wheel ALL=(ALL) ALL
## Same thing without a password
%wheel ALL=(ALL) NOPASSWD: ALL
## Uncomment to allow members of group sudo to execute any command
%sudo ALL=(ALL) ALL
bbraley ALL=(ALL) ALL
## Uncomment to allow any user to run sudo if they know the password
## of the user they are running the command as (root by default).
Defaults targetpw # Ask for the password of the target user
ALL ALL=(ALL) ALL # WARNING: only use this together with 'Defaults targetpw'
## Read drop-in files from /etc/sudoers.d
## (the '#' here does not indicate a comment)
#includedir /etc/sudoers.d
Last edited by Bruce1956 (2015-03-28 05:16:03)

Trilby wrote:I've never used the targetpw setting, but I wouldn't be surprised if that was the problem. With that setting, if you want to run something as root (the default use of sudo) then you'd need the root password, not the user password. Comment out that setting, and the next line.
I had never used it, either, but I misread some reference and thought it might help. Since you say it causes the behaviour I'm trying to eliminate, I will get rid of it, as suggested. However, the behavior preceded my addition of this line in the file, so I don't think this will correct the problem. Edit: Removing it kept the root password from being universally required (I can now edit /etc/sudoers using my user password) and returned it to requiring it sometimes (I still need the root password to use kdesu).
As for some other distro not having a root account, that is simply impossible. There was a root account. If you didn't have the password for it, then that installation was severely crippled.
Sorry, you're right. I should have said that kubuntu does not expect users to assign a password to the root account and instead expects primary users to access that account's privileges via su, sudo, or kdesu only.
https://help.ubuntu.com/community/RootSudo
By default, the root account password is locked in Ubuntu. This means that you cannot login as root directly or use the su command to become the root user. However, since the root account physically exists it is still possible to run programs with root-level privileges. This is where sudo comes in - it allows authorized users (normally "Administrative" users; for further information please refer to AddUsersHowto) to run certain programs as root without having to know the root password.
Thanks for responding to my request for help. Any other ideas?
Edit: Here's what I keep getting that only accepts the root password, not my user password
http://s15.postimg.org/4z0o86oln/Runasroot_KDEsu.png
-- mod edit: read the Forum Etiquette and only post thumbnails http://wiki.archlinux.org/index.php/For … s_and_Code [jwr] --
Last edited by Bruce1956 (2015-03-23 04:41:06)

How can i add two values under the same property?

Hi all,
How can i add two values under the same property name in a
prop list? For example:
[question1: "item1","item2", question2: "item3","item4"]
To be more precise, i am creating a property list and I want
whenever a two values have the same property name to be added int
he list under the same property. For example:
gMyList.AddProp (#""&question&"" & x,
member("input").text)
question is a variable that is updated fromt he user's input.
Now, whenever somethign like this happens:
question = "question1"
member("input").text = "five"
question = "question1"
member("input").text = "six"
I want to output list to be:
[question1: "five","six"] and so on
Any ideas?

Maybe you could make each property a list (so you have a
property list full
of lists), and add multiple values to the list held in a
particular
property?
Cheers
Richard Smith

How can you create a customized page to change user password?

Hello to all,
I would like to create a customized page for a user to change their password. We are using Portal version 3.0.9 on Windows NT/2000. Currently there is a page in portal where a user can change their password.
I tried linking to that page by copying the shortcut url and adding it as an html portlet. The problem is that we want to direct the users to a
page of our choosing when they click on the "cancel" and "ok" buttons. I read in the forums that there is a selfreg.cmd script.
I also read that there is some code that has been available.
Has anyone implemented a customized user password change page? Do you know of any links that might have steps to follow or
more informatioin?
Thanks in advance,
Lindsay

Hi,
I was able to customize the change password screen through a procedure. This is what I did:
* Created a procedure under the Portal30_sso schema:
CREATE OR REPLACE procedure reports_chage_password
site2pstoretoken in varchar2 default null
,p_username in varchar2 default null
,p_error_code in varchar2 default null
,p_submit_url in varchar2 default null
,p_done_url in varchar2 default null
,p_pwd_is_exp in varchar2 default null
,p_password in varchar2 default null
is
begin
htp.htmlopen;
htp.headopen;
htp.title ('<TITLE of Page>');
htp.headclose;
htp.bodyopen;
htp.p('<table width="100%"><tr><td colspan=2 align=center><IMG SRC=<directory of image if you want>"><br><hr><br></td></tr>');
htp.p('<tr><td colspan=2 align=center>');
htp.p('<font COLOR="#000080" face="Times New Roman" size=+2><b>');
htp.header(nsize => 1 ,cheader => 'Change Password');
htp.p('</b></font>');
htp.p('</td></tr><tr><td align=right>');
htp.formopen(curl => p_submit_url );
htp.p('<font color="#000080" face="Times New Roman" size=+1>');
htp.p ('Username:');
htp.p('</td><td alight=left><font color="#000080" face="Times New Roman" size=+1>');
htp.p(p_username);
htp.p('</font>');
htp.p('</td></tr>');
htp.formHidden(cname => 'p_username',cvalue => p_username);
htp.br;
htp.p('<tr><td align=right>');
htp.p('<font color="#000080" face="Times New Roman" size=+1>');
htp.p ('Old Password: ');
htp.p('</font>');
htp.p('</td><td align=left>');
htp.p ( htf.formPassword(cname => 'p_old_password',csize => 30,cmaxlength => 30) );
htp.p('</td></tr>');
htp.br;
htp.p('<tr><td align=right>');
htp.p('<font color="#000080" face="Times New Roman" size=+1>');
htp.p ('New Password: ');
htp.p('</font>');
htp.p('</td><td align=left>');
htp.p ( htf.formPassword(cname => 'p_new_password',csize => 30,cmaxlength => 30) );
htp.p('</td></tr>');
htp.br;
htp.p('<tr><td align=right>');
htp.p('<font color="#000080" face="Times New Roman" size=+1>');
htp.p ('Confirm New Password: ');
htp.p('</font>');
htp.p('</td><td align=left>');
htp.p ( htf.formPassword(cname => 'p_new_password_confirm',csize => 30,cmaxlength => 30) );
htp.p('</td></tr>');
htp.p('<tr><td rowsapn=2>');
htp.formHidden(cname => 'p_done_url',cvalue => '<the url that you want users to go to when they are done>');
htp.formHidden(cname => 'p_pwd_is_exp',cvalue => p_pwd_is_exp);
htp.formHidden(cname => 'p_password',cvalue => p_password);
htp.formHidden(cname => 'site2pstoretoken',cvalue => site2pstoretoken);
htp.p('</td></tr>');
htp.p('<tr><td align=right>');
htp.formSubmit(cname => 'p_action',cvalue => 'OK');
htp.p('</td><td align=left>');
htp.formSubmit(cname => 'p_action',cvalue => 'CANCEL');
htp.p('</td></tr></table>');
if p_error_code is not null then
htp.br;
htp.fontOpen(ccolor=> 'red', csize=> 4);
if p_error_code = 'auth_fail_err' then
htp.p('Old password is incorrect');
elsif p_error_code = 'pwd_rule_err' then
htp.p('The new password does not follow '||
'the password policies.');
htp.br;
htp.p('Verify with your System Administrator '||
'about the Password Policies');
elsif p_error_code = 'confirm_pwd_fail_txt' then
htp.p('Confirmation for new passord is not '||
'the same as the New Passowrd');
elsif p_error_code = 'null_new_pwd_err' then
htp.p('New password cannot be null');
elsif p_error_code = 'null_old_pwd_err' then
htp.p('Old password cannot be null');
else
htp.p ('Error: ' || p_error_code );
end if;
htp.fontClose;
end if;
end;
* Grant this procedure to PUBLIC
* Update the portal30_sso.wwsso_ls_configuration_info_$:
UPDATE portal30_sso.wwsso_ls_configuration_info_$
SET LOGIN URL = '<YOUR CUSTOM LOGIN URL OR THE WORD UNUSED IF YOU DON'T HAVE ONE> http://<MACHINE_NAME>.<DOMAIN>/pls/portal30_sso/portal30_sso.<NAME OF PROCEDURE>';
* After you update the table, go to your account information link, and click on the change password link.
* Then copy the url that you see in your address line
* And if you want a change password link at the top of your portal page, just go to EDIT on your page, then edit the banner defaults. Then in the links add the Lable and the URL. The URL would be the URL you copied from the previous step.
Hope this helps.
I've customized the login page too if you would like some sample code for that. Let me know.
Martin

How to ignore the password policy in a custom workflow?

