After running Utlpwdmg.sql, ORA-28003, ORA-20001, ORA-20002, ORA-20003, ORA-20004 error are reported.
Suitable for:
Oracle server-enterprise edition-version 8.1.7.0 and later
Information in this document applies to any platform.
Checked for relevance on 15-sep-2012
Reason:
Run the Utlpwdmg.sql script to make security restrictions on the user's password. The new password enforces the following rules:
1. Contains a character, a number, a punctuation mark
2. Different from username
3. Words (words) different from those listed in the Password verification function
4. There are at least 3 characters different than the old password.
The above rules change in the new version of the DB software, so it is recommended that you review the script in your DB version to confirm what the detailed rules are.
Solution:
Not all customers need or want this level of security. You can remove the feature by using the following method.
1. Connect internal to the database.
2. Drop function verify_function;
3. ALTER profile DEFAULT LIMIT password_verify_function null;
At this point, the password can be modified with the ' ALTER user XYZ identified by XYZ ' command without any errors
The Utlpwdmg.sql script also modifies the default profile.
The default profile settings is the resource parameter value (resource parameters) of the default profile when the database is created.
Before running the script, if you modify these resource parameters and you are using other parameters, you should restore these values.
If you modified those resource parameters and your were using other parameter values before running the script, you should Restore those values.
Before running the script
-------------------------
Sql> SELECT * from Dba_profiles
2 WHERE profile = ' DEFAULT '
3 and Resource_type = ' PASSWORD ';
Profile Resource_name RESOURCE LIMIT
------------------- -------------------------------- -------- ------------
DEFAULT failed_login_attempts PASSWORD UNLIMITED
DEFAULT password_life_time PASSWORD UNLIMITED
DEFAULT password_reuse_time PASSWORD UNLIMITED
DEFAULT Password_reuse_max PASSWORD UNLIMITED
DEFAULT password_verify_function PASSWORD UNLIMITED
DEFAULT password_lock_time PASSWORD UNLIMITED
DEFAULT password_grace_time PASSWORD UNLIMITED
After running the script:
------------------------
Sql> SELECT * from Dba_profiles
2 WHERE profile = ' DEFAULT '
3 and Resource_type = ' PASSWORD ';
Profile Resource_name RESOURCE LIMIT
-------------------- -------------------------------- -------- ----------------
DEFAULT failed_login_attempts PASSWORD 3
DEFAULT Password_life_time PASSWORD 60
DEFAULT password_reuse_time PASSWORD 1800
DEFAULT Password_reuse_max PASSWORD UNLIMITED
DEFAULT password_verify_function PASSWORD verify_function
DEFAULT password_lock_time PASSWORD. 0006
DEFAULT Password_grace_time PASSWORD 10
7 rows selected.
You can restore the default setting by running this script as internal or as SYSDBA.
Sql> ALTER profile DEFAULT LIMIT
2 Password_life_time UNLIMITED
3 Password_grace_time UNLIMITED
4 Password_reuse_time UNLIMITED
5 Password_reuse_max UNLIMITED
6 failed_login_attempts UNLIMITED
7 Password_lock_time UNLIMITED;