You should use only FNDCPASS to change the password. You should not use 'alter user' from sqlplus.
The Maintenance Guide for 12.2 (page 6-19) has two parts, one about a new oracle user just registered in the database the other about changing oracle passwords that is if flat out wrong.
The section you referenced 6-19 is referring to a new database username(schema) registered in ebs. That may require the password updated in the database right after because it say's it again in 6-20.
The password of your ORACLE username.
Until you register the password changes in Oracle E-Business Suite and implement
them in the database, responsibilities using this ORACLE username cannot connect to
After this is registered and updated, you would not ever change the password in the database. You would always use FNDCPASS or AFPASSWD.
The "make the applsys password change in the database statement in this 6-20 paragraph is wrong. The applsys username is not updated with sqlplus in the database. (unless you screw something up and need to fix it). FNDCPASS or AFPASSWD will update the password and there is no need to change it in the database manually.
Warning: If you are changing the password to the applsys ORACLE
username, which contains the Oracle Application Object Library tables,
you must not change the passwords to any other ORACLE usernames
at the same time.
As soon as you change and save the password, you should
immediately log out of the Oracle E-Business Suite, make the applsys
password change in the database, and then sign on again before you do
anything else. You should also ensure that no other users are logged on
to the Oracle E-Business Suite while you are changing the applsys
I just changed all the passwords on a clone. It would have been crazy and impossible to do if I had to also change them in the database after changing them using fndcpass.
Removing Credentials from a Cloned EBS Production Database (Doc ID 419475.1)
Thanks to all.
Complicated and confusing.