Re: Dblink in Oracle10g
- From: "Jared Still" <jkstill@xxxxxxxxx>
- To: Joel.Patterson@xxxxxxxxxxx
- Date: Wed, 19 Nov 2008 10:22:21 -0800
On Wed, Nov 19, 2008 at 5:41 AM, <Joel.Patterson@xxxxxxxxxxx> wrote:
>
> The script would be better off changing the password back to its
> original immediately after connecting to the local user account. There
> is no need to do all the work first if as the description warns about
> changing a password even for a few seconds. Well if you change it back
> immediately it wouldn't be your password for longer than it takes to
> connect.
>
>
Here is something to check for when temporarily changing passwords.
The account may be assigned to a profile that prevents the reuse of a
password,
and may also prevent the use of your temporary password if it doesn't
meet the criteria of the verify password function.
Best to check beforehand and plan for it.
There is a way to work around the profile problem.
Create a new profile with no options, for temporary use only.
I will call it empty_profile here.
alter user dblink_owner identified by new_password profile empty_profile;
Do the rest of the work as this user.
Change the password back;
alter user dblink_owner identified by old_password;
alter user dblink_owner profile <original_profile>;
You best document it if you are routinely audited, as these changes
will appear in sys.user_history$, which a sharp auditor may know about.
Jared
Other related posts:
