Setting Password Policy in Oracle 10g
Hi,
Could you guide me please? Up to date there has not been a Policy for passwords in our 10g Database which means the user can set anything for their password. We however now require to implement a Password Policy and would appreciate some guidance in doing this.
We don't use Enterprise Manager,we have chosen not to configure it on our system.
These are the steps I propose to take to set the password policy:
1. Edit $ORACLE_HOME/rdbms/admin/utlpwdmg.sql to change default profile values to desired values.
2. as SYS run utlpwdmg.sql
Is this correct? Is there anything else I should do?
thank you.
user8869798 wrote:
Hi,
I had a look at dba_profiles:
DEFAULT PASSWORD_VERIFY_FUNCTION PASSWORD NULL
This suggests that the default profile is not using the function. It doesn't "suggest" it. That's exactly what it means. The default profile is not using a password verify function.
In the light of this, is it safe then to edit the function and the default profile will be unaffected? The profile cannot be affected by a change to a function that it does not reference.
I don't want to change the default profile. I plan to create another profile that will make use of the function and then apply it for the users
thanksthen proceed to do so. Why would you not want the function to be 'default' -- referenced by the default profile?
BTW, you can name that function anything you want. When you assign a password complexity function to a profile, you assign it by the name of the function. So you are not limited to the name used by the 'out of the box' script provided by oracle. You might want to name your own function something like MYCORP_PSWD_POLICY. And of course the name of the sql file where you keep the code can also be named anything you like, so you might want to name it accordingly. Just so you have a clear seperateion between your company's stuff and that provided by Oracle.
Similar Messages
-
How to set password policy for apps users
Hi All,
Can anyone please help me.
I am working on apps 11i.
How to set password policy for users
ThanksCheck Note: 189367.1 - Best Practices for Securing the E-Business Suite
https://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=189367.1 -
Unable to set Password Policy controls
When I call oracle.ldap.util.User.autheticateUser() I receive the exception "Unable to set Password Policy controls". What is the cause of this error? I was not able to find anything useful through google searches.
I am running everything inside ServiceMix. Furthermore, I am able to create a context and retrieve properties through oracle.ldap.util.User.getProperties().
Here is the stack trace:
my.company.Exception.AuthenticationException: Unable to set Password Policy controls
at my.company.OracleLdap.authenticateClient(OracleLdap.java:171)
at service.AuthenticationInInterceptor.isAuthenticated(AuthenticationInInterceptor.java:55)
at service.AuthenticationInInterceptor.handleMessage(AuthenticationInInterceptor.java:32)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:111)
at org.apache.cxf.transport.http_osgi.OsgiDestination.doMessage(OsgiDestination.java:80)
at org.apache.cxf.transport.http_osgi.OsgiServletController.invokeDestination(OsgiServletController.java:321)
at org.apache.cxf.transport.http_osgi.OsgiServletController.invoke(OsgiServletController.java:107)
at org.apache.cxf.transport.http_osgi.OsgiServlet.invoke(OsgiServlet.java:53)
at org.apache.cxf.transport.http_osgi.SpringOsgiServlet.invoke(SpringOsgiServlet.java:48)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:179)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:103)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:713)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:159)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:401)
at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.handle(HttpServiceServletHandler.java:64)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.handle(HttpServiceContext.java:111)
at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:68)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:945)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:756)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:410)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
Caused by: oracle.ldap.util.UtilException: Unable to set Password Policy controls
at oracle.ldap.util.User.authenticateUser(User.java:1243)
at my.company.OracleLdap.authenticateClient(OracleLdap.java:158)
... 29 more
Edited by: user1094798 on Feb 22, 2011 12:53 PM
Edited by: user1094798 on Feb 22, 2011 12:55 PM
Edited by: user1094798 on Feb 22, 2011 1:17 PMI fixed it by changing the way my InitialDirContext is created.
