Pages

Sunday, September 9, 2012

What is Oracle verify_function_11g 


what is "verify_function_11g" ?
This is Oracle provided function to implement restriction in passwords, 
like lock time, grace time, failed login attemp, etc.,
verify_function - 10g
verify_function_11g - 11g
# create function using Oracle provided script utlpwdmg.sql
# should be connected as sysdba (function should be created in 'sys' schema)
SQL > conn / as sysdba


SQL > @ ?/rdbms/admin/utlpwdmg.sql 
Caution: This script alters the 'default' profile and default profile might be assigned to your application user in production database. So application users will be effected with password policy.



SQL> column OBJECT_NAME for a20
SQL> select object_name, object_type, owner from dba_objects where object_name like 'VERIFY%';

OBJECT_NAME           OBJECT_TYPE   OWNER
-------------------   ------------- -----------
VERIFY_FUNCTION_11G   FUNCTION      SYS



How to use verify_function_11g ?
CREATE PROFILE non_default LIMIT
   FAILED_LOGIN_ATTEMPTS 5
   PASSWORD_LIFE_TIME 60
   PASSWORD_REUSE_TIME 60
   PASSWORD_REUSE_MAX 5
   PASSWORD_VERIFY_FUNCTION verify_function_11g
   PASSWORD_LOCK_TIME 1/24
   PASSWORD_GRACE_TIME 10;
Alter user temp_user profile non_default;
SQL> SELECT * FROM dba_profiles WHERE resource_type='PASSWORD' ORDER BY profile;
Posted by at No comments:
Subscribe to: Posts (Atom)