Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Password expiration

Status
Not open for further replies.
theniteowl

theniteowl

Programmer
May 24, 2005
1,975
US
We have an application running on our server that connects to our Oracle 12c database.
I found today that the account the application uses to connect to the database was locked. When I looked up the account I believe it had the word TIMED on it relating to the expiration settings?
I am new to working on this so and lost my screen shot to show what it is I had found.

I unlocked the account but believe it should be set to non expiring.
We have four servers we are preparing to put into production replacing our old servers. All servers should be configured the same and only one had the account locked, which happens to be the new production server. The lower environments did not have an issue though that may be because they have been in use as we are doing our testing prior to switching to the new system.

What steps do I need to take to determine what the expiration setting is for the accounts so that I can compare between servers to see if non-expiring is what the other servers are set to for this ID?

I have been reading up but it seems every piece leads to another puzzle piece to research which leads to another, etc. If I were more familiar with how the system works it would not be so bad but everything refers to something else I have to look up until it becomes information overload while trying to make one quick fix.
We rarely have anything to do with the database directly except for setting it up initially.

Thanks.
Trent

At my age I still learn something new every day, but I forget two others.
 
Sort by date Sort by votes
The password expiration is managed by profiles.
A new database comes with a profile named DEFAULT, which is assigned to all users. In this profile the password life time is set.
The quick fix is to change the DEFAULT profile (note that this will affect all database users that have this profile assigned), the more secure way is to create a new profile and assign it to your application user. Most databases I've seen use the quick fix, because this mimics the behavior of prior versions.

To compare your servers I'd start by finding out what profile is assigned to your user and then have a look at the profile (with a privileged account):

Code: 
SELECT profile FROM dba_users WHERE username = 'YOURUSER';
SELECT * FROM dba_profiles WHERE profile = 'RESULT_FROM_FIRST_QUERY';

This is the quick fix:
Code: 
ALTER PROFILE default LIMIT password_life_time UNLIMITED;
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rk68
  • Locked
  • Question
storing encrypted password in a field
Replies
3
Views
64
Beilstwh
Beilstwh
Sambo8
  • Locked
  • Question
[B] Password Verfication help [/b]
Replies
3
Views
56
Beilstwh
Beilstwh
love247
  • Locked
  • Question
add username and password after installation
Replies
8
Views
77
sem
sem
oaklanders
  • Locked
  • Question
Forgot user password 1
Replies
2
Views
43
oaklanders
oaklanders
JohnBates
  • Locked
  • Question
DBMS Job Fails With "Invalid Password" error 1
Replies
1
Views
30
LKBrwnDBA
LKBrwnDBA

Part and Inventory Search

Sponsor

Back
Top