【翻譯自mos文章】運行utlpwdmg.sql之後報ORA-28003, ORA-20001, ORA-20002, ORA-20003, ORA-20004 錯誤,ora20002

來源:互聯網
上載者:User

【翻譯自mos文章】運行utlpwdmg.sql之後報ORA-28003, ORA-20001, ORA-20002, ORA-20003, ORA-20004 錯誤,ora20002

運行utlpwdmg.sql之後報ORA-28003, ORA-20001, ORA-20002, ORA-20003, ORA-20004 錯誤。

適用於:
Oracle Server - Enterprise Edition - Version 8.1.7.0 and later
Information in this document applies to any platform.
Checked for relevance on 15-Sep-2012

原因:
運行 utlpwdmg.sql 指令碼可以對使用者的密碼進行安全限制。新密碼強制施行如下的規則:
1.包含一個字元,一個數字,一個標點符號
2.不同於username
3.不同於密碼驗證函數中列示出來的words(單詞)
4.跟老密碼相比,至少有3個字元不同。

以上規則在新版的db 軟體中有所變化,因此,推薦你查看你的db版本中的該指令碼,以確認有哪些詳細的規則。

解決方案:
不是所有的客戶都需要或者希望這個安全層級。可以用如下的方法來remove掉該功能。

1. Connect internal to the database.
2. drop function verify_function;
3. ALTER PROFILE DEFAULT LIMIT PASSWORD_VERIFY_FUNCTION null;


此時,在沒有任何錯誤的情況下,使用with the 'alter user xyz identified by xyz' 命令,密碼可以被修改

utlpwdmg.sql指令碼也會修改default profile.
The default profile settings 是在資料庫被建立的時候,the DEFAULT profile 的資源參數值( resource parameters )。
在運行指令碼之前,如果你修改了這些資源參數並且在使用其他的參數,你應該restore(還原)這些值。
If you modified those resource parameters and you were using other parameter values before running the script, you should restore those values.


Before running the script
-------------------------
SQL> SELECT * FROM dba_profiles
2 WHERE profile = 'DEFAULT'
3 AND resource_type = 'PASSWORD';

PROFILE RESOURCE_NAME RESOURCE LIMIT
------------------- -------------------------------- -------- ------------
DEFAULT FAILED_LOGIN_ATTEMPTS PASSWORD UNLIMITED
DEFAULT PASSWORD_LIFE_TIME PASSWORD UNLIMITED
DEFAULT PASSWORD_REUSE_TIME PASSWORD UNLIMITED
DEFAULT PASSWORD_REUSE_MAX PASSWORD UNLIMITED
DEFAULT PASSWORD_VERIFY_FUNCTION PASSWORD UNLIMITED
DEFAULT PASSWORD_LOCK_TIME PASSWORD UNLIMITED
DEFAULT PASSWORD_GRACE_TIME PASSWORD UNLIMITED

After running the script:
------------------------
SQL> SELECT * FROM dba_profiles
2 WHERE profile = 'DEFAULT'
3 AND resource_type = 'PASSWORD';

PROFILE RESOURCE_NAME RESOURCE LIMIT
-------------------- -------------------------------- -------- ----------------
DEFAULT FAILED_LOGIN_ATTEMPTS PASSWORD 3
DEFAULT PASSWORD_LIFE_TIME PASSWORD 60
DEFAULT PASSWORD_REUSE_TIME PASSWORD 1800
DEFAULT PASSWORD_REUSE_MAX PASSWORD UNLIMITED
DEFAULT PASSWORD_VERIFY_FUNCTION PASSWORD VERIFY_FUNCTION
DEFAULT PASSWORD_LOCK_TIME PASSWORD .0006
DEFAULT PASSWORD_GRACE_TIME PASSWORD 10
7 rows selected.

You can restore the default setting by running this script as internal or as sysdba.

SQL> ALTER PROFILE DEFAULT LIMIT
2 PASSWORD_LIFE_TIME UNLIMITED
3 PASSWORD_GRACE_TIME UNLIMITED
4 PASSWORD_REUSE_TIME UNLIMITED
5 PASSWORD_REUSE_MAX UNLIMITED
6 FAILED_LOGIN_ATTEMPTS UNLIMITED
7 PASSWORD_LOCK_TIME UNLIMITED;


 




相關文章

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.