Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: securing oracle
Ed
I'm assuming you're on NT, since INTERNAL doesn't have a password on Unix (it's protected by OS privileges instead). Here are the steps on NT (I'm using 8.1, so you'll need to change the commands to include version numbers if you're on an earlier release e.g. svrmgrl was svrmgr30, orapwd was orapwd80 in Oracle8):
C:\>svrmgrl
Oracle Server Manager Release 3.1.5.0.0 - Production
(c) Copyright 1997, Oracle Corporation. All Rights Reserved.
Oracle8i Enterprise Edition Release 8.1.5.0.0 - Production
With the Partitioning and Java options
PL/SQL Release 8.1.5.0.0 - Production
SVRMGR> connect internal/oracle <-- the default password.
Connected.
SVRMGR> exit
Server Manager complete.
C:\>orapwd
Usage: orapwd file=<fname> password=<password> entries=<users>
where
file - name of password file (mand),
password - password for SYS and INTERNAL (mand),
entries - maximum number of distinct DBA and OPERs (opt),
There are no spaces around the equal-to (=) character.
C:\>orapwd file=pwdorcl.ora password=manager <-- Mistake here. No path entered so the file ended up in the current directory, not under c:\oracle81\database where it belongs.
C:\>svrmgrl
Oracle Server Manager Release 3.1.5.0.0 - Production
(c) Copyright 1997, Oracle Corporation. All Rights Reserved.
Oracle8i Enterprise Edition Release 8.1.5.0.0 - Production
With the Partitioning and Java options
PL/SQL Release 8.1.5.0.0 - Production
SVRMGR> connect internal/manager <-- The supposed new password
ORA-01017: invalid username/password; logon denied
SVRMGR> connect internal/oracle <-- The old default value
Connected.
SVRMGR> exit
Server Manager complete.
C:\>dir
Volume in drive C is OBIWINNT
Volume Serial Number is 3C59-9216
Directory of C:\
01/11/99 04:06p <DIR> acrobat3 08/13/99 12:08p <DIR> adsdc 02/05/99 09:50a 16 AUTOEXEC.BAT 03/22/99 03:15p 6,086 class.sys 01/11/99 02:19p 0 CONFIG.SYS 08/18/99 10:03a <DIR> CWHS804WebTrial 08/02/99 08:06a 140 helpindx.lis 08/02/99 08:03a 44 helptbl.lis 10/11/99 09:35a <DIR> InetPub 01/12/99 05:50p <DIR> MODEM.NT4 10/12/99 10:51a <DIR> My Music 08/09/96 12:00a 26,800 NTDETECT.OLD 01/11/99 04:09p 42 oaprefw.ora 01/11/99 04:09p 42 oaprefw.per 01/11/99 04:10p 1,045 OBIVER.INI 04/27/99 01:54p 119 OMLOC.CFG 08/31/99 01:07p <DIR> OnNet Host Suite Data 08/13/99 01:30p <DIR> oracle81 10/14/99 09:37a <DIR> ORANT 06/07/99 09:32a <DIR> PLATDEMO 08/02/99 08:05a 1,665 plushelp.log 10/08/99 02:10p <DIR> Program Files 11/25/99 02:09p 1,536 pwdorcl.ora <-- Ahah! File in the wrong location! 08/16/99 09:43a <DIR> Real 11/18/99 09:42a 35,543 sqlnet.log 11/25/99 02:03p <DIR> TEMP 11/20/99 03:14p <DIR> WINNT 27 File(s) 73,078 bytes 192,259,584 bytes free
C:\>del pwdorcl.ora
C:\>cd oracle81\database
C:\oracle81\DATABASE>dir pwd*
Volume in drive C is OBIWINNT
Volume Serial Number is 3C59-9216
Directory of C:\oracle81\DATABASE
08/02/99 07:58a 1,536 PWDfred.ora 08/13/99 01:26p 1,536 PWDorcl.ora 2 File(s) 3,072 bytes 192,261,120 bytes free
C:\oracle81\DATABASE>orapwd file=pwdorcl.ora password=manager
OPW-00005: File with same name exists - please delete or rename <-- Bit of extra work here to make sure you don't do this without thinking through the consequences.
C:\oracle81\DATABASE>ren pwdorcl.ora pwdorcl.old
C:\oracle81\DATABASE>orapwd file=pwdorcl.ora password=manager
C:\oracle81\DATABASE>svrmgrl
Oracle Server Manager Release 3.1.5.0.0 - Production
(c) Copyright 1997, Oracle Corporation. All Rights Reserved.
Oracle8i Enterprise Edition Release 8.1.5.0.0 - Production
With the Partitioning and Java options
PL/SQL Release 8.1.5.0.0 - Production
SVRMGR> connect internal/manager
Connected.
SVRMGR> exit
Server Manager complete.
HTH. Pete
Ed Zappulla wrote:
> Hi Pete, Do you know how to change the INTERNAL password?
>
> Pete Sharman <psharman_at_us.oracle.com> wrote in message
> news:3839BF27.7E9E43A2_at_us.oracle.com...
> > All of them, if you really want to secure it! ;)
> >
> > Actually, the real answer is all the privileged accounts. That's SYS,
> > SYSTEM, INTERNAL on NT, DBSNMP and any user that has either the DBA role,
> > or SYSDBA or SYSOPER roles.
> >
> > HTH.
> >
> > Pete
> >
> > ed zappulla wrote:
> >
> > > Can anyone tell me what passwords I need to change in order to secure
> > > Oracle? I know of 2. system and internal.
> > >
> > > ...ed
> >
Received on Thu Nov 25 1999 - 16:21:10 CST