Hi,
We have a custom workflow which is called via SPML to provide 'Administrator Change Password' functionality in a portal.
Our password policy sets the String Quality rules and Number of Previous Passwords that Cannot be Reused. But we like to bypass the password policy when the password administrators (who have a admin role with a capability - 'Change Password Administrator'). At least, restriction ' Number of Previous Passwords that Cannot be Reused' need to be ignored (But password need to be added to the history... cannot disable adding passwords to history).
Please advice me how it could be achieved?
The workflow steps:
1. Checkout 'ChangeUserPassword' view for the user as an administrator
2. Set the new password in the view, set true to view.savePasswordHistory
3. Set password on the resources
4.Checkin the view
Thanks
Siva

Thanks eTech.
My main goal is to skip the password history check (new password can't be a last used 10 passwords) when admin change password workflow is launched. As you suggested , I created a special password policy exactly as our regular password policy excluding "Number of Previous Passwords that Cannot be Reused" setting.
Then before change the password of a user as admin, special policy is attached , password changed, and user's password policy is reverted back to regular one. The issue is, as the special policy does not enforce the password history check, the whole password history of the user is wiped out from the user object when the password is changed by admin change password workflow. We don't want this to happen.
Please guide me whether is anyway to achieve just ignoring the password history without any other impact on user.
Is adding passwords to user object's password history list is triggered by "Number of Previous Passwords that Cannot be Reused" setting of the password policy??
Thanks
Siva

Sychronisation AD - OID: Is it possible to read the user password from AD?

Hi.
We are using the Oracle Internet Directory shipped with the Oracle 9i Database Rel. 2 (9.2.0.1).
I try to synchronise the user accounts from AD to OID using JAVA JNDI. I'm able to read all necessary user information except the user password (MD5 value). Even if I connect to the AD using SSL, it's not possible to read the attribute userPassword.
Is anybody out there who got this work or knows a way (may also be by the use of another programming language or tool) to get the user password out of AD? Is this possible? How does the Oracle Integration Agents accomplish this?
Thanks in advance.
Hermann S.

Hermann,
I am working with this as well, though from AS10g, not RDBMS. According to the OID Administrator Guide chapter 43, page 43-52:
<snip>
Synchronizing passwords from Microsoft Active Directory to Oracle Internet Directory is not possible in the Oracle Application Server 10g release because passwords in Microsoft Active Directory are not accessible by LDAP clients. However, if a deployment requires passwords to be available in Oracle Internet Directory, then the following two methods are recommended:
Build a custom plug-in for Microsoft Active Directory that captures a password change and synchronizes it with Oracle Internet Directory
Manage Active Directory passwords from the Oracle environment. This enables passwords to be available in both Oracle Internet Directory and Microsoft Active Directory because the Active Directory connector can synchronize passwords from Oracle Internet Directory to Microsoft Active Directory.
</snip>
As10g can however look up the password in AD using the "Active Directory External Authentication Plug-In". This is documented in the same chapter.
Hope this helps,
Jens

Capturing the Message on the Login Page (Invalid user/password expired etc.

