Thursday, 16 October 2014

oracle accounts expired, don’t let it happen to you

 

A quick gotcha.  oracle likes expiring passwords every 180 days.

Don’t let this happen to your awesome JD Edwards implementation on oracle.

Ensure that you have a default profile set up and ensure that you have go no expiry on the PASSWORD_LIFE_TIME!

spool PasswordsAndProfileSummary.txt
set feedback on
set echo on
set linesize 1000
set timing on
connect jde/password@e1prod;
select username, account_status, expiry_date, profile from dba_users;
select resource_name,limit from dba_profiles;
connect jde/password@e1dev;
select username, account_status, expiry_date, profile from dba_users;
select resource_name,limit from dba_profiles;

spool off;

Which will produce

SYS                            OPEN                                       DEFAULT                                           SYSTEM                         OPEN                                       DEFAULT                                       OUTLN                          EXPIRED & LOCKED                 22-OCT-13 DEFAULT                    55 rows selected.

Elapsed: 00:00:00.05
SQL> select resource_name,limit from dba_profiles;

RESOURCE_NAME LIMIT -------------------------------- ---------------------------------------- FAILED_LOGIN_ATTEMPTS 10 PASSWORD_GRACE_TIME 7 PASSWORD_VERIFY_FUNCTION NULL PASSWORD_REUSE_MAX UNLIMITED PASSWORD_LIFE_TIME UNLIMITED

So if the password_life_time for the default profile is not unlimited, change it with:

alter profile default limit password_life_time unlimited ;

Then you’ll be cooking with gas.

No comments:

Extending JDE to generative AI