Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: Access and password changes

RE: Access and password changes

From: <Joel.Patterson_at_crowley.com>
Date: Thu, 8 Feb 2007 11:45:48 -0500
Message-ID: <02C2FA1C9961934BB6D16DE35707B27B0295BABD@jax-mbh-01.jax.crowley.com> 





Thanks,

 



Yes, I am thinking so.   Perhaps you could point me to some docs -
before I go looking myself.

 



But to narrow this down a little further... In an Oracle 9 database can
I get the information I am seeking from the audit.     In an Oracle 10g
database, FGAC should do it I believe.

 



The issue is that the company does not know how many applications or
where they are that may be logging directly into a schema owner whose
password may change.   The password will start changing because of SOX.

 



So they want to be able to identify as much as possible before the
password changes.     Of course, now that an Oracle 9 password has
changed, they also would like to identify the applications that may be
attempting to log in.

 



Joel Patterson 


Database Administrator 


joel.patterson_at_crowley.com 


x72546 


904  727-2546 






From: Richard J. Goulet [mailto:rgoulet_at_kanbay.com] 
Sent: Thursday, February 08, 2007 10:53 AM
To: Patterson, Joel; oracle-l_at_freelists.org
Subject: RE: Access and password changes

 



You could enable auditing at the database level then audit all
successful connections for a couple of days.  You could also audit
unsuccessful connections to find the reverse.

 

  


Dick Goulet, Senior Oracle DBA



45 Bartlett St  Marlborough, Ma 01752, USA
Tel.: 508.573.1978 |Fax:  508.229.2019 | Cell:508.742.5795



RGoulet_at_kanbay.com



: POWERING TRANSFORMATION 


 

 






From: oracle-l-bounce_at_freelists.org


[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of
Joel.Patterson_at_crowley.com


Sent: Thursday, February 08, 2007 10:16 AM
To: oracle-l_at_freelists.org


Subject: Access and password changes



Changing the password of the 'schema owner' - the owner of the data.

 



I have a manager who has asked if there is a way to track what
'application' is logging in before changing the password so that the
change can be smoother.   (either change the password in the app or
create a new account for the app).

 



The second part is can you track what application is attempting to log
in to a schema where the password has already been changed.   

 

 



The version of Oracle are 9, and 10.

 



A case where the password has already been changed happens to be
Oracle9.



Privileged/Confidential Information may be contained in this message or
attachments hereto. Please advise immediately if you or your employer do
not consent to Internet email for messages of this kind. Opinions,
conclusions and other information in this message that do not relate to
the official business of this company shall be understood as neither
given nor endorsed by it.








--
http://www.freelists.org/webpage/oracle-l




image001.gif






Received on Thu Feb 08 2007 - 10:45:48 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US