日期:2014-05-16  浏览次数:20612 次

让Oracle用户有密码永不过期


  SQL*Plus: Release 11.2.0.1.0 Production on Mon Feb 18 15:42:14 2013

  OS:Linux node 2.6.32-200.13.1.el5uek #1 SMP Wed Jul 27 21:02:33 EDT 2011 x86_64 x86_64 x86_64 GNU/Linux


  由于应用的需要,某些用户密码不能过期,需要将密码置成永不过期。下面进行这个实验:

  SQL> create user test identified by test;

  User created.

  SQL> select username,account_status,expiry_date,profile from dba_users where username='TEST';

  USERNAME ACCOUNT_STATUS EXPIRY_DA PROFILE

  ------------------------------ -------------------------------- --------- ------------------------------

  TEST OPEN 17-AUG-13 DEFAULT

  SQL> select sysdate from dual;

  SYSDATE

  ---------

  18-FEB-13

  可以看出用户密码有效期为6个月。

  控制用户密码有效期限的参数为password_life_time,此参数不能通过show parameter 来查看,它在user的profile中,默认创建用户时profile为default,我们可以查看一下default profile中都控制哪些参数:

  SQL> select * from dba_profiles where profile='DEFAULT';

  PROFILE RESOURCE_NAME RESOURCE LIMIT

  ------------------------------ -------------------------------- -------- ----------------------------------------

  DEFAULT COMPOSITE_LIMIT KERNEL UNLIMITED

  DEFAULT SESSIONS_PER_USER KERNEL UNLIMITED

  DEFAULT CPU_PER_SESSION KERNEL UNLIMITED

  DEFAULT CPU_PER_CALL KERNEL UNLIMITED

  DEFAULT LOGICAL_READS_PER_SESSION KERNEL UNLIMITED

  DEFAULT LOGICAL_READS_PER_CALL KERNEL UNLIMITED

  DEFAULT IDLE_TIME KERNEL UNLIMITED

  DEFAULT CONNECT_TIME KERNEL UNLIMITED

  DEFAULT PRIVATE_SGA KERNEL UNLIMITED

  DEFAULT FAILED_LOGIN_ATTEMPTS PASSWORD 10

  DEFAULT PASSWORD_LIFE_TIME PASSWORD 180

  PROFILE RESOURCE_NAME RESOURCE LIMIT

  ------------------------------ -------------------------------- -------- ----------------------------------------

  DEFAULT PASSWORD_REUSE_TIME PASSWORD UNLIMITED

  DEFAULT PASSWORD_REUSE_MAX PASSWORD UNLIMITED

  DEFAULT PASSWORD_VERIFY_FUNCTION PASSWORD NULL

  DEFAULT PASSWORD_LOCK_TIME PASSWORD 1

  DEFAULT PASSWORD_GRACE_TIME PASSWORD 7

  16 rows selected.

  可以看到password_life_time参数就在里面,而且值为180,单位天。