Well, that's interesting.
If it we're me , I'd reset all the non-application (users) passwords to a
temp password and expire them to have the users enter a new password at
logon.
Password expiration and prompting only works across OCI calls and not JDBC
however so you may have to give them the "alter user" statement so they can
reset their password after logging in with the temp password.
Chris
On Nov 14, 2018 5:26 PM, "Jeff Chirco" <backseatdba@xxxxxxxxx> wrote:
I am working on upgrading our 11.2.0.4 database to 12.2.0.1. In this 11g
database we had sec_case_sensitive_logon disabled but I am enabling it in
12c. I have users with "PASSWORD_VERSIONS" set to "10G 11G', and on the
12c side I have SQLNET.ALLOWED_LOGON_VERSION_SERVER = 10 set in sqlnet.ora
However I am noticing that when I try to connect in 12c I have to enter the
password in the same case that it was originally created on 11g even though
password case sensitivity was off. I thought the sqlnet setting of
ALLOWED_LOGON_VERSION_SERVER=10 would allow this?
My ideal behavior would be: in 12c users allow previously created users to
authenticate with any case password, but for newly created users (or users
that change their password) foce password case sensitivity. We have a lot
of users and some of them may not realize what case they originally created
their password with.
Let me know if you think this is possible.
Thanks,
Jeff
