[20180316]改变oracle用户口令时限.txt

简介: [20180316]改变oracle用户口令时限.txt --//昨天看了一篇blog,Stop password for user accounts expiring on Exadata,链接: --//https://blog.

[20180316]改变oracle用户口令时限.txt

--//昨天看了一篇blog,Stop password for user accounts expiring on Exadata,链接:
--//https://blog.zeddba.com/2018/03/14/stop-password-for-user-accounts-expiring-on-exadata/
--//里面提到oracle用户的口令时限,关于这个问题实际上我已经在以前遭遇到这个问题.直接结果导出
--//cron无法正常运行,自己也做一个记录:

#  chage -l oracle
Last password change                                    : Aug 21, 2015
Password expires                                        : May 16, 2018
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 1
Maximum number of days between password change          : 999
Number of days of warning before password expires       : 7

--//实际上我已经修改过1次,要到2018/5/16号到期.

SCOTT@book> select to_date('2015/8/21','yyyy/mm/dd')+999 dd from dual ;
DD
-------------------
2018-05-16 00:00:00

--//正好一致.可以看看grid用户,我没有修改的情况:
#  chage -l grid
Last password change                                    : Oct 10, 2014
Password expires                                        : Jul 05, 2017
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 1
Maximum number of days between password change          : 999
Number of days of warning before password expires       : 7

--//可以发现grid用户口令早已经到期.作者提供修改建议:
The manual page for chage explains the switches:

-d, --lastday LAST_DAY
Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in
the format YYYY-MM-DD (or the format more commonly used in your area). If the LAST_DAY is set to 0 the user is forced
to change his password on the next log on.

-E, --expiredate EXPIRE_DATE
Set the date or number of days since January 1, 1970 on which the user's account will no longer be accessible. The date
may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is
locked must contact the system administrator before being able to use the system again.

Passing the number -1 as the EXPIRE_DATE will remove an account expiration date.

-m, --mindays MIN_DAYS
Set the minimum number of days between password changes to MIN_DAYS. A value of zero for this field indicates that the
user may change his/her password at any time.

-M, --maxdays MAX_DAYS
Set the maximum number of days during which a password is valid. When MAX_DAYS plus LAST_DAY is less than the current
day, the user will be required to change his/her password before being able to use his/her account. This occurrence can
be planned for in advance by use of the -W option, which provides the user with advance warning.

Passing the number -1 as MAX_DAYS will remove checking a password's validity.


#  chage -d 9999 -E -1 -m 0 -M -1 oracle
#  chage -l oracle
Last password change                                    : May 18, 1997
Password expires                                        : never
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : -1
Number of days of warning before password expires       : 7

--//这样永远不会到期.感到奇怪的-d参数:
-d, --lastday LAST_DAY
Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in
the format YYYY-MM-DD (or the format more commonly used in your area). If the LAST_DAY is set to 0 the user is forced
to change his password on the next log on.

SCOTT@book> select to_date('1970/1/1','yyyy/mm/dd')+9999 dd from dual ;
DD
-------------------
1997-05-18 00:00:00

--//实际上这些与安全等保相互矛盾的.我不知道我们团队是否知道.其实我上次已经跟实施等保人员讲了这方面问题.
--//我不知道我们团队的开发如何监测与管理的,对于这样的团队真心失望.
--//你要限制口令时限,必须要知道它可能带来的后果.

目录
相关文章
|
SQL Oracle 关系型数据库
探秘Oracle表空间、用户、表之间的关系
 之前的DRP项目虽然用到了oracle,但是所有数据库对象的建立都是按文档来的,并没有仔细思考总结,后面再次用到oracle时,不能再那么糊里糊涂的用了,得稍微探索一下下了,究竟这些oracle中的数据库对象之间都存在什么关系呢?
探秘Oracle表空间、用户、表之间的关系
|
6月前
|
SQL Oracle 关系型数据库
Oracle - Spool导出数据到TXT文件
Oracle - Spool导出数据到TXT文件
109 0
|
Oracle 关系型数据库 Linux
如果oracle用户下的$ORACLE_HOME bin oracle文件的属主或权限出了问题,那么该如何修复呢?
如果oracle用户下的$ORACLE_HOME bin oracle文件的属主或权限出了问题,那么该如何修复呢?
394 1
|
Oracle 关系型数据库 Linux
Oracle Linux 8.5 上架微软应用商店,用户可免费下载
Oracle Linux 8.5 上架微软应用商店,用户可免费下载
110 0
Oracle Linux 8.5 上架微软应用商店,用户可免费下载
|
SQL Oracle 关系型数据库
Oracle OS认证与密码文件认证(操作系统认证、口令文件认证、创建密码文件)
Oracle OS认证与密码文件认证(操作系统认证、口令文件认证、创建密码文件)
555 0
|
SQL Oracle 关系型数据库
常见问题:在 Windows 平台的 Oracle 12.1 数据库版本上的 Oracle Home 用户 (Doc ID 2101982.1、Doc ID 1529702.1)
常见问题:在 Windows 平台的 Oracle 12.1 数据库版本上的 Oracle Home 用户 (Doc ID 2101982.1、Doc ID 1529702.1)
237 0
|
Oracle 关系型数据库 数据安全/隐私保护
oracle学习25-手工删除oracle归档日志后操作步骤 和修改用户默认解锁时间
oracle学习25-手工删除oracle归档日志后操作步骤 和修改用户默认解锁时间
160 0
|
Oracle 关系型数据库 数据库
oracle学习8-使用profile管理用户口令
oracle学习8-使用profile管理用户口令
149 0
|
SQL Oracle 关系型数据库
Oracle管理员用户及身份认证详解
Oracle管理员用户及身份认证详解
525 0
Oracle管理员用户及身份认证详解
|
Oracle 安全 关系型数据库
Oracle学习(十四):管理用户安全
本文主要讲Oracle管理用户安全
118 0
Oracle学习(十四):管理用户安全