REPOST: Re: Can I stop someone changing their password ?

From: Ganesh Raja <ganesh_at_gtfs-gulf.com>
Date: 25 Jan 2002 06:09:52 -0800
Message-ID: <8$--$%%%_$%-_-%$$$@news.noc.cabal.int>

j.w.vandijk_at_hetnet.nl (Jaap W. van Dijk) wrote in message news:<3c506d4c.6727770_at_news.freeler.nl>...
> Couldn't you write a ddl-trigger on the ALTER statement
> and in the trigger body check if it's the application user that is
> getting altered and prevent this?
>
> Jaap.
>
> On Thu, 24 Jan 2002 10:25:20 -0000, Norman Dunbar
> <Norman.Dunbar_at_lfs.co.uk> wrote:
>
> >Strange question time again :
> >
> >Server : Solaris 7
> >Oracle : 8.1.7.2.0
> >
> >
> >A fellow DBA has a problem on her site, she has a user which has to have
> >a specific password - she inherited an application set up in this way
> >and cannot change it unfortunately.
> >
> >All the users - who have their own OPS$ users - know the password and
> >none of them have alter user privs, neither does the actual user in
> >question.
> >
> >Someone is changing the password for the application user. This causes
> >the client apps to fall over as they can no longer connect. Auditing is
> >turned on, and she is auditing alter user, however, it appears that
> >there are ways and means to change the password without using alter user
> >- 'password' for example and this cannot be audited. She has spoken to
> >Oracle and they appear to be stumped at the moment.
> >
> >I've looked at profiles, but they have lots of options to force a
> >password change, but nothing to stop it from being done.
> >
> >Anyone had this problem before and/or knows how to stop it, or at least
> >help us identify the 'poor misguided creature' who insists on changing
> >the password ?
> >
> >Much obliged for any information.
> >
> >
> >Rehards,
> >Norman.
> >
> >------------------------------------------------------------------------
> >-----
> >Norman Dunbar EMail: Norman.Dunbar_at_LFS.co.uk
> >Database/Unix administrator Phone: 0113 289 6265
> > Fax: 0113 289 3146
> >Lynx Financial Systems Ltd. URL: http://www.Lynx-FS.com
> >------------------------------------------------------------------------
> >-----
> >

Check out if this works ... a Wild Guess...

Create a Profile that has a Password verify function.

This Function will Do the reverse... It will make sure that all the characters in the password are same as that of the old password.

Assign this profile to anyone who is not allowed to change the password.

Check out and let the group know.

Regards,
Ganesh R

WAS CANCELLED BY =======: From: ganesh_at_gtfs-gulf.com (Ganesh Raja) Control: cancel <a8aed4.0201250609.62f6b2a8_at_posting.google.com> Subject: cmsg cancel <a8aed4.0201250609.62f6b2a8_at_posting.google.com> Date: Mon, 28 Jan 2002 00:44:27 GMT Message-ID: <cancel.a8aed4.0201250609.62f6b2a8_at_posting.google.com> X-No-Archive: yes Newsgroups: microsoft.test,alt.flame.niggers,comp.databases.oracle.server NNTP-Posting-Host: w088.z064003087.lax-ca.dsl.cnc.net 64.3.87.88 Lines: 1 Path: news.uni-stuttgart.de!news.ruhr-uni-bochum.de!fu-berlin.de!news.maxwell.syr.edu!news.stealth.net!msrtrans1!msrnewsc1!cppssbbsa01.microsoft.com!tkmsftngp01!tkmsftngp04!u&n&a&c&anceller Xref: news.uni-stuttgart.de control:40723173

This message was cancelled from within The Unacanceller's glorious new software, Lotus 1-2-3 For Rogue Cancellers. Received on Fri Jan 25 2002 - 08:09:52 CST