This content has been marked as final. Show 3 replies
Well, separating instances from databases, I'm assuming you are referring to databases, and not instances.
An instance only lives in memory, and the database is physically on disks (or similar media).
As to your question, Oracle Enterprise Single Sign-on, but that might be a little too robust.
I believe there is another option that is part of the Advanced Security Option (or something like that).
I have not used it but remember learning about it some time back as part of my OCP learning.
This has got to be possible (at least in my head), i know that i can export passwords from one site or another, so i was thinking that there has to be a way to code this, let alone some already provided component from Oracle.
If you have to 'roll your own' you can set up auditing to trap the password change. See the SQL Language doc
Specify a shortcut to audit the use of specific SQL statements. Table 13-1 and Table 13-2 list the shortcuts and the SQL statements they audit.
Do not confuse SQL statement shortcuts with system privileges. For example:
•An AUDIT USER statement specifies the USER shortcut for auditing of all CREATE USER, ALTER USER, and DROP USER SQL statements. Auditing in this case includes an operation in which a user changes his or her own password with an ALTER USER statement.
•An AUDIT ALTER USER statement specifies the ALTER USER system privilege for auditing of all operations that make use of that system privilege. Auditing in this case does not include an operation in which a user changes his or her own password, because that operation does not require the ALTER USER system privilege.
Then this can trigger a proc that changes the password on the other systems by capturing the info from USER$ and issuing ALTER USER . . . IDENTIFIED BY VALUES.
NOTE: you should use a master site to issue these changes from and will need to prevent circular references. That is, if you have auditing enabled on all systems and don't use a master site then every password change will trigger changes on the other systems, which will trigger changes on the other systems, etc.
You audit procedure will need to detect if the change comes from your master site to keep the loop from happening.