Use PROFILE to manage passwords and resources

First, create profile lock_act LIMIT FAILED_LOGIN_ATTEMPTS 3 PASSWORD_LOCK_TIME 2; assign the user test profile alter user test profile LOCK_ACT;
Unlock account alter user test account unlock;
Create profile plt limit PASSWORD_LIFE_TIME 10 PASSWORD_GRACE_TIME 2;
---- PASSWORD_RESUME-TIME 10 PASSWORD_RESUME_MAX UNLIMITED;
Alter user test profile plt;
-------- The previous profile lock_act becomes invalid after the change !!!
Using the PROFILE to manage passwords includes the following options: PASSWORD_GRACE_TIME PASSWORD_LIFE_TIME PASSWORD_LOCK_TIME when PASSWORD_REUSE_TIME verification. The system also provides a default verification function VERIFY_FUNCTION oracle_home % \ rdbms \ admin \ utlpwdmg. SQL PASSWORD_VERIFY_FUNCTION only has the following limit: 1. The password cannot be less than 4 characters and 2 characters. The password cannot be the same as the user name. 3. The password must contain a character, a number, and a special character.
You can also customize the password verification function to use PROFILE to manage user resources.
----- Activate resource management restrictions first
Alter system set RESOURCE_LIMIT = true scope = BOTH;
---- Seven session restrictions
CPU_PER_SESSION SESSION_PER_USER CONNECT_TIME LDLE_TIME LOGICAL_READS_PER_SESSION PRIVATE_SGA (applicable only to Multi-Thread servers)
COMPOSITE_LIMIT
Create profile session_limit LIMIT CPU_PER_SESSION 5000 SESSION_PER_USER 3 CONNECT_TIME 90 LDLE_TIME 15 LOGICAL_READS_PER_SESSION UNLIMITED PRIVATE_SGA UNLIMITED COMPOSITE_LIMIT DEFAULT
Alter user test profile session_limit;
---- Two call restrictions
CPU_PER_CALL LOGICAL_READS_PER_CALL
----- Change and Delete PROFILE
Alter profile session_limit LIMIT ......; Drop profile plt [CASCADE];
SELECT DEFAULT_TABLESPACE, TEMPORARY_TABLESPACE, profile FROM DBA_USER where username = 'test'; displays the PROFILE password and Resource Restriction options.
Select profile, LIMIT, profile from DBA_FROFILES where profile = 'session _ limit ';
----------- A total of 16 passwords, resource options.
COMPOSITE_LIMIT CONNECT_TIME CPU_PER_CALL CPU_PER_SESSION implements IDLE_TIME when PASSWORD_GRACE_TIME PASSWORD_LIFE_TIME PASSWORD_LOCK_TIME when PASSWORD_REUSE_TIME when PRIVATE_SGA SESSIONS_PER_USER
Note: In order to enforce kernel limits, resource_limit must be set to true create profile test_profile1 limit 2 -- cpu_per_session 10000 -- hunderth of seconds limit 100 -- hunderth of seconds connect_time 10 -- minutes idle_time 5 -- minutes limit default -- db blocks limit -- db blocks composite_limit default -- private_sga 20 M -- interval 3 -- password_life_time 10 -- days password_reuse_time 12 -- interval unlimited -- password_lock_time default -- days password_grace_time 4 -- days limit null;
The above parameters have basically been tested. In the test IDLE_TIME (idle time), the following problem occurs SQL> conn outdo @ villa please enter the password: ERROR: ORA-02396: exceeds the maximum idle time, please try again
ERROR: ORA-24315: Invalid property type
SQL> conn sys @ lab please enter password: ERROR: ORA-24315: Invalid property type
SQL> conn sys @ lab as sysdba enter the password: ERROR: ORA-24313: when the user has been proven to have exceeded the maximum idle time. Other users cannot connect again. The cause of the problem is unclear.