RAC 下Oracle default 用户全部可以locked,包括sysrac
The following error occur while trying to change the password for SYSRAC or while trying to lock/unlock in?BETA:DB23C.
/home/oracle >sqlplus / as sysdba
SQL*Plus: Release 23.0.0.0.0 - Beta on Do Dec 15 09:06:24 2022
Version 23.1.0.0.0
Copyright (c) 1982, 2022, Oracle. All rights reserved.
Oracle Database 23c Enterprise Edition Release 23.0.0.0.0 - Beta
Version 23.1.0.0.0
SQL> alter user SYSRAC identified by Passw0rd;
alter user SYSRAC identified by Passw0rd
*
ERROR at line 1:
ORA-28222: may not modify reserved user
SQL> alter user SYSRAC account lock;
alter user SYSRAC account lock
*
ERROR at line 1:
ORA-28222: may not modify reserved user
SQL> alter user SYSRAC password expire account lock;
alter user SYSRAC password expire account lock
*
ERROR at line 1:
ORA-28222: may not modify reserved user
- The same error occur in version 21.3?
/refresh/home> sqlplus / as sysdba
SQL*Plus: Release 21.0.0.0.0 - Production on Thu Dec 15 13:54:44 2022
Version 21.3.0.0.0
Copyright (c) 1982, 2021, Oracle. All rights reserved.
Connected to:
Oracle Database 21c Enterprise Edition Release 21.0.0.0.0 - Production
Version 21.3.0.0.0
SQL> set pages 500
SQL> set line 300
SQL> col username for a30
SQL> select username,account_status,authentication_type from dba_users where username='SYSRAC';
USERNAME? ? ? ? ?ACCOUNT_STATUS? ? ? AUTHENTI
--------------? ?--------------? ? ?------------
SYSRAC? ? ? ? ? ?OPEN? ? ? ? ? ? ? ? NONE
SQL> alter user SYSRAC account lock;
alter user SYSRAC account lock
*
ERROR at line 1:
ORA-28222: may not modify reserved user
SQL> alter user SYSRAC identified by Passw0rd;
alter user SYSRAC identified by Passw0rd
*
ERROR at line 1:
ORA-28222: may not modify reserved user
?
SOLUTION
It's not allowed to lock (and unlock) SYSRAC and the authentication type cannot be changed, ONLY is allowed OS Authentication for SYSRAC.
According to the following Manual,after Upgrade to 19.3, account will be set to NO AUTHENTICATION. How to check it?
? During upgrades to Oracle Database 19c, default Oracle accounts that have not had their passwords reset before upgrade (and are set to?EXPIRED
?status),
? and that are also set to?LOCKED
?status, are set to?NO AUTHENTICATION
?after the upgrade is complete.
SOLUTION
The authentication type is listed as NONE in the DBA_USERS view.
?
Before Upgrade (11.2.0.4)
SQL> SELECT username,
? 2???????? account_status,
? 3???????? authentication_type
? 4? FROM?? dba_users
? 5? WHERE ROWNUM < 10;
USERNAME?????????????????????? ACCOUNT_STATUS?????? AUTHENTI
------------------------------ -------------------- --------
SYSTEM???????????????????????? OPEN???????????????? PASSWORD
SYS??????????????????????????? OPEN???????????????? PASSWORD
SYSBACKUP????????????????????? EXPIRED & LOCKED???? PASSWORD
SYSRAC???????????????????????? EXPIRED & LOCKED???? PASSWORD
OJVMSYS??????????????????????? EXPIRED & LOCKED???? PASSWORD
SYSKM????????????????????????? EXPIRED & LOCKED???? PASSWORD
OUTLN????????????????????????? EXPIRED & LOCKED???? PASSWORD
SYS$UMF??????????????????????? EXPIRED & LOCKED???? PASSWORD
SYSDG????????????????????????? EXPIRED & LOCKED???? PASSWORD
9 rows selected.
SQL>
After Upgrade (19.3.0.0)
SQL> SELECT username,
? 2???????? account_status,
? 3???????? authentication_type
? 4? FROM?? dba_users
? 5? WHERE ROWNUM < 10;
USERNAME?????????????????????? ACCOUNT_STATUS?????? AUTHENTI
------------------------------ -------------------- --------
SYSTEM???????????????????????? OPEN???????????????? PASSWORD
SYS??????????????????????????? OPEN???????????????? PASSWORD
SYSBACKUP????????????????????? LOCKED?????????????? NONE
SYSRAC???????????????????????? LOCKED?????????????? NONE
OJVMSYS??????????????????????? LOCKED?????????????? NONE
SYSKM????????????????????????? LOCKED?????????????? NONE
OUTLN????????????????????????? LOCKED?????????????? NONE
SYS$UMF??????????????????????? LOCKED?????????????? NONE
SYSDG????????????????????????? LOCKED?????????????? NONE
9 rows selected.
SQL>
本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。 如若内容造成侵权/违法违规/事实不符,请联系我的编程经验分享网邮箱:veading@qq.com进行投诉反馈,一经查实,立即删除!