Previously I was using:
InitialDirContext ctx = oracle.ldap.util.jndi.ConnectionUtil.getDefaultDirCtx(hostname, portNum, adminName, adminPass);
Now I'm using:
Hashtable env = new HashTable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://" + hostname + ":" + portNum);
env.put(Context.SECURITY_PRINCIPAL, adminName);
env.put(Context.SECURITY_CREDENTIALS, adminPass);
InitialDirContext ctx = new InitialDirContext(env);
Edited by: user1094798 on Feb 23, 2011 8:29 AM -
Password problem in oracle 10g after upgrading from oracle 9i
Hi to all,
i'm migrating oracle 9i to oracle 10g. in oracle 9i username/password are same character(eg kareem/kareem)
after upgrading to oracle 10g will it create any problem. Because in oracle 10g the condition is when creating user is username and password should not contain same character (kareem/kareem not allowed).
Thanks in advancein oracle 10g document, they have mention below condition to create user. See the second condition.
• Passwords must be between 4 and 30 characters long.
• Passwords cannot be the same as the user name.
• Passwords must be from the database character set and can include the underscore (_), dollar ($), and pound sign (#) characters.
• Passwords cannot be Oracle reserved words.
• Don't start the password with a numeral.
• Don's use change_on_install or manager as passwords, since they are used by Oracle.
As i'm going to upgrade oracle 9i to 10g. if it give problem because username and password are same then i have to request my development team to change the password in their application.Can you please verify and tell me.
Edited by: user7071421 on Sep 25, 2008 4:33 AM -
Set Password Policy For System Administrator Account in UCCE Servers
Hi All,
We want to setup a password policy ( expires in 30 days) for the local administrator account in all our UCCE servers.
We found that the all the UCCE services are running in local system account except logger and distributor( these services are running in domain user account).
Is it a supported configuration ? Are there any impacts with this setting ?
Thanks a lot in advance!
Thanks and Regards,
ThammayaHi,
what is the UCCE (~ ICM) version? Is there OS hardening applied?
By the way, yes, if you mean the local "administrator" account, you can do whatever you want to do with it, provided you don't lock yourself out - this should not happen, naturally, having all ICM servers in the domain and you can always use the domain admin (or a user belonging to the domain admins group).
By the way, I don't really see the meaning of having a local administrator account being enabled. :-)
G. -
PCTFREE setting for index in Oracle 10g R2
Is PCTFREE parameter obsolete in oracle 10g R2? I don't see any reference to this paramerer in oracle documentation:
http://download.oracle.com/docs/cd/B19306_01/server.102/b14231.pdf
But 10g R 1 does mention about this setting.
http://support.cs.nott.ac.uk/help/docs/databases/oracle/standard/server.101/b10739.pdf
We are still using Dictionary Managed tablespaces on 10.2.0.3. Can we ignore this parameter on 10g R2 ?
Thank YouPCTFREE is still relevent even in ASSM. (that you are using DMT means that you are not using ASSM, but LMT could be MSSM !)
I couldn't find PCTFREE in the Administrator's Guide but it is still very much present in the SQL Reference
http://download.oracle.com/docs/cd/B19306_01/server.102/b14200/clauses007.htm#g1058547
and a couple of references in the Performance Tuning Guide. -
Setting of ICONS in Oracle 10G Application Server
Hi...
I'm facing a problem of Icons which are not displayed at run time.
I'm using Oracle 10G Application Server.
plz tell what setting should i do.
its urgent.
Thanks & Regards
Sanjeev Kumar1 did u put the icon file in the forms folder in IAS?
2 Are you able to access the icon if u directly enter the icon value ?
http://www.Alexyscorp.com/myicon.gif
if its not port 80 enter the port
3 In the httpd.conf file whats the root directory ? Try putting the icon there
Best Regards
Rajesh Alex
Message was edited by: Rajesh Alex
Alex(AlexysCorp) -
Optimizer_mode set to CHOOSE in Oracle 10G
I a bit confused about the new settings for the parameter "optimizer_mode" on 10G. If the parameter is set to CHOOSE on a 10G database, what value is the database actually using since CHOOSE is no longer a valid choice for this parameter (ALL_ROWS or FIRST_ROWS) ?
Thanks
Johndatabase actually using since CHOOSE is no longer a
valid choice for this parameter (ALL_ROWS or
FIRST_ROWS) ?It is completely valid choice. It is deprecated yes and should not be used but see as follows:
Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Production
With the Partitioning, OLAP and Data Mining options
SQL> alter system set optimizer_mode = choose scope=both;
System altered.
SQL> select user from dual;
USER
GINTS
SQL> create table bzzz as select * from dba_source;
Table created.
