To unlock a locked Oracle DB account:
1) Find the locked account:
select username,account_status from dba_users where account_status like '%LOCK%';2) Unlock the user:
alter user <USER> account unlock;In my case the server was a development database and locked accounts were just an unnecessary hassle since I don't need any security on this database. So, to avoid the account being locked again in the future I changed some parameters of the DEFAULT profile (the profile used by this user in my database):
1) Check the profile used by the user:
select profile from dba_users where user=<USER>;2) Change the parameters related to password expiration and failed login attempts:
alter profile <PROFILE> limit FAILED_LOGIN_ATTEMPTS unlimited;
alter profile <PROFILE> limit PASSWORD_LIFE_TIME unlimited;
alter profile <PROFILE> limit PASSWORD_REUSE_TIME unlimited;
alter profile <PROFILE> limit PASSWORD_REUSE_MAX unlimited;
alter profile <PROFILE> limit PASSWORD_LOCK_TIME unlimited;
alter profile <PROFILE> limit PASSWORD_GRACE_TIME unlimited;
Obs1: You must have ALTER PROFILE system privilege to change profile resource limits. To modify password limits and protection, you must have ALTER PROFILE and ALTER USER system privileges.
Obs2: Don't do this in your production server or any server where data loss is not acceptable! In such cases, follow Oracle security practices.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.