RE: Password routine

Thing is, it's a PeopleSoft app. The users basically have NOTHING until
they connect to PeopleSoft at which point they become SYSADM and can do
their work.

 

The grand vision is some day everything will go through "Password
Courier" where you go, change your password, and everything is magically
updated. We're getting there, but right now it just does network,
mainframe, and web pages.

 

Michael Kline

Database Administration

Outside 804.261.9446

Cell 804.744.1545

3-9446

 

________________________________

From: Niall Litchfield [mailto:niall.litchfield@xxxxxxxxx] 
Sent: Friday, August 04, 2006 9:16 AM
To: Kline.Michael
Cc: oracle-l@xxxxxxxxxxxxx
Subject: Re: Password routine

 

 

On 8/4/06, Kline.Michael <Michael.Kline@xxxxxxxxxxxx> wrote:

        Audit has said: "Modify Oracle's password complexity
verification routine script (utlpwdmg.sql), and allow password changes
only if the current password has been active for more than 2 days." 

 

ah Audit has spoken. I assume that your organisations general password
policy is not to allow a change if the password was previously changed
in the last 2 days, and that this is just playing catchup? The reason I
ask is that it seems odd to me. I can't imagine how many times I've
changed a password prior to 8am one morning because I was asked to, had
to fight complexity requirements - got it changed and then been unable
to recall it the following morning. At least in your organisation I
could go home and bill the lost day to audit. 

  

         

        I think I heard 10G works with active directory, maybe even
RACF, and if that was in place, this would be a non issue.

         


what do you mean by works with? If its just a matter of authenticating
windows users you can do this in , at least. 9i upwards. 

-- 
Niall Litchfield
Oracle DBA
http://www.orawin.info 
  
  
  
LEGAL DISCLAIMER 
The information transmitted is intended solely for the individual or entity to 
which it is addressed and may contain confidential and/or privileged material. 
Any review, retransmission, dissemination or other use of or taking action in 
reliance upon this information by persons or entities other than the intended 
recipient is prohibited. If you have received this email in error please 
contact the sender and delete the material from any computer. 
  
Seeing Beyond Money is a service mark of SunTrust Banks, Inc. 
[ST:XCL] 
 
 
 
 

Other related posts: