SYS password/Linux OS

hi,
I am new at oracle 10g on linux o/s
My problem is that without giving password i can connect to my database as sysdba. I want that only one password for sysdba ... i can ceate password file but when i create password file then also my problem is not solved as i can connect to database as sysdba without giving password .. i dont know what to do ....help me please ..any one

On any Oracle system this is why maintaining the security of the box is critically important: if someone gets access to the system (via an account in the dba group, or root or other administrative account), they can get into the database.
Lock the server down from a management perspective. This is the default behavior and it would be unwise to change it unless you're in the most robust Operations group I've ever heard of... in which case there'd be no reason to anyway. :) (see point above)
There was a bug I ran into using one of the filesystemio_options parameters on SLES 9 which effectively disabled the sysdba access altogether, but that isn't really a solution either... there may be options in the sqlnet.ora which you can use to restrict the sysdba authentication (I've never used it on non-Windows), but it really doesn't solve the root issue: secure the box, especially as the oracle user (or root) can simply modify this file anyway.
Geoff
EDIT and PS: remote users will require a username and password to access the database, the CONNECT / AS SYSDBA connection only works from the local box.
Message was edited by:
gfalk

Similar Messages

Changing a SYS Password Permanently.

Hi,
How could i change a sys password permanently?
Kindly post me the steps in changing the same.
Previously i have tried creating the Orapwd file as follows
Ive shuddown the DB and exported ORACLE_SID=poorna
created
orapwdfile=ORACLE_HOME/dbs/pwdpoorna.ora password=poorna
I was able to login as sys/poorna as sysdba and sys/sys as sysdba also.
I want to login as sys/poorna only.
also i have tried alter user sys identified by poorna (changes doesn't takes permanently)
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod
PL/SQL Release 10.2.0.1.0 - Production
CORE 10.2.0.1.0 Production
TNS for Linux: Version 10.2.0.1.0 - Production
NLSRTL Version 10.2.0.1.0 - Production
Thank You.

Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod
PL/SQL Release 10.2.0.1.0 - Production
CORE 10.2.0.1.0 Production
TNS for Linux: Version 10.2.0.1.0 - ProductionYour OS platform is Linux &
created
orapwdfile=ORACLE_HOME/dbs/pwdpoorna.ora password=poornayou created password file is in format of Windows. So this password file even if you create, it will be ignored as srp mentioned.
I was able to login as sys/poorna as sysdba and sys/sys as sysdba also.
I want to login as sys/poorna only.
also i have tried alter user sys identified by poorna (changes doesn't takes permanently) When you are the owner of the ORACLE that mean you have OS authentication, Actual authentication no need. Try with wrong password from client machine or any other machine with wrong password. :) then you will.

Lost sys password ...any way to recover

hi All
I lost the sys password ... is there any way to recover it ....
Thanks

Pay no attention to the ridiculous piece of advice you've just been given by someone else! Restoring a prior backup would be a monumentally moronic thing to do -apart from anything else, all you'd be doing is restoring the password you say you've forgotten!
You don't say what OS you're on, and that makes a bit of a difference, but ultimately not much so I'll just carry on... but as a tip for the future, always mention your OS because then people replying don't have to guess.
1. Members of the dba group (or the ORA_DBA group on Windows) are allowed to log on as a SYS without supplying a password at all. Connect / as sysdba means "get me on as sys, but I'm not telling you my password" -at which point Oracle checks who you're logged on to at the OS level, and then checks the group memberships of the dba (Linux/Unix) or ORA_DBA groups (Windows). If you're a member you're in... and then you can issue a command such as 'alter user sys identified by newpwd'.
You can only really do this technique, however, when you're connecting on the box which runs Oracle itself. If you don't have access to the server, it's not going to work. You also need to configure those OS groups with the appropriate tools. If you don't know how to do that, you're in trouble.
2. If you're using a password file to authenticate as SYS, then you can simply delete the existing password file and replace it with a new one... and you get to specify the new password for SYS at the time you create the new file. The utility provided by Oracle for this purpose is "orapwd" and the command on Windows, for example, would look like:
orapwd file=c:\oracle\10g\databases\pwdSID.ora password=newpwd entries=20
The file has to live in the ORACLE_HOME\database or ORACLE_HOME/dbs directory; it has to be called whatever is appropriate for your operating system (now you see why it helps to know your OS!) and the figure for "entries" represents how many people you might want to grant the SYSDBA privilege to in the future, so make it higher than you think you need right now.
On Linux, the required name for the password file is of the form orapwSID, where SID is the name of your instance/database. On Windows, it's as I showed you above: pwdSID.ora.
Once you have a new password file in place, you can log in as 'sys\newpword@somedb as sysdba' and again issue an 'alter user sys identified by yetanothernewpword' command: that will update the password file as well as changing things inside the database itself and you'll log on with that password thereafter.

How to find out system/sys password

unable to login for system user someone changed the password is there any other way to find out system's/sys password and which user has modified the password

Try to connect
conn / as sysdbaor use orapwd utility to change sys password
If you want to know all activity of user sys, you should AUDIT it
Refer to this article for more information
http://justoracle.blogspot.com/2007/02/auditing-sys-users.html
Kamran Agayev A. (10g OCP)
http://kamranagayev.wordpress.com
[Step by Step install Oracle on Linux and Automate the installation using Shell Script |http://kamranagayev.wordpress.com/2009/05/01/step-by-step-installing-oracle-database-10g-release-2-on-linux-centos-and-automate-the-installation-using-linux-shell-script/]

How do you change sys password?

I know this is basic but I just can't get it.
How do you change the sys password from
change_on_install ?
It seemed to expire or something, maybe my installation is messed up from shutting down linux without first shutting down oracle.
Please help me learn how to change my sys password.
Armand

You can change the sys password as any user that has DBA Privs from sqlplus.. eg log in as system/manager.
If you do not know the system password you can log into server manager and connect internal.
Either way the statement you are looking for is
alter user sys identified by password;
Rod

SYSTEM and SYS password 11g on Windows Vista

Hello
I am having trouble. I do not know my SYSTEM and SYS passwords. I am using oracle 11g on windows vista. I tried to change the passwords but that did not work. I tried this:
c:/>sqlplus "/ as sysdba"
c:/>show user
c:/>passw system
then I changed the password. When I tried to log in the password change did not take effect. Any help would be great!

Hi,
There is no default password for sys and system in 11g.
you cna use the below command to change the system or sys password
alter user SYSTEM identified by PASWORD
same for sys
nOTE: password are case sensitive.Regards,
Taj

HOW TO RESET SYS PASSWORD after rename of db

Thanks for taking my quesiton!
I renamed my database. Everything is working fine except I can not change sys password. If I try I get: ORA-28003 : password verified for the specified password failed.
I can change system's password. I can log on just fine as SYSI think my pwdsid.ora password file may be the problem.
Has anyone every had this happen?
Thanks, Kathie

Hello Kathie,
http://ora-28003.ora-code.com/
Have you set some specific password rules? Is the function VERIFY_FUNCTION available for all and is it valid?
Did you try to change the password for user sys with user sys?
Try it with some different user which have the rights for that... (for example sys) only for testing...
@Anantha:
You are right... but please have a look at here ( Fun with password verification):
http://radiofreetooting.blogspot.com/2006_04_01_archive.html
Regards
Stefan

Sys password ?

Dear all,
I have successfully changed the sys password but when I try to login
through sql developer or Enterprise manager I cannot. Oracle version is 8.1
But from prompt it works well.
$sqlplus sys/pass as sysdba
connected
sql>
Any idea why.
thanks in advance
SL

Dear all,
I have successfully changed the sys password but when
I try to login
through sql developer or Enterprise manager I cannot.
Oracle version is 8.1
But from prompt it works well.
$sqlplus sys/pass as sysdba
connected
sql>
Any idea why. You are using os authentication thats the reason you are able to connect through command prompt.
Do you have any connections settings in sql developer.
Wahst the error you are getting.
Eric righ?

Sys password problem "INSUFFICIENT PRIVELEGES"

hi,
This is with refernece to my earlier post, i can now login as a DBA thry OS authentication.
Re: sys password problem
but now i try to vreate a new password file and it successfully created using orapwd....
but when i try to login as a sys user thru oracle authentication i couldn't because i am getting an error
"INSUFFICIENT PRIVELEGES"
and another thing i would like to know do i have to shutdown the database or not for the same.

Please review the document link sent earlier
Setting REMOTE_LOGIN_ PASSWORDFILE
In addition to creating the password file, you must also set the initialization parameter REMOTE_LOGIN_PASSWORDFILE to the appropriate value. The values recognized are:
NONE: Setting this parameter to NONE causes Oracle Database to behave as if the password file does not exist. That is, no privileged connections are allowed over nonsecure connections.
EXCLUSIVE: (The default) An EXCLUSIVE password file can be used with only one instance of one database. Only an EXCLUSIVE file can be modified. Using an EXCLUSIVE password file enables you to add, modify, and delete users. It also enables you to change the SYS password with the ALTER USER command.
SHARED: A SHARED password file can be used by multiple databases running on the same server, or multiple instances of a Real Application Clusters (RAC) database. A SHARED password file cannot be modified. This means that you cannot add users to a SHARED password file. Any attempt to do so or to change the password of SYS or other users with the SYSDBA or SYSOPER privileges generates an error. All users needing SYSDBA or SYSOPER system privileges must be added to the password file when REMOTE_LOGIN_PASSWORDFILE is set to EXCLUSIVE. After all users are added, you can change REMOTE_LOGIN_PASSWORDFILE to SHARED, and then share the file.
This option is useful if you are administering multiple databases or a RAC database.
If REMOTE_LOGIN_PASSWORDFILE is set to EXCLUSIVE or SHARED and the password file is missing, this is equivalent to setting REMOTE_LOGIN_PASSWORDFILE to NONE.

Sys password problem

Hi,
I am trying to login as a sys user....
but icouldn't, i am getting an error ORA-01017...
but i have entered correct username and password....
still i am not able to login into the system........
now, should i create new password by deleting the old pasword file or there is another way also....
looking for ur reply....
SQL> conn sys/password@string as sysdba
ERROR:
ORA-01017: invalid username/password; logon denied

Hi,
I guess even if you connect with "nolog" still you will receieve the same error.
Please confirm these things,
1)Are you are running all teh commands on the server itself.
2)What is the value of the parameter SQLNET.AUTHENTICATION_SERVICES in the sqlnet.ora.This parameter value in the case of windows should be set to NTS.Check what's teh value?
3)Confirm that the user (o/s user) through which you have logged in the system,it is a part of ora_dba group in your system.
Confirm and let us know the outputs.
Aman....
PS:This error is reported couple of times.Try searching this forum for the same error also.

Changing 'SYS' password in 'Shared' mode ?

Oracle 9.2/AIx5.3
I have two Db DB1/DB2, both of these Db's are in 'Shared' remote login password mode. Now, I was under the impression that whilst in this mode, it was not possible to simply issue a command
alter user SYS Identified by <NEW PASSWORD>;
to change the password, if you did, it would result in an error message. Today I have tried, and it allowed me to change the 'SYS' password ? How is this the case. I’ve tried it on a 10g Db that’s also running in 'Shared' mode and got the following error message.
ERROR at line 1:
ORA-28046: Password change for SYS disallowed

Metalink 452959.1 states you cannot change or add users to the passwordfile when remote_login_passwordfile='SHARED' and you need to set this to 'EXCLUSIVE'. I had to look this up and I found it simply by searching for the error number.
Assuming you are not running 10.2.0.1 you could have easily looked up yourself.
Also as Oracle is always changing, differences between 9.2 and 10gR1 or R2 are best verified by looking in the release notes for that version, providing the quickest answer easily.
Sybrand Bakker
Senior Oracle DBA

