How to identify source of password changes [message #337675] |
Thu, 31 July 2008 10:45 |
lvirden
Messages: 6 Registered: August 2007 Location: Ohio
|
Junior Member |
|
|
I have a situation where we have a vendor product installed on one of our machines. It stores data in oracle tables. Each project that is managed has its own oracle login, and its own oracle tables.
We have had, in the past 5 months or so, several cases where suddenly the password for one of these project oracle login changes. The humans responsible for the product each have indicated they did nothing that would change the password. The vendor reports their product has no capability to change an oracle password - the administrator must do that kind of operation manually, then update the vendor product's record of the password for the project.
So we either have a program that is running in the environment changing the password, a table containing the password that has data corruption, or an unknown person changing passwords.
So in an ideal world, I would be able to accomplish two things.
1. Identify what is causing the password changes.
2. Stop that from happening.
To accomplish 1. would seem to require me to convince oracle to tell me details about the password change itself - who requested it, when, information about the connection (from what PC or server, etc.).
To accomplish 2. would either require me to complete 1 and then take some technical or administrative action (stop the program or user from changing the password) OR require me to configure the oracle login in some manner to make changing of the password take more effort than currently is the case.
I am wondering whether anyone reading this forum has some ideas on how to accomplish either of these tasks.
Thank you for your time.
|
|
|
|
|
|