Make Oracle/Application user password
never expire
SQL> select username,account_status,expiry_date,profile
from dba_users where username in ('PEOPLE','SYSADM');
USERNAME ACCOUNT_STATUS EXPIRY_DATE
------------------------------
-------------------------------- ------------------
PROFILE
------------------------------
PEOPLE EXPIRED(GRACE) 25-MAR-10
DEFAULT
SYSADM EXPIRED(GRACE) 28-MAR-10
DEFAULT
SQL> select * from dba_profiles where profile='DEFAULT'
and limit is not null
and limit ! ='UNLIMITED';
PROFILE RESOURCE_NAME RESOURCE_TYPE
------------------------------ --------------------------------
--------------------------------
LIMIT
----------------------------------------------------------------------------------------------------
DEFAULT
FAILED_LOGIN_ATTEMPTS
PASSWORD
10
DEFAULT PASSWORD_LIFE_TIME PASSWORD
180
DEFAULT
PASSWORD_VERIFY_FUNCTION PASSWORD
NULL
DEFAULT PASSWORD_LOCK_TIME PASSWORD
1
DEFAULT
PASSWORD_GRACE_TIME PASSWORD
Whether those security policies are rather good enough in a
non-application server configuration, it would be avoided in Peoplesoft
environment. If you don't pay attention enough, in the middle of a working day
everything will stopped down and your users will certainly start to call you.
So, much better to remove all the limits, and freed the
password expiration from SYSADM and PEOPLE users :
SQL> alter profile default limit
failed_login_attempts
unlimited
password_life_time
unlimited
password_lock_time
unlimited
password_grace_time unlimited;
Profile altered.
SQL> alter user sysadm identified by SYSADM;
User altered.
SQL> alter user people identified by peop1e;
User altered.
SQL> select username,account_status,expiry_date,profile
from dba_users where username in ('PEOPLE','SYSADM');
USERNAME ACCOUNT_STATUS EXPIRY_DATE
------------------------------
-------------------------------- ------------------
PROFILE
------------------------------
PEOPLE OPEN
DEFAULT
SYSADM OPEN
DEFAULT
No comments:
Post a Comment