Document passwords for the continuity of the database
First off I'm not an oracle DBA.But in a perspective of risk/audit/compliance, I attended a recent seminar by which he DB security said it was convenient current for the DBA to document passwords associated DB servers, they manage to plain text in documents. I think some form of continuity.
Some questions are:
(1) why
(2) what you related to these documents
(3) what is the risk to document is not the passwords associated with databases and servers
(4) what passwords you document
user599292 wrote:
Yes, it was my guess, the password may be required if the admin was turned off when this credential was required to complete an urgent task, where the need to save it somewhere another admin can access. But I guess in a perspective of sound risk identifying where the password, and who can access it, so it does not fall into the wrong hands...
These days, having to know the password is rarely necessary to "continuity." And it's been over a decade that I finally saw the password-on-paper-kept-safe-by-manager approach.
To perform the maintenance on a server (o/s, web, database, etc.), I just need my key public RSA is approved by this server. And to get there, I must provide my private RSA key.
No secrets to remember. No secret to change often, in case it is accidentally revealed/presentations. And fly an RSA or DSA private key are much more complex than stealing a password.
So to connect as SYSDBA - rather than use the SYS password to connect, I can log in as user oracle o/s using RSA authentication via ssh on the db server - and then to use the confidence o/s credentials to make an 'internal' connect to the database.
Servers can also be configured for auditing and logging-which means there is a detailed record of who logged on to the server where. In addition, a dedicated management network can be used - with firewall protection, and allowing only selected IP deals with intranet access to the management for the management servers network via it.
Tags: Database
Similar Questions
-
Additional measures if I exchange the ADMUSER password for the database?
Hello:
Are there measures of application to change the password of database ADMUSER? I found the note on how to change the PRIVUSER password, but nothing about ADMUSER. Is it as simple as user admuser identified by "< password >" change
Thank you
Laura Sallwasser
Hi Laura,
Yes, the ADMUSER password can be changed enough safely.
PrivUser requires an additional step, given that a hash of the password stored in the table "pubuser".
Pubuser requires additional steps, insofar as it will be used by and P6 customer installs so they would need to be updated if you change the password for pubuser.
Concerning
Alex
-
Change the password for the user of IOM database
To change the password of the database user who created and the user run the prepare_xl_db.sh. I changed the < encrypted password = "true" > "false" and changed the password in the xlconfig.xml and restarted the application server, but I can not connect. I get the error below. -What else is necessary?
ERROR, October 30, 2008 09:31:56, 265, [XELLERATE. SERVER], class/method: XLJobStoreCTM/initialize some problems: error connecting to the database. Please check if DirectDB is correct in the Xellerate configuration file.
FATAL, October 30, 2008 09:31:56, 265, [XELLERATE. PLANNER], QuartzSchedulerImpl-constructor for Exception
org.quartz.SchedulerConfigException: failure occurred during recovery of employment. [See nested exception: org.quartz.JobPersistenceException: could not get the connection to data source 'noTXDS' DB: org.apache.commons.dbcp.SQLNestedException: cannot create PoolableConnectionFactory (ORA-01017: name of user and password invalid; connection refused)]
) [See nested exception: org.apache.commons.dbcp.SQLNestedException: cannot create PoolableConnectionFactory (ORA-01017: name of user and password invalid; connection refused)]
)]]
at org.quartz.impl.jdbcjobstore.JobStoreSupport.initialize(JobStoreSupport.java:429)
at org.quartz.impl.jdbcjobstore.JobStoreCMT.initialize(JobStoreCMT.java:131)
at com.thortech.xl.scheduler.core.quartz.XLJobStoreCTM.initialize (unknown Source)
at org.quartz.impl.StdSchedulerFactory.instantiate(StdSchedulerFactory.java:753)
at org.quartz.impl.StdSchedulerFactory.getScheduler(StdSchedulerFactory.java:885)
at com.thortech.xl.scheduler.core.quartz.QuartzSchedulerImpl.initialize (unknown Source)
to com.thortech.xl.scheduler.core.quartz.QuartzSchedulerImpl. < init >(Unknown Source)
at com.thortech.xl.scheduler.core.quartz.QuartzSchedulerImpl.getSchedulerInstance (unknown Source)
at com.thortech.xl.scheduler.core.SchedulerFactory.getScheduler (unknown Source)
at com.thortech.xl.scheduler.deployment.webapp.SchedulerInitServlet.startScheduler (unknown Source)
