RE: Locking the SYS account.

• From: "Polarski, Bernard" <Bernard.Polarski@xxxxxxxxxxxxxx>
• To: <DEVA@xxxxxxxx>,<oracle-l@xxxxxxxxxxxxx>
• Date: Wed, 3 Jan 2007 09:40:50 +0100

I don't think you can really lock or prevent the user sys to connect
into a DB:

 

http://www.lc.leidenuniv.nl/awcourse/oracle/server.920/a96524/c23acces.h
tm

 

as long as it is in the OS group dba, it will be able to connect into
the DB regardless of the lock, expire setting.

 

SQL> alter user sys account lock ;

User altered.

SQL> exit

[I changed my ORACLE_SID to  another DB to force use of listener and
remote login]

sqlplus 'sys/sys@asdb as sysdba'

 

SQL*Plus: Release 10.1.0.4.0 - Production on Wed Jan 3 09:30:27 2007

 

Copyright (c) 1982, 2005, Oracle.  All rights reserved.

 

Connected to:

Oracle Database 10g Enterprise Edition Release 10.1.0.4.0 - Production

With the Partitioning, OLAP and Data Mining options

 

SQL> select ACCOUNT_STATUS from dba_users where username = 'SYS' ;

ACCOUNT_STATUS

--------------------------------

LOCKED

 

 

bp

 

From: Denham Eva [mailto:DEVA@xxxxxxxx] 
Sent: woensdag 3 januari 2007 9:19
To: oracle-l@xxxxxxxxxxxxx
Subject: Locking the SYS account.

 

This email is subject to Terms and Conditions as found in our Email
Legal Notice which forms part of this email message in terms of section
11 of the Electronic Communications and Transaction Act 25 of 2002.
Please click on http://www.mf.co.za/content/EMAIL_Legal_Notice.asp
<http://www.mf.co.za/content/EMAIL_Legal_Notice.asp>  , or send a blank
email to disclaim@xxxxxxxx <mailto:disclaim@xxxxxxxx> . By receiving,
reading or acting upon this email you will automatically be bound by the
terms of the  Email Legal Notice.

Mutual & Federal Insurance Company Limited

Authorised Financial Services Provider

 

  _____  

Hi,

 

I am being pressured into changing users on some oracle servers with
regards to DBA accounts.

The client wants all these accounts to expire and some commonly known
accounts to be locked.

I have not yet tried to experiment with this and would like to know from
the community before actually trying this.

 

What if any are the implications of locking the SYS account?

 

TIA

Denham 

Other related posts:

• » Locking the SYS account.
• » RE: Locking the SYS account.
• » Re: Locking the SYS account.
• » Re: Locking the SYS account.
• » Re: Locking the SYS account.
• » RE: Locking the SYS account.
• » RE: Locking the SYS account.
• » RE: Locking the SYS account.
• » RE: Locking the SYS account.
• » Re: Locking the SYS account.

1. Home
2. oracle-l
3. Archive
4. 01-2007

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---