Re: Oracle passwords - how do you handle this?

From: David Thornewill von Essen <ttg242_at_newton.sps.mot.com>
Date: Fri, 15 Oct 1993 03:27:52 GMT
Message-ID: <1993Oct15.032752.21130_at_newsgate.sps.mot.com>

In article 8308_at_synapse.bms.com, kaz_at_sis.bms.com writes:
>
>At our site, we have about 12 different instances of Oracle (with more
>on the way). One thing that is becomming more of a problem is the number
>of separate Oracle accounts that some users need, and maintaining the passwords
>for these accounts. Since Oracle itsself doesn't have any method of
>password expiration, some of our inhouse applications now implement a
>method of doing this, and forcing the user to reset their password
>after x number of days. The problem here is that if someone changes
>their password as required by application A, they don't really know that
>this is the same account/password for applications C and D, but that
>applications E and F still use thier old password because it's in a
>different instance.
>
>My question is: How do others handle this? Is there some (fairly easy)
>way to propogate a password change to other instances where the use has
>an account? Do you just avoid using personal accounts for Oracle
>applications?
>
>----------------
>Joe Kazimierczyk
>kaz_at_bms.com

One approach is to have the users access only 1 database and use DB Links through SQL*Net and synonym to mask the fact that they in fact have multiple ID's. This way the user only ever meeds to have one entry point into the system.

Of course you could also create what used to be called 'OPS$' accounts. This associates database security with the operating system, however in my experience this means having an operating system login id on each database machineIn my case this was not desirable, although this implementation may have changed. Anyone know?

Regards,
David TvE

---
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
David Thornewill von Essen                           Sr. Systems Analyst
Motorola ASIC Division                            I don't speak for Mot.
Chandler, AZ-85224                                   fax: (602) 814-4451
email: ttg242_at_email.sps.mot.com                      tel: (602) 814-4395
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-

Received on Fri Oct 15 1993 - 04:27:52 CET

This message: [ Message body ]
Next message: Joe Minnich: "shadow processes revisited"
Previous message: Gary Eckhardt: "Re: Oracle passwords - how do you handle this?"
In reply to: kaz_at_sis.bms.com: "Oracle passwords - how do you handle this?"
In reply to kaz_at_sis.bms.com: "Oracle passwords - how do you handle this?"
Next in thread: Richard D Holowczak: "Re: ORACLE CARD 2.0 Beta/Just Got it"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message