Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Can I stop someone changing their password ?

Can I stop someone changing their password ?

From: Norman Dunbar <Norman.Dunbar_at_lfs.co.uk>
Date: Thu, 24 Jan 2002 10:25:20 -0000
Message-ID: <E2F6A70FE45242488C865C3BC1245DA79D89B4@lnewton.leeds.lfs.co.uk>


Strange question time again :

Server : Solaris 7
Oracle : 8.1.7.2.0

A fellow DBA has a problem on her site, she has a user which has to have a specific password - she inherited an application set up in this way and cannot change it unfortunately.

All the users - who have their own OPS$ users - know the password and none of them have alter user privs, neither does the actual user in question.

Someone is changing the password for the application user. This causes the client apps to fall over as they can no longer connect. Auditing is turned on, and she is auditing alter user, however, it appears that there are ways and means to change the password without using alter user - 'password' for example and this cannot be audited. She has spoken to Oracle and they appear to be stumped at the moment.

I've looked at profiles, but they have lots of options to force a password change, but nothing to stop it from being done.

Anyone had this problem before and/or knows how to stop it, or at least help us identify the 'poor misguided creature' who insists on changing the password ?

Much obliged for any information.

Rehards,
Norman.



Norman Dunbar			EMail:	Norman.Dunbar_at_LFS.co.uk
Database/Unix administrator	Phone:	0113 289 6265
				Fax:	0113 289 3146
Lynx Financial Systems Ltd.	URL:	http://www.Lynx-FS.com

------------------------------------------------------------------------

Received on Thu Jan 24 2002 - 04:25:20 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US