changing passwords - Boneheads at MetaStink

Listers,
Please forgive the length of this, but you had to see it for real. The question at stake here is... Are there any specific instructions or gotcha's when changing the passwords for the below listed default users. Particularly are there any shell scripts, etc that need changing if you change these package passwords. Yvonne (the dba who posted this to Metalink) Has been working with Oracle for a couple of years and is fully capable of alter user .... commands.

• Forwarded Message ---------- Date: Fri, 16 Mar 2001 15:27:04 -0600 To: "Holman, Rodney" <rodney.holman_at_lodgenet.com>

... <chopped to reduce size>
  ### Detailed Problem Statement: ###
  I have recently installed 8.1.7. I need to change the followingpasswords:
  OUTLN
  TRACESVR
  AURORA$JIS$UTILITY$
  OSE$HTTP$ADMIN
  AURORA$ORB$UNAUTHENTICATED
  ORDSYS
  ORDPLUGINS
  MDSYS
  CTXSYS
  Is there anything special about changing these passwords? or just the alter user?

.. <chopped to reduce size>
<comentary>

Metalink's boneheaded response. They obviously didn't read the question.
</comentary>

  15-MAR-01 21:48:11 GMT   Changing a User's Authentication Mechanism

  Most non-DBA users can still change their own passwords with the ALTER USER statement, as follows:

  ALTER USER andy
  IDENTIFIED BY swordfish;

  Users can change their own passwords this way, without any special privileges (other than those to connect to the database). Users should be encouraged to change their passwords frequently.

  Users must have the ALTER USER privilege to switch between Oracle database authentication or a form of external authentication. Usually, only DBAs should have this privilege.

  SQL > connect ctxsys/ctxsys
  Connected.
  SQL > alter user ctxsys identified by maryland;   User altered.

  scl

<comentary>

DBA's frustrated but polite response to bonehead at Metalink
</comentary>

  16-MAR-01 15:13:11 GMT   New info : Wayne:
  I am asking if there is anything special about changing these passwords. For instance, changing the dbsnmp password has three pages ofinstructions. I cannot find anything specific on the users mentioned. I want to make sure they are just plain old ordinary database users.   Thanks,Yvonne

<comentary>

Bonehead at Metalink still obviously not bothering to research this response. DBA obviously knows keeping the default password is a security breach. That's why she asked the question in the first place.
</comentary>

  16-MAR-01 17:17:11 GMT   we are not aware of any problems when changing these passwords... it would be a security problem naturally if you kept all of your default passwords

  scl

-- 
Rodd Holman
Oracle DBA
(605) 988-1373
rodney.holman_at_lodgenet.com
Comments made are my own opinions and views. They do not represent views, 
policies, or procedures of LodgeNet Entertainment Corporation


-- 
Please see the official ORACLE-L FAQ: http://www.orafaq.com
-- 
Author: Rodd Holman
  INET: rodney.holman_at_lodgenet.com

Fat City Network Services    -- (858) 538-5051  FAX: (858) 538-5051
San Diego, California        -- Public Internet access / Mailing Lists
--------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).