Hi, I have a requirment for capturing the error message on the Login page if the User's Account is expired or Account is Disabled or Invalid credentials, Password Lockout etc.
I am using the attached login page. Can any one please help me out on this.
<html><head><title>AARPLogin Page</title>
<script type="text/javascript" language="JavaScript" xml:space="preserve">
// This function automatically gets called for broswer detection
var isNav4 = false;
var isIE4 = false;
var isNS6 = false;
function obDetectBrowser()
if ( navigator.appVersion.charAt( 0 ) == "4" )
if ( navigator.appName == "Netscape" )
isNav4 = true;
} else {
isIE4 = true;
else
if ( navigator.appVersion.charAt( 0 ) >= 5 )
if ( navigator.appName == "Netscape" )
isNS6 = true;
obDetectBrowser ();
var HOSTNAME =
var COOKIE_OBREQUESTEDURL = "OBREQUESTEDURL";
var COOKIE_OBFORMLOGINCOOKIE = "ObFormLoginCookie";
var NCID_LANDING_PAGE_URL = "/landing/";
var QS_REDIR = "ReDir";
var keyChooser;
function checkPasswordEnterKey( event )
var form = document.forms[0];
if (isNav4 || isNS6) {
keyChooser = event.which ;
} else if (isIE4) {
keyChooser = window.event.keyCode;
if (keyChooser == 13) {
if (
form.userid.value
&& form.userid.value != ""
&& form.password
&& form.password.value != ""
form.submit();
return true;
else
alert('Please enter a UserId and Password');
return false;
function showHidePanel( panelID, displayValue )
var panelElement = document.getElementById( panelID );
if ( displayValue == 'show' )
panelElement.style.display = 'block';
else
panelElement.style.display = 'none';
function getQueryVariable( variable )
var query = window.location.search.substring( 1 );
var vars = query.split( "&" );
for ( var i=0; i < vars.length; i++)
var pair = vars[ i ].split( "=" );
if ( pair[ 0 ] == variable )
return unescape( pair[ 1 ] );
return "";
function Get_Cookie( name )
var nameEQ = name + "=";
var ca = document.cookie.split( ';' );
for( var i=0; i < ca.length; i++ )
var c = ca[ i ];
while ( c.charAt( 0 )==' ' )
c = c.substring( 1, c.length );
if ( c.indexOf( nameEQ ) == 0 )
return c.substring( nameEQ.length, c.length );
return null;
function Set_Cookie( name, value, expires, path, domain, secure)
document.cookie = name + "=" + escape( value ) +
( ( expires ) ? ";expires=" + expires.toGMTString() : "" ) +
( ( path ) ? ";path=" + path : "" ) +
( ( domain ) ? ";domain=" + domain : "" ) +
( ( secure ) ? ";secure" : "" );
function Delete_Cookie( name, path, domain )
if ( Get_Cookie( name ) )
document.cookie = name + "=" +
( (path) ? ";path=" + path : "" ) +
( (domain) ? ";domain=" + domain : "" ) +
";expires=Thu, 01-Jan-1970 00:00:01 GMT";
function lostPassword()
var CurrentLogin = document.forms[0].userid.value;
if ( CurrentLogin == "" ) {
alert ( "Please enter your eMail Address." );
document.forms[0].userid.focus();
else {
Set_Cookie( COOKIE_OBFORMLOGINCOOKIE, "done", 0, "/" );
var LOST_PWD_PAGE = "/identity/oblix/apps/lost_pwd_mgmt/bin/lost_pwd_mgmt.cgi?program=passwordChallengeResponse&login="+CurrentLogin+"&backUrl=http://oradev2.na.aarp.int/login/login.html&target=top";
window.location = LOST_PWD_PAGE;
function emailPassword()
document.passform.submit();
function onLoad()
if (getQueryVariable( "MSG" ) == 'LOGIN_FAILED' )
alert ("Login Failed, Please try again");
else if (getQueryVariable( "MSG" ) == 'PWD_EXP' )
alert ("Your Password Is About to Expire. Please Change it at your earliest convenience.");
var pwdExpUID = getQueryVariable( "login" );
var hostTarget = getQueryVariable( "hostTarget" );
var resURL = getQueryVariable( "resURL" );
var PWD_EXP_PAGE = "/identity/oblix/apps/lost_pwd_mgmt/bin/lost_pwd_mgmt.cgi?program=redirectforchangepwd&login="+pwdExpUID+"&backURL="+hostTarget+resURL+"&target=top";
window.location = PWD_EXP_PAGE;
else if (getQueryVariable( "MSG" ) == 'CHGPWD' )
alert ("You are required to change your password.");
var chgPwdUID = getQueryVariable( "login" );
var hostTarget = getQueryVariable( "hostTarget" );
var resURL = getQueryVariable( "resURL" );
var CHG_PWD_PAGE = "http://"+HOSTNAME+"/identity/oblix/apps/lost_pwd_mgmt/bin/lost_pwd_mgmt.cgi?program=redirectforchangepwd&login="+chgPwdUID+"&backURL="+hostTarget+resURL+"&target=top";
window.location = CHG_PWD_PAGE;
</script></head><body onload="onLoad();document.login.userid.focus();" alink="blue" bgcolor="#ffffff" link="blue" vlink="blue">
<p align="center">
<img alt="AARP Header Logo" src="login_files/aarpLogo.gif" border="0" height="91" width="219">
<br>
</p><form name="login" method="post" action="/access/oblix/apps/webgate/bin/webgate.so">
<div class="boldText" align="center">
<h2>Login</h2>
<div class="boldText" align="left">
<div id="LoginFailed" style="display: none;">
<table align="center" bgcolor="#ff0000" border="0" cellpadding="2" cellspacing="0" width="500">
<tbody><tr>
<td>
<table bgcolor="#e5e5e5" border="0" cellpadding="5" cellspacing="0" width="100%">
<tbody><tr bgcolor="#ffffff">
<td rowspan="3" height="40" nowrap="nowrap" valign="top">
<img src="login_files/error.gif" name="error" height="20" width="20">
</td>
<td rowspan="3" align="center">
<p>
<font color="#ff0000" size="-1">
<b>
<div id="TryAgain" style="display: none;">Login Failed! Invalid UserID and/or Password, Please try again.<br></div>
<div id="AccountLocked" style="display: none;">Your Account has been Locked!</div>
</b>
</font>
</p>
<p>
<font color="#ff0000">
<b>For
assistance call E-Services Help Line at (XXX) XXX-XXXX Monday through
Friday between the hours of 8:00 am and 5:00 pm eastern standard time.</b>
</font>
</p>
</td>
</tr>
<tr bgcolor="#ffffff">
</tr><tr bgcolor="#e5e5e5">
</tr></tbody></table>
</td>
</tr>
</tbody></table>
</div>
<br>
</div>
<table border="0" cellpadding="0" cellspacing="0" width="500">
<tbody><tr>
<td background="login_files/border_upper_left.gif" height="20" nowrap="nowrap" width="20"> </td>
<td background="login_files/border_top.gif" height="20" nowrap="nowrap"> </td>
<td background="login_files/border_upper_right.gif" height="20" nowrap="nowrap" width="20"> </td>
</tr>
<tr>
<td background="login_files/border_left.gif" nowrap="nowrap" width="20"> </td>
<td>
<table bgcolor="#ebebce" border="0" cellpadding="2" cellspacing="0" height="100%" width="100%">
<tbody><tr>
<td colspan="3" align="center">
<font color="darkred" face="Arial" size="3">
<b>
</b></font>
<b> </b></td>
</tr>
<tr valign="bottom">
<td colspan="3" width="100%">
<table bgcolor="#ebebce" border="0" cellpadding="5" cellspacing="0" width="100%">
<tbody><tr bgcolor="#e5e5e5">
<td rowspan="2" bgcolor="#ebebce" height="20" nowrap="nowrap" valign="top" width="4%">
<font color="#000000">
<span class="text">
<img src="login_files/arrow.gif" align="top" height="20" width="20">
</span>
</font>
<font color="#000000"> </font>
</td>
<td rowspan="2" bgcolor="#ebebce" width="96%">
<font color="#000000" size="-1">
<span class="text">Please enter your Email and Password. If you are a new user to AARP, please select First Time AARP User.
</span>
</font>
</td>
</tr>
<tr bgcolor="#e5e5e5">
</tr></tbody></table>
</td>
</tr>
<tr valign="bottom">
<td colspan="3">
<table align="center" border="0" width="349">
<tbody><tr>
<td nowrap="nowrap" width="74">
<font color="#000000" size="-1">
<div align="left">eMail:</div>
</font>
</td>
<td width="265">
<input name="userid" value="" size="32" maxlength="32" tabindex="2" type="text">
</td>
</tr>
<tr>
<td>
<font color="#000000" size="-1">
<div align="left">Password:</div>
</font>
</td>
<td>
<p>
<font color="#000000" size="-1">
<input name="password" size="32" maxlength="32" length="30" tabindex="3" type="password">
</font>
</p>
</td>
</tr>
</tbody></table>
</td>
</tr>
<tr>
<td>
<font color="#000000" size="-1">
<p align="center"><b>Forgot Your Password?</b></p>
</font>
</td></tr>
<tr>
<td align="center"> <font color="#000000" size="-1">
Email New Password
</font>
</td></tr>
<tr>
<td colspan="4">
<div class="boldText" align="center">
<br>
<input src="login_files/button_login.gif" name="Submit" value="" alt="login" type="image">
 <b class="boldText"><img src="login_files/button_clear.gif" name="img_clear" alt="clear" border="0" height="25" width="68"></b>
<b class="boldText"><img src="login_files/button_help.gif" name="img_help" alt="help" border="0" height="25" width="68"></b>
<b class="boldText"><img src="login_files/button_cancel.gif" name="img_cancel" alt="cancel" border="0" height="25" width="68"></b>
</div>
</td>
</tr>
</tbody></table>
</td>
<td background="login_files/border_right.gif" nowrap="nowrap" width="20"> </td>
</tr>
<tr>
<td background="login_files/border_lower_left.gif" height="20" nowrap="nowrap" width="20"> </td>
<td background="login_files/border_bottom.gif" height="20" nowrap="nowrap"> </td>
<td background="login_files/border_lower_right.gif" height="20" nowrap="nowrap" width="20"> </td>
</tr>
</tbody></table>
<p></p>
<span class="text"><br><br><b>NOTICE:
This system is the property of AARP and is for authorized use only.
Unauthorized access is a violation of federal and state law. All
software, data transactions, and electronic communications are subject
to monitoring.</b></span>
<div id="hr" style="position: absolute; width: 100%; height: 10px; z-index: 90; top: 657px; left: 10px;">
<hr>
</div>
<div id="footer" style="position: absolute; width: 700px; height: 55px; z-index: 115; top: 678px; left: 50px;">
<span class="subhead">
Privacy Policy
Disclaimer
Contact Us
</span>
<span class="bodytext">
</span></div>
<form name="passform" action="http://oradev2.na.aarp.int/wampassword/passwordReset.html" method="post">
<input name="login" value="" type="hidden">
<input name="backUrl" value="http://oradev2.na.aarp.int/login/login.html" type="hidden">
</form>
<script type="text/javascript" language="JavaScript" xml:space="preserve">
var undefined;
if (
document.login
&& document.login.password
function clearForm()
document.login.reset();
function navigate( linkName )
if ( 'login' == linkName )
if ( document.accountLogin.userID.value != '' && document.login.password.value != '' )
alert('Please click the Account Registration Setup link for now');
//document.location = 'userDataPersonal.htm';
else
alert('Please enter a UserId and Password');
function openHelp()
helpDoc = window.open( "http://www.aarp.org", "", "scrollbars=yes,resizable=yes,width=500,height=300" );
function cancel()
// open dialog
var initX = parseInt( window.screenX ) + parseInt( window.outerWidth ) / 2 - 100;
var initY = parseInt( window.screenY ) + parseInt( window.outerHeight ) / 2 - 50;
cancelDialog = window.open( "./cancelDialog.html", " cancelDialog", "resizable=yes,toolbar=no,menubar=no,width=200,height=150,screenX=" + initX +",screenY=" + initY );
</script>
</div></form></body>
<script type="text/javascript">
</script></html>