Upgrade WebDB 2.2 to Portal Fails with Invalid Sys password

I am upgrading from WebDB 2.2.0.0.5 all the way to the latest 3.0.9xx. My database is 8172. I am at the point where you run the 306 upgrade script. It makes it through renaming all the webdb objects to UPG_<OLD_NAME> but then fails with an invalid sys password error when starting winstall. The sys password is not invalid and the script even tests that it is valid before even starting. So, I am not sure what the problem is. I have tried this about a dozen times different ways and still the same error:
Renaming the 2.2 tables to UPG_<OLD_NAME> and Dropping Objects
Renamed 66 2.2 table(s).
Dropped 15 2.2 sequence(s).
Dropped 164 PACKAGE(S)
Dropped 3 PROCEDURE(S)
Dropped 0 FUNCTION(S)
Dropped 55 VIEW(S)
PL/SQL procedure successfully completed.
/appl02/stage/upgrade22
INSTALLING WINSTALL WITH NEWSSO AND NO CONNECTSTRING
Error: Invalid SYS password
Install terminated.
Running setpass.sql
/appl02/stage/upgrade22/upgrade/22-30 /appl02/stage/upgrade22
old 1: alter user !schema_name identified by !schema_password
new 1: alter user webdb identified by webdb
User altered.
/appl02/stage/upgrade22
/appl02/stage/upgrade22/sso /appl02/stage/upgrade22
ERROR:
ORA-01017: invalid username/password; logon denied
Does anyone have ANY ideas????

We spend almost 6 months (on and off) to get a successful migration from webdb. After countless discussions with Oracle, because we though we where doing something wrong, Oracle advised us that forms do not migrate "well" and any migrated forms do not display as portals. We are not upgrading 300 components by hand. I do not know if this affects you like it did us but I thought you would like to know.
Paul

Sys password issue

We have oracle 10.2.0.1 running on Unix
WE didnt set the password of SYS user in oracle but now we would like to set
I use the command alter user sys identified by password
i got message user altered
Now i tried connection to sys/password@abc as sysdba
but no luck
So i created password file by
orapwd file=orapwdhmo password=password entries=2 force=y
file created but again unable to login
and at OS level
if I set
ORACLE_SID=INSTANCE_NAME
export ORACLE_SID
sqlplus / as sysdba
connected
I am able to
Please let me know how to set password for sys

Is this attempt where the db resides, or from a remote client:
sqlplus "sys/password@abc as sysdba"
On the other hand,
ORA-01031: Message 1031 not found; No message file for product=RDBMS,
facility=ORA
unavoidably means you cannot open error message catalog. Reasons are either:
- Incorrect ORACLE_HOME setting
- Incorrect PATH setting
- files have been removed
And this error message issue must first be solved before you pretend to change sys password.
Changing sys password is as follows:
1. Create a password file
2. Make sure your remote_login_password_file says exclusive
3. rebounce your instance
4. change sys password
5. verify your username is listed at the V$PWFILE_USERS dynamic view
7. change user password.
I suggest you to double check.
~ Madrid.

Changinf sys password in dataguard env

Hi,
Version:10gr2
Changing sys password is not reflected in standby site.
Alter sys identified by asdf';
At primary site orapw<SID> file got updated but stanby db password file is still old one. Does this means:
every time we change sys password at primary do we need to copy the password file to standby?
We have 50 db's in that 20 are dataguard env's. We have a script to change sys password's automatically every month. Its really a painfull job to go to all env's and copy the password file to all the standby locations.
When we create password file with orapwd even then we need to shift the password file to all stanby sites.
Please suggest me is there any way i can change my sys password with 'ALTER USER SYS' command and that chage picks the standby database.
Thanks,
Anil

you can create a unix script which does SCP password files to standby after you reset password.
this can be done from any machine.
--Girish

Reg SYS Password in Password file

Hi,
A Password file was created a long ago in PROD and Used for DR also.
Now no one knows the sys password used for creating the file.
Is there any method to get it back.
Any Method other than creating new file and updating in the DR site.
Thanks in Advance.
Krishna

Krishna VV wrote:
Hi,
A Password file was created a long ago in PROD and Used for DR also.
Now no one knows the sys password used for creating the file.
Is there any method to get it back.
Any Method other than creating new file and updating in the DR site.
Thanks in Advance.
Krishna,
No there is no method to get it back. You must recreate the password file to change the password.
HTH
Aman....

SYS password/Linux OS

Similar Messages

Maybe you are looking for