This content has been marked as final. Show 9 replies
user522961 wrote:Check if user uses DEFAULT profile
on 11g R2 on Win user account is frequently locked even 10 minutes aftter being unlocked.
Any idea ?
I have already issued :
ALTER PROFILE "DEFAULT" LIMIT PASSWORD_LIFE_TIME UNLIMITED
ALTER PROFILE "DEFAULT" LIMIT PASSWORD_GRACE_TIME UNLIMITED
Check the profile for FAILED_LOGIN_ATTEMPTS
And either a user of a job has the wrong password.
thank to all.
for FAILED_LOGIN_ATTEMPTS the limit is 10. How much can I increase it ? Also for PASSWORD_LOCK_TIME , it is 1 ? Should I increase it ?
Yes user uses DEFAULT profile.
Check that the user is using the default profile...
select profile from dba_users where username = 'THE USERS NAME';
As somebody else has said, you either have a user who is trying to login and has forgotten their password but is adamant that they are correct, not unusual, or a batch job is trying to login as that user but is using an old password.
What user is being locked? Any of the standard Oracle users?
Make sure you check all of YOUR settings for the Profile.
ALTER PROFILE "DEFAULT" LIMIT SESSIONS_PER_USER UNLIMITED CPU_PER_SESSION UNLIMITED CPU_PER_CALL UNLIMITED CONNECT_TIME UNLIMITED IDLE_TIME UNLIMITED LOGICAL_READS_PER_SESSION UNLIMITED LOGICAL_READS_PER_CALL UNLIMITED COMPOSITE_LIMIT UNLIMITED PRIVATE_SGA UNLIMITED FAILED_LOGIN_ATTEMPTS 101 PASSWORD_LIFE_TIME UNLIMITED PASSWORD_REUSE_TIME UNLIMITED PASSWORD_REUSE_MAX UNLIMITED PASSWORD_LOCK_TIME UNLIMITED PASSWORD_GRACE_TIME UNLIMITED PASSWORD_VERIFY_FUNCTION NULL;
Can also be :
Edited by: mseberg on May 10, 2012 7:53 AM
go to scheduled jobs and see if theres a frequent job configured with a user/pass that might be incorrect thats causing it to lock.
an oracle user which is created for peoplesoft application.
on 11g R2 on Win user account is frequently locked even 10 minutes aftter being unlocked.increasing the FAILED_LOGIN_ATTEMPTS is one thing, you also have to check the reason behind it,investigate who is giving wrong password which make the account locked.
if auditing is enabled you can get the failed login attempt from dba_audit_trail;
and auditing should be enable like
audit create session whenever not successful;
select os_username, username, terminal, timestamp from dba_audit_trail;
thanks to all.
I did :
ALTER PROFILE DEFAULT FAILED_LOGIN_ATTEMPTS UNLIMITED
and seems working.