SQL> alter session set optimizer_dynamic_sampling = 0;
Session altered.
SQL> set autot on
SQL> select count(*) from bzzz;
COUNT(*)
280779
Execution Plan
Plan hash value: 2985757553
| Id | Operation | Name |
| 0 | SELECT STATEMENT | |
| 1 | SORT AGGREGATE | |
| 2 | TABLE ACCESS FULL| BZZZ |
Note
- rule based optimizer used (consider using cbo)Gints Plivna
http://www.gplivna.eu -
Configuring password file in oracle 10g
Hi
Can anyone here guide me to the steps to be followed in configuring password file.
I am learning cloning using RMAN. For that purpose I need to configure password file at first.
I created the password file using orapwd utility.
and then made the required changes in tnsnames.ora and listener.ora files. Reloaded listener.
Set SQLNET.AUTHENTICATION_SERVICES = (NONE) in the sqlnet.ora file
Made the changes required in the initialization parameter file for the duplicate database instance.
Next, export ORACLE_SID= <DUPLICATE DATABASE NAME>
CREATE SPFILE FROM PFILE
STARTUP FORCE NOMOUNT;
rman TARGET sys/password@target-tnsname AUXILIARY sys/password@duplicate-tnsname
At this stage, I get the below error.
RMAN-00554 initialization of internal recovery manager package failed
RMAN- 04006 error from auxiliary database: ORA- 01031 : Insufficient privilegesuserark160 wrote:
rman TARGET sys/password@target-tnsname AUXILIARY sys/password@duplicate-tnsname
At this stage, I get the below error.
RMAN-00554 initialization of internal recovery manager package failed
RMAN- 04006 error from auxiliary database: ORA- 01031 : Insufficient privileges
Are the Auxiliary and Target databases on the same machine?
Can you also check the parameter Local_Listener for Auxiliary Database?
Regards,
Z.K. -
Set password policy using iPlanet SDK
I know there'a a few such post lying around and iPlanet has a few documentations, but I still can't find what I need.
Specifically, I need to use the SDK for Java to do:
1. setting of password expiration (on/off)
2. setting of expiration warning (on/off)
3. password syntax checking (on/off)
4. password length (set to desired length)
5. password min age (set to desired duration)
6. password history (enabled/disabled)
7. password storage scheme (set to SHA/SHA/cleartext)
The iDS deployment documentation gives a good explanation on all these, but I can't find any codes/examples on how to do them using the SDK at all.
Does anyone knows where I can find such examples?
Thanks.Sorry, please ignore this post. I've found what I need.
-
Set environment variable in oracle 10g application server control rel3
hi all,
i am trying to connect to emc centera through 10g rel3 , here i am getting error .
error name is:
com.filepool.fplibrary.FPLibraryException: Error loading FPLibrary or one of its dependencies
at com.filepool.fplibrary.FPPool.<init>(Unknown Source)
if any body knows please help me.
Thanks and regards
PravinHello,
Take a look to http://buttso.blogspot.com/2006/08/accessing-environment-variables-from.html
Regards
Tugdual Grall -
How set the oracle 10g path in xp environment variables
am new to java.
am practicing the jdbc, but while running the program it compied, but it does not execute the program.
it says
package oracle.jdbc.driver does not exist
DriverManager.getregister(new oracle.jdbc.driver.OracleDriver());
then how to set the path of oracle 10g in xp environment variables.
plz send any body the answer.
its urgent.tster wrote:
sunnyyld wrote:
then how to set the path of oracle 10g in xp environment variables.right click on my computer -> properties -> advanced -> environment variables.
Not that it would work, as the kid doesn't seem to understand what exactly it's doing wrong.
Had it worked through some basic tutorials it would have understood so I'm not going to tell it, just tell it to work through some basic tutorials. -
Oracle 10g, Host/OS Credentials ?
Hello,
After installed oracle 10g, it shows the installtion is sucessful. But when I clicked the "exit" button, I was directed to the page of Enterprise Manager 10g. And it prompts me input user name and password for Host/OS Credentials and the database credentials.
I tried to input my account user name and password for the pc I'm using, but it shows user name and password are not correct.Can anyone tell what is Host/OS Credentials?
Thanks for your reply,
EmilyHello,
Thanks so much for your rely.