at com.thortech.xl.scheduler.deployment.webapp.SchedulerInitServlet.init (unknown Source)
at com.evermind.server.http.HttpApplication.loadServlet(HttpApplication.java:2371)
at com.evermind.server.http.HttpApplication.findServlet(HttpApplication.java:4824)
at com.evermind.server.http.HttpApplication.findServlet(HttpApplication.java:4748)
at com.evermind.server.http.HttpApplication.initPreloadServlets(HttpApplication.java:4936)
at com.evermind.server.http.HttpApplication.initDynamic(HttpApplication.java:1145)
to com.evermind.server.http.HttpApplication. < init > (HttpApplication.java:741)
at com.evermind.server.ApplicationStateRunning.getHttpApplication(ApplicationStateRunning.java:414)
at com.evermind.server.Application.getHttpApplication(Application.java:570)
to com.evermind.server.http.HttpSite$ HttpApplicationRunTimeReference.createHttpApplicationFromReference (HttpSite.java:1987)
to com.evermind.server.http.HttpSite$ HttpApplicationRunTimeReference. < init > (HttpSite.java:1906)
at com.evermind.server.http.HttpSite.initApplications(HttpSite.java:643)
at com.evermind.server.http.HttpSite.setConfig(HttpSite.java:290)
at com.evermind.server.http.HttpServer.setSites(HttpServer.java:270)
at com.evermind.server.http.HttpServer.setConfig(HttpServer.java:177)
at com.evermind.server.ApplicationServer.initializeHttp(ApplicationServer.java:2493)
at com.evermind.server.ApplicationServer.setConfig(ApplicationServer.java:1042)
at com.evermind.server.ApplicationServerLauncher.run(ApplicationServerLauncher.java:131)
at java.lang.Thread.run(Thread.java:595)
* Nested Exception (the underlying Cause).
org.quartz.JobPersistenceException: could not get the connection to data source 'noTXDS' DB: org.apache.commons.dbcp.SQLNestedException: cannot create PoolableConnectionFactory (ORA-01017: name of user and password invalid; connection refused)
) [See nested exception: org.apache.commons.dbcp.SQLNestedException: cannot create PoolableConnectionFactory (ORA-01017: name of user and password invalid; connection refused)]
)]During the IOM installation datasources are created to access the database.
Then when you change the password for the database user, you must set the password in the data sources. -
First Cisco VIEW - change the password for the admin GUI of CLI
Hello
We had someone install an instance of VIEW with the Vmware EGG file, but it seems that they never take the GUI password (admin) during the installation phase.
Does anyone know the process to re-run the configuration script or to change the password for the admin of the SSH session, so we are able to connect to the GUI?
Thank you
Andreas
Hi Andreas,
Sorry, that I was not able to respond until the EGG has been redeployed, however, it is possible to change the CLI from the server admin password.
1 SSH on the server VIEW
2 cd to/usr/local/cisco/dcm/fm/bin
3 «./addUser.sh--help' to view the syntax of the command.
The syntax for the addUser.sh script is «./addUser.sh
. The adduser script to add new accounts to users or change the password for the existing user accounts. 4. to change the admin password, the command should look like this,
«./adduser.sh admin
. If you have forgotten the password for the database, you can find it in the file, usr/local/cisco/dcm/jboss-as.7.2.0-Final/standalone/conf/postgres.cfg.xml. Use the 'cat /usr/local/cisco/dcm/jboss-as.7.2.0-Final/standalone/conf/postgres.cfg.xml' command to print the contents of the file to the screen.
-Eric
-
How to reset or recover my password for the signing of an electronic document?
How to reset or recover my password for the signing of an electronic document?
Your only option is to remember. Adobe does not have a recovery tool or allow you to change it unless you know the current password.
-
How to recover the password for the EMI
Hi gurus,
Unfortunately I forgot the password for the IME. Is it possible to get it back?
ARO
-Dave
Hi Dave,.
To recover the IME password, follow these steps:
Step 1 stop the client of the EMI.
Step 2 remove the installed directory hosts.cfg file.
Example of
C:\Documents and Settings\All Users\Application Data\Cisco Systems\IME\iev\hosts.cfg
Step 3 restart the client of the EMI.
Step 4, you are invited to create a new password.
No event is lost from the database, including new events between the moment where you deleted hosts.cfg and restarted IME. However, the event account username and password will be used for both events and configuration. If you have different usernames and passwords for the roles of the event and configuration, you must change each device to restore.Hope that answers your query.
Kind regards
Manisha masseur
-
set the password for the 'parameters' on iphone 5
Y at - it app to set a password for the "parameters" on an iphone 5? My son continues to change some of the parameters,
N ° define a word password on the phone and don't let not your son play with him.
-
Change my Apple ID and now all the other devices asking me the password for the old ID.
Using my MacBook Pro El Capitan 10.11.3 running, I changed my code from Apple. We have two iPhones and two iPads. All are running 9.2.1. As I made the change to the ID, other devices constantly ask me to enter the password for the old ID. Of course, it no longer works, but I can't find a way to stop messages. When I change to the new ID, devices of ask a password. The password does not work and I am asked to create a new password. If I do that, I can connect is no longer in my ID on the MacBook pro. At this time, I again wonder to change my password, and the circle continues. How can I get all the devices and the cloud to recognize the new ID and password? This gets pretty annoying, and data is not shared between all the devices for applications like the calendar.
Try to change the ID to your old one, sign out iCloud on computers/devices, then replace it with a new and connect.
What to do after changing Apple ID or password - email address
-
HP Stream 13.3: master password for the software security device
I recently bought my HP laptop and I thought it would bw a good idea to use the password and I created and do not remember for the life of me what it is. Using google and see what I could do. He told me that I could restore the computer to factory settings and keep my files and clear the password. I tried and when I logged on today he again asked me the password into a box that says: Please enter the master password for the software security device. I tried all how can I get rid of this or reset it so that I can pick one and write it down. It won't let me connect on the Web site of my school because even if I click cancel it tell me that I can get because it cannot determine my credentials. Yes, even though I entered in my password for my school site which is not serious because I do not know the master password! Please help as soon as you can!
PiTT
E-mail: [email protected]
See the document of support here:
https://support.Mozilla.org/en-us/KB/reset-your-master-password-if-you-forgot-it
-
The unit 3.1 (3) change of password for the Service account
Hi all
I am aware of the link and procedure on how to change the password of the service account of the unit 3.1 X here: http://www.cisco.com/en/US/customer/products/sw/voicesw/ps2237/products_tech_note09186a0080093f54.shtml#topic2
My question is this. I have 5 unity servers that use this service account in any area, which includes Europe and the United States. If I change the password in AD all services will continue to work with the old password as long as they have not restarted with the old password? I know I need to change the password for each service that uses the account and then restart the unit, but since AD taking so long to reply, I was hoping to change the password of the account one day and then the next day or even longer when I have planned for my failure, I can then change the password for the services on each server and then restart the unit and make sure that replication is complete and the services start again with the new password.
I think as long as I do not have to restart services can I change the password of the service account in AD a day or two before I schedule my outage can I change the password for all services, and then restart the unit. I know that I can force replication, but it would be nice to be able to change it in advance as long as it is not flexible, whatever it is. Even force the replication takes a lot of time in our environment and I want to be sure, can I change well in advance without having a negative impact.
Thanks for your time!
Keith
If you change a password for a domain account, it should respond immediately through the Organization as AD treats this with the highest coastal.
-
What are the consequences of the change of password for the admin user in golden gate?
Hello
I just picked up during surgery and allows us to replicate door data of gold. Unfortunately, the password for the user that has been created in the database for the Golden Gate has been lost.
At the present time, processes are added and I was trying to connect but it fails with name of user and password invalid.
I want to change it. Do I need to apply this new password anywhere after changing?
Thank you
Hello
Not a lot of consequences, if you have changed the password where you had used.
1. you must change the password of user goldengate in parameter files where ever you had mentioned, as the extract file etc..,.
2. If you used the password encrypted, you must re-create the encryption password.
3. If you used a user Alias id, then you must change this too.
Kind regards
Veera
-
I was handed to our production database server Oracle 11 g R2 and said to manage by management. Obviously a DBA experienced / qualified isn't in the budget this year and it gives me the opportunity to learn SQL and Oracle 11 g.
That being said, I noticed that when I try to connect to my instance target (SID = ide) as SYS, there is no request to enter the password for the SYS. I am basically poured directly into the database with SYS privleges.
As you can see I was connected as user 'oracle' OS on Linux and was never invited to no password. I was wondering if this is normal in the world of database Oracle or disapproved and recommended that change some how. Can you guys please explain? I haven't used at all before Oracle so I don't know if it's good, but looks bad for me to a point of safety. Afraid I will break 11g if I fix this too.[oracle@db1 ~]$ sqlplus / as sysdba SQL*Plus: Release 11.2.0.3.0 Production on Wed Jul 11 11:43:02 2012 Copyright (c) 1982, 2009, Oracle. All rights reserved. Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production With the Partitioning, OLAP, Data Mining and Real Application Testing options SQL>
Thanks for the clarification!Yes, "will not work" means must obtain a password to connect.