Is it not possible that someone fired the password expiration cmd ?
SQL> select limit
2 from   dba_profiles
3 where profile='DEFAULT'
4 and resource_name='PASSWORD_LIFE_TIME';
LIMIT
UNLIMITED
SQL> select profile from dba_users where username='MYUSER';
PROFILE
DEFAULT
SQL> conn myuser/myuser
Connected.
SQL> conn / as sysdba
Connected.
SQL> alter user myuser password expire;
User altered.
SQL> conn myuser/myuser
ERROR:
ORA-28001: the password has expired
Changing password for myuser
New password:
Password unchanged
Warning: You are no longer connected to ORACLE.
SQL> conn / as sysdba
Connected.
SQL> select name, astatus, TO_CHAR(ctime,'DD-MM-YYYY HH:MI') CTIME, TO_CHAR(ptime,'DD-MM-YYYY HH:MI') PTIME, TO_CHAR(EXPTIME,'DD-MM-YYYY HH:MI') EXPIRE
2 from sys.user$ where name ='MYUSER';
NAME
   ASTATUS CTIME
PTIME
EXPIRE
MYUSER
         1 23-11-2011 11:15
23-11-2011 11:15
23-11-2011 11:17
SQL>Nicolas.

AFTER ALTER ON DATABASE gives the old password value in Oracle

I am writing a trigger to fetch the 'password' value when 'sys.users$' table gets updated.
CREATE OR REPLACE
TRIGGER Sys_User_Nm_Trg AFTER ALTER ON DATABASE
WHEN (ora_dict_obj_type = 'USER')
DECLARE
CURSOR get_pw IS
SELECT password
FROM sys.user$
WHERE name = ora_dict_obj_name;
user_pw_ VARCHAR2(100);
BEGIN
IF (ora_dict_obj_name != 'SYS' AND ora_dict_obj_name != 'SYSTEM') THEN
IF (ora_des_encrypted_password IS NOT NULL) THEN
OPEN get_pw;
FETCH get_pw INTO user_pw_;
CLOSE get_pw;
END IF;
END IF;
END;
But this cursor gives the old 'password' not the changed 'password' value. But if I run
SELECT password
FROM sys.user$
WHERE name = ora_dict_obj_name;
in a separate transaction it gives the correct changed value. Is there something that I should change in the trigger to fetch the updated value for the password?
Thanks in advance!
Edited by: 986412 on Feb 7, 2013 12:11 AM
Edited by: 986412 on Feb 7, 2013 3:17 AM

What is the purpose of the trigger ?

Disabled User Password should not be changed

Hi,
We have a requirement that only if the user's status is active, then only administartor must be able to change the user password. Admin should not be able to change the password if the user is in disabled state/locked state.How can we achieve this?please sugest...
Regards
Vinoth

Hi,
We have made an entity adapter which is taking usr login value from User[in Data object manager] and calling our java method which is making connection to OIM database and getting us the status of user.
Now if the status of user is disabled method is returning true and on true we have associated our error code to it.
We are executing our entity adapter in pre-update execution.
Now when we are changing password of any disabled user we are able to see our error code. But what ever update [either first name update, enable] we are running on that user same error code is appearing.
Plesae suggest/reply.
thanks

How to set database user password to never expire

Hello all,
I have a linux server with Oracle 11g installed which is used primarily for testing by a few developers and QA folks. I want to set the DB user password to never expire. I have run the following (which works on a windows machine) but the password still states that it will expire in 7 days. Is there something else I can do to 'force' the pw to infinity? I've tried stopping shutting down the DB, stopping / restarting listener...
ALTER PROFILE DEFAULT LIMIT PASSWORD_LIFE_TIME UNLIMITED;
select * from dba_profiles where profile = 'DEFAULT' and resource_name LIKE 'PASSWORD_LIFE_TIME';
"PROFILE"     "RESOURCE_NAME"     "RESOURCE_TYPE"     "LIMIT"
"DEFAULT"     "PASSWORD_LIFE_TIME"     "PASSWORD"     "UNLIMITED"
select profile from dba_users where username='TEST';
"PROFILE"
"DEFAULT"
select username, account_status, to_char(expiry_date, 'DD-MM-YYYY') EXP_DATE from dba_users where username = 'TEST';
"USERNAME"     "ACCOUNT_STATUS"     "EXP_DATE"
"TEST"     "OPEN"     ""
Help appreciated.

With 11g, Password_life_time in DEFAULT profile is set to 180days.
Default profile values in 11g.
SQL> SELECT * FROM dba_profiles WHERE profile = 'DEFAULT' AND resource_type = 'PASSWORD';
PROFILE                        RESOURCE_NAME                    RESOURCE
LIMIT
DEFAULT                        FAILED_LOGIN_ATTEMPTS            PASSWORD
10
DEFAULT                        PASSWORD_LIFE_TIME               PASSWORD
180
DEFAULT                        PASSWORD_REUSE_TIME              PASSWORD
UNLIMITED
PROFILE                        RESOURCE_NAME                    RESOURCE
LIMIT
DEFAULT                        PASSWORD_REUSE_MAX               PASSWORD
UNLIMITED
DEFAULT                        PASSWORD_VERIFY_FUNCTION         PASSWORD
NULL
DEFAULT                        PASSWORD_LOCK_TIME               PASSWORD
1
PROFILE                        RESOURCE_NAME                    RESOURCE
LIMIT
DEFAULT                        PASSWORD_GRACE_TIME              PASSWORD
7
7 rows selected.Change the password_grace_time to unlimited.
HTH
-Anantha

Ignore user-password value under CAR 4.0

Similar Messages

Maybe you are looking for