首页 » ORACLE 9i-23ai » sys临时修改其他未知用户密码 alter user identified by values ”

sys临时修改其他未知用户密码 alter user identified by values ”

上一篇说到如果anbob用户创建了job,但sys不知道他的密码,怎么样用anbob用户临时登录一下呢?
其实是可以的,需要先记录下当前密码的hash 值,修改为新的,用完以后再改回来,神不知鬼不觉,风险是anbob真实用户会在这段时间无法登录.
ORACLE在pre-11g,11g, 12c 使用了不同的密码策略, 所以要对应用相应的版本修改.
11g以前版本的修改方法
用alter user identified by values命令很方便

[oracle@orazhang ~]$ ora

SQL*Plus: Release 10.2.0.1.0 - Production on 星期四 9月 22 10:42:07 2011

Copyright (c) 1982, 2005, Oracle.  All rights reserved.


Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Production
With the Partitioning, OLAP and Data Mining options

--此时anbob密码是anbob
sys@ORCL> select NAME,PASSWORD from user$ where name='ANBOB';
NAME                           PASSWORD
------------------------------ ------------------------------
ANBOB                          ACF67A552551E848

sys@ORCL> alter user anbob identified by anbob123;
User altered.

sys@ORCL> select NAME,PASSWORD from user$ where name='ANBOB';
NAME                           PASSWORD
------------------------------ ------------------------------
ANBOB                          64096627C6DB8EEA

sys@ORCL> conn anbob/anbob123
Connected.
anbob@ORCL> select 'do something' from dual;

'DOSOMETHING
------------
do something

anbob@ORCL> conn / as sysdba
Connected.

anbob@ORCL> alter user anbob identified by values 'ACF67A552551E848';

sys@ORCL> conn anbob/anbob
Connected.

11g版本的修改方法
sec_case_sensitive_logon参数控制着密码是否启用了大小写敏感.

#11g版本 DBA_USERS视图增加了一列PASSWORD_VERSIONS, 记录了当前的密码使用是哪种hash算法, 如果是11G,新的hash值会记录在user$.spare4字段. 如果查之前的dba_user.password将为NULL.

1,
SQL> select spare4 from user$ where name='ANBOB';
--remeber the values

2, SQL> alter user anbob identified by [newvalue]

3, SQL> alter user anbob identified by values [#1 spare4 value]

# 记录当前的所有用户密码

select 'alter user '||name||' identified by values '''||password||''';' from user$ where spare4 is null and password is not null
union
select 'alter user '||name||' identified by values '''||spare4||';'||password||''';' from user$ where spare4 is not null and password is not null;

12c# 版本好像是又增加了密码了新的HASH 算法.

note: 不建议修改基表在生产库中,无论什么时候

打赏

目前这篇文章有1条评论(Rss)评论关闭。

  1. Robin Peppler | #1
    2011-12-21 at 07:35

    I have found your website on Google and the information written on your post is interesting. I enjoy reading this one, looking forward to reading more of your posts!!