Please mark the answer as being correct.
Rgds,
Ahmer
Published by: Ahmer Mansoor on July 11, 2012 22:20
-
Username or password for the guest OS
Hello
HostOS: Ubuntu 8.10
GuestOS: Windows Server 2003
I'll build a regression test environment and I need to be able to use the command line to start a virtual machine and discover its external IP address so that I can query a database that I have stored on it. I am able to start my virtual machine to the command-line help:
vmrun T - h server http://127.0.0.1:8222 / sdk runProgramInGuest u '[local] Integrated Testing VM/winnetstandard.vmx' C:\Windows\system32\ipconfig.exe
fails with a ' error: username or password for the guest OS.
I assure you that comments username and password I use are valid. I tried with user domain\username, username, etc. I installed the latest VM for the guest OS tools. I tried connecting manually first guest OS, so that the VM tools to perform before I called vmrun. I know I can find the IP address of the guest OS through the section of the status of the web utility or by running the console OS comments; However, in my final project, users will only to have command line access.
What I am doing wrong with my order of runProgramInGuest? Or, better yet, is there a simpler way to get the IP address of the OS from the command line?
I'm under VMServer 2.0 on Ubuntu 8.10 with a guest OS of Windows Server 2003.
Thank you!
I need to start a virtual machine and find the IP address signed by
Check /var/log/vmware/hostd.log on the host
Remember that if you use a format domainsername user then on Linux you need to escape the backslash so it would be the field
username, if you have not indeed get you the error "invalid username or password for the operating system prompted". Similarly to the backslash characters in the path of the program to run in the comments and you must specify the full path.---
If you have found this device or any other answer useful please consider the use of buttons useful or Correct to award points.
-
Change password for the application from the apex
Hi friends,
I created an application of database in the apex, for this application in the login page, that I need to set as
Forget the password link or change the password link, assume that if the end user clicks that link means, there ask for the
New password: and confirm password
shortly after he entered the password if the user connects to the application of the means, he needs to go inside the application. .........
Normally to reset the password for the end user for the application, we will do it on the side of the administration of apex
It is that we will give RESET PASSWORD OPTION to change the password for the end user...
My question in this sense, that the end user must change his password by itself in the front end application...
It is possible to like that in the application of the apex...
How friends,
Kind regards
Mini...The problem is that you have specified a different page than the page of connection (due to which your login page used the builtin page). During the passage of the authentication, you must specify that 101 is indeed your login page (disabled by default)
Here's a screenshot of it.
So, in your workspace, choose current change, choose the authentication name and when you get to this screen tick the checkbox and submit. You should be prompted for your login page (which corresponds to the theme). This should solve the problem.
-
Oracle 11g save the BC4J password in the database?
In 10g, Oracle stores the password in the database encrypted in bc4j.xcfg.
However, 11 g, it seems that Oracle is not saving the password in any file (I checked connections.xml and bc4j.xcfg). Oracle records db password in database system?
I ask this question because we are going to deploy a Java ADF program on the production that I don't have access. I wonder if I need JDeveloper for access to the production environment to configure the credentials for the connection to BC4J in the database server.
Edited by: huaichen on July 22, 2010 12:20Hi huaichen
Documentation "15.3.2 Packaging credentials with the Application.
at http://download.oracle.com/docs/cd/E14571_01/core.1111/e10043/devmancfg.htm#JISEC2949
says "the credentials of the applicationare defined in a file that must be named cwallet.sso. ..."Thus, looking for documentation for "cwallet.sso" might help.
success
Jan
Maybe you are looking for
-
I can find my 'profile' folder and 'see' recent backups in this folder - but the restore function doesn't seem to accept older backups ny...
-
Stream laptop HP 11: Synaptics software missing
Hi, I've read a lot of posts on this topic but have not found anything similar to my situation. I installed Win 10 and chose the annihilation all option because I wanted to start over from scratch. Everything went well and the touchpad works EXCEPT
-
Cannot copy Photos from external storage library
I want to copy my library of Photos of my iMac to an external storage device. I use an SD card to copy the files on as is the storage device external only I with sufficient capacity to store my library (21,86 GB). When I run the copy, all right, but
-
I have 2 (square and sine) signals in the same interval of time, I need to get a trigger point sine wave (I did it with base trigger level VI) and I need now look for the last square base in a wave front of the sinewave trigger point. Logic as follow
-
My Dell laptop is quite old and SLOW but effective. I bought a new Toshiba Windows 7 laptop, and they had ideally made available a kit to transfer all the data from the old computer again. For windows USB transfer cable. Well, I loaded the CD and he