RE: Access and password changes



Yes, I am thinking so.   Perhaps you could point me to some docs -
before I go looking myself.


But to narrow this down a little further... In an Oracle 9 database can
I get the information I am seeking from the audit.     In an Oracle 10g
database, FGAC should do it I believe.


The issue is that the company does not know how many applications or
where they are that may be logging directly into a schema owner whose
password may change.   The password will start changing because of SOX.


So they want to be able to identify as much as possible before the
password changes.     Of course, now that an Oracle 9 password has
changed, they also would like to identify the applications that may be
attempting to log in.


Joel Patterson 
Database Administrator 
904  727-2546 


From: Richard J. Goulet [mailto:rgoulet@xxxxxxxxxx] 
Sent: Thursday, February 08, 2007 10:53 AM
To: Patterson, Joel; oracle-l@xxxxxxxxxxxxx
Subject: RE: Access and password changes


You could enable auditing at the database level then audit all
successful connections for a couple of days.  You could also audit
unsuccessful connections to find the reverse.


Dick Goulet, Senior Oracle DBA

45 Bartlett St  Marlborough, Ma 01752, USA
Tel.: 508.573.1978 |Fax:  508.229.2019 | Cell:508.742.5795






From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of
Sent: Thursday, February 08, 2007 10:16 AM
To: oracle-l@xxxxxxxxxxxxx
Subject: Access and password changes

Changing the password of the 'schema owner' - the owner of the data.


I have a manager who has asked if there is a way to track what
'application' is logging in before changing the password so that the
change can be smoother.   (either change the password in the app or
create a new account for the app).


The second part is can you track what application is attempting to log
in to a schema where the password has already been changed.   



The version of Oracle are 9, and 10.


A case where the password has already been changed happens to be

Privileged/Confidential Information may be contained in this message or
attachments hereto. Please advise immediately if you or your employer do
not consent to Internet email for messages of this kind. Opinions,
conclusions and other information in this message that do not relate to
the official business of this company shall be understood as neither
given nor endorsed by it.

GIF image

Other related posts: