DBA运维数据库时偶尔会接到这样的电话:某某应用连接不了数据库了,提示密码过期。创建数据库的时候通常会为应用程序的用户创建一套profile,避免default profile总的各种限制。 随着业务的增多难免出现遗漏,有个别业务用户并没有采用量身定做的profile。
下面来看一个案例
用户密码已经过期,不修改密码的情况下使其永远使用下去
[oracle@snow ~]$ sqlplus / as sysdba
SYS@cdb > show pdbs;
CON_ID CON_NAME OPEN MODE RESTRICTED
2 PDB$SEED READ ONLY NO
3 PDB1 READ WRITE NO
SYS@cdb > alter session set container=pdb1;
SYS@cdb > col profile for a20
SYS@cdb > select username,profile from dba_users where username='BAYMAX';
USERNAME PROFILE
BAYMAX DEFAULT
用户的密码使用期限为180天
SYS@cdb > col common for a20
SYS@cdb > col limit for a20
SYS@cdb > select * from dba_profiles where profile='DEFAULT';
PROFILE RESOURCE_NAME RESOURCE LIMIT COMMON
DEFAULT COMPOSITE_LIMIT KERNEL UNLIMITED NO
DEFAULT SESSIONS_PER_USER KERNEL UNLIMITED NO
DEFAULT CPU_PER_SESSION KERNEL UNLIMITED NO
DEFAULT CPU_PER_CALL KERNEL UNLIMITED NO
DEFAULT LOGICAL_READS_PER_SESSION KERNEL UNLIMITED NO
DEFAULT LOGICAL_READS_PER_CALL KERNEL UNLIMITED NO
DEFAULT IDLE_TIME KERNEL UNLIMITED NO
DEFAULT CONNECT_TIME KERNEL UNLIMITED NO
DEFAULT PRIVATE_SGA KERNEL UNLIMITED NO
DEFAULT FAILED_LOGIN_ATTEMPTS PASSWORD 10 NO
DEFAULT PASSWORD_LIFE_TIME PASSWORD 180 NO
PROFILE RESOURCE_NAME RESOURCE LIMIT COMMON
DEFAULT PASSWORD_REUSE_TIME PASSWORD UNLIMITED NO
DEFAULT PASSWORD_REUSE_MAX PASSWORD UNLIMITED NO
DEFAULT PASSWORD_VERIFY_FUNCTION PASSWORD NULL NO
DEFAULT PASSWORD_LOCK_TIME PASSWORD 1 NO
DEFAULT PASSWORD_GRACE_TIME PASSWORD 7 NO
其中password_reuse_max可以接触重用旧密码的限制。
SYS@cdb > create profile baymax_profile limit
password_reuse_max unlimited
password_reuse_time unlimited;
SYS@cdb > alter user baymax profile baymax_profile;
SYS@cdb > select password from user$ where name='BAYMAX';
PASSWORD
6542473DDCA6AEBE
SYS@cdb > alter user baymax identified by values '6542473DDCA6AEBE';
SYS@cdb > alter user baymax profile default;
如果觉得我的文章对您有用,请点赞。您的支持将鼓励我继续创作!
赞3
添加新评论0 条评论