Re: Oracle passwords - how do you handle this?

In article 8308_at_synapse.bms.com, kaz_at_sis.bms.com () writes:
>
>
> My question is: How do others handle this? Is there some (fairly easy)
> way to propogate a password change to other instances where the use has
> an account? Do you just avoid using personal accounts for Oracle
> applications?
>

If you use the Proxy login feature of Oracle (the OPS$) prefix, then passwords don't really become that much of an issue. Once a user is connected via their operating system account, they can log into Oracle with a "/" for the username.

For instance:

If logged into the operating system account "ECKHARDT",

$ sqlplus /
Will connect to the SQL*Plus user OPS$ECKHARDT, and the Oracle password does not need to be known.

To access a node via SQL*Net, (TCP/IP in this case....)

$ sqlplus /_at_database_alias
  or
$ sqlplus /_at_T:node_1:inst_a
Will connect to the SQL*Plus user OPS$ECKHARDT on the remote databases.

On our Oracle instances, the password at account creation time is set to a pseudo-random value and if access is needed to the account by the DBA the password is simply changed.

---

--------------------------------+------------------------+--------------------
Gary B. Eckhardt                |  Software Development  |  This space for
Computer Sciences Corporation   |  MISTS HSC Support     |  rent or lease.
eckhardg_at_radon.brooks.af.mil    |  (210) 536-2826        |  (Cheap!)

             "IOUW - International Oracle Underwear Week!"
                  --Canadian guy on stage at Pleasure Island, IOUW 1993