1. Go to control panel/administrative tools
a. click on "local security policy"
b. click on "local policies"
c. click on "user rights assignments"
d. double click on "log on as a batch job"
e. click on "add" and add the user that was entered in the "normal username" or "privileged username" section of the EM Console.
2. Go to the Preferences link in the EM GUI
a. click on Preferred Credentials (link on the left menu)
b. under "Target Type: Host" click on "set credentials"
c. enter the OS user who has logon as a batch job privilege into the "normal username" and "normal password" fields
3. Test the connection
a. while in the Set Credentials window, click on "Test"
got some questions for above steps.
1. When I reached the step d(log on as a batch job) of "Go to control panel/administrative tools", I find the user name I'm currently using is in the list. So I don't need add another one?
2. In steps of Go to the Preferences link in the EM GUI
a. click on Preferred Credentials (link on the left menu)
I didn't find the Preferred Credentials on the left?
There is something like: "The database status is currently unavailable. It is possible that the database is in mount or nomount state. Click 'Startup' to obtain the current status and open the database. If the database cannot be opened, click 'Perform Recovery' to perform an appropriate recovery operation."
Then I clicked "Startup", it prompts me to input
1. Host Credentials
Specify the OS user name and password to login to target database machine.
2. Database Credentials
Specify the credentials for the target database.
For Host Credentials: I input the user name and password I'm using for logging to the pc I'm using
For Database Credentials: I input sysdba and ora123 (I set the password while installing oracle 10g).
The currently result is :
SQLException
Listener refused the connection with the following error: ORA-12500, TNS:listener failed to start a dedicated server process The Connection descriptor used by the client was: (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=mypcname)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=orcl)))
Startup/Shutdown:Confirmation
Current Status open
Operation shutdown immediate
Are you sure you want to perform this operation?
what i shoud do for this?
Thanks for your help!!
Emily -
Any option to set 'Password minimum age' for EBS user
Hi,
Do we have any option in Oracle apps to set the password minimum age? (eg. a password once reset successfully cannot be changed again within a 24 hour window)
Regards,
VijayHi;
Please check below and see its helpful:
Subject: Unable to Change Password when Password Policy Set to Min Age 1 and Next Logon Also Set . Doc ID: 752040.1
Re: Password policy in Oracle E-Business suite - Financials
http://oraclever.blogspot.com/2009/05/password-policies-in-oracle-e-business.html
Regard
Helios -
Password policy to be active at DB level
Dear All,
As per Audit requirement,we have to set password policy at Database level.
Present password policy:-
Parameter:-
1.Password verification NULL
2.Password Lifetime UNLIMITED
Is there any complication after setting password policy ?
Please suggest
Regards,
Mahesh PhegadeMahesh,
Is there any complication after setting password policy ?
No, thr are no complication . Only thing you need to do is change the password of those user ids regulary before the expiry date
Check below links
http://twit88.com/blog/2008/08/04/oracle-alter-password-policy/
http://articles.techrepublic.com.com/5100-10878_11-5784756.html
http://articles.techrepublic.com.com/5100-10878_11-5784756.html
http://download.oracle.com/docs/cd/B28359_01/network.111/b28531/users.htm
Hope it helps
Thanks
Sushil
Maybe you are looking for
-
Keynote and printing powerpoint presentations
With keynote, how do you print powerpoints with presenter notes and multiple slides per page..i tried and it's printing the slides, but I can't adjust my margins and the slides are printing about an inch per slide and it's unreadable
-
How to extract data from cluster table
Hi, experts, Here I want to extract change documents, which is from tables CDHDR(header) and CDPOS(line items). The problem is that CDPOS is a cluster table so that I can't create a view to develop a generic data source. I have search on the forum an
-
Help I've lost my system dvd's Please can anyone suggest where I can obtain replacements. ( Besides Apple, They say they have none) Thanks.
-
Aperture 3.2.1 upgrade - - ok for me
I upgraded to Aperture 3.2.1 from the most prior recent version. Works ok for me. No problems . . . yet. I use a 2 x 2.66GHz Dual-Core Xeon with 7GB of 667 MHz RAM
-
Hi can anyone tell me if there is AntiVirus software out there for my ipad, as all the ones I have looked at don't support it.