In Sybase, my application was using system tables to perform application login security. Those tables obviously don't exist in Oracle. I am looking for ways to provide the following functionality in an Oracle world:
1. How to determine 'x' days of inactivity based on "last login date"?
2. How to determine when a new user logs in for the first time and force them to change their password?
3. If we need to reset a users password, how can we require the user to change their password?
4. Is there any other option other than storing a user-id/password in the application code for locking a user's account if their account needs to be locked due to inactivity?
5. In the USER_USERS view there is a status column. What the different status's can be?
I need to find out in DB Package where this Package is installed (in which schema). The problem is this DB Package can be installed in various schemas. This means that I can't use select user from dual or system environment SYS_CONTEXT('USERENV', 'OS_USER').
I have some doubt over the overloading concept in oracle. Check the following code. Everything is same ie procedure name,data types and order.Only diffrence is the variable names.but oracle don't give any error.
create or replace package overeload_pkg as procedure overload(x number,y varchar2); procedure overload(y number,x varchar2);/* why oracle allow this */ end; [code]....
How to configure Oracle EM with newly created Oracle Instance on Oracle 10g DB,which is Single Instance DB but not RAC ,when I start the Oracle EM it is starting the default DB which created during Oracle Server Installation.
I have a package with several procedures which raise and catch an error if a foreign key constraint has been violated. I put the the following code in my package body:
Now all the procedures inside the package which catch this exception in the EXCEPTION block work fine. I would like to be able to use that exception outside of my package as well though, how would I do this?
it is working fine. However, when I use the same statement in the package which is scheduled to run every morning, it is not working. What could be the reason?
Suppose, there is a package p1 with proc A, Proc B and Func C.Now when any of the package proc or func gets invoked from a stored proc G then a common code which reads the cols of table xyz should be executed. How to do that?
I've created a database package which is having record type and one procedure. I want to execute or call this package from oracle 6i form. How to do this.
Lost Windows password? Forgot Windows password? Your PC was hacked? Therefore, it is a basic step for every Windows users to enhance the security of Windows password. In the networks, it is found that a number of user's passwords are easy to guess. Only the smallest groups are the most security conscious and select passwords that are mixed lowercase and uppercase letters, numbers and punctuation to create cryptic passwords. Adopting strong password is one of the most effective ways to ensure system security. Here are several methods for you to enhance the security of your passwords in Windows 7/2000/XP/Vista and so on. You'd better remember the methods below unless you want to reset Windows password from time to time.
1. Is random password a great password?
A common myth is that totally random passwords like Ht3&e#L%5d@$B are the best passwords. This is not true. While they may be strong passwords, they are usually difficult to remember, slow to type, and sometimes vulnerable to attacks against the password generating algorithm. It is easy to create passwords that are strong but much easier to remember by using a few simple techniques. For example, consider the password "Luck-73@Better?". This password utilizes uppercase and lowercase letters, two numbers, and three symbols. The password is 15 characters long and can be memorized with very little effort. Moreover, this password can be typed very fast. The portion"Luck" and "Better" alternate between left and right-handed keys on the keyboard, improving speed, decreasing typos, and decreasing the chances of someone being able to discover your password by watching you.
2. Create the long Windows password
Although a password may eventually be discovered through some means, it is possible to create a password that cannot be cracked in any reasonable time. If a password is long enough, it will take so long or require so much processing power to crack it. That is essentially the same as being unbreakable (at least for most hackers).
3. Create the Windows password constantly?
This may be good advice for some high-risk passwords, but it is not the best policy for every user. It is frustrating for a user to have to constantly think of and remember new passwords every 30 days. It may be better to focus on stronger passwords and better user awareness rather than limiting password age. A more realistic time for the common user may be 90-120 days.
4. Write down Windows password in a proper place
Sometimes it is necessary for some users losing and forgetting complex passwords easily to write down them somewhere proper. However, it is important to educate users on how to write down passwords properly. Obviously, a sticky note on the monitor is not a good idea, but storing passwords in a safe or even a locked cabinet may be sufficient.
5. 14 characters is the optimal password length
Each character that you add to your password increases the protection. Your passwords should be 8 or more characters in length; 14 characters or longer is the Optimal Password Length. Many systems also support use of the space bar in passwords, so you can create a phrase made of many words. It is not easier to forget and lose, as well as longer than a simple password, and harder to guess.
6. Try not to use the same Windows password for all accounts
Some users always make the same passwords for every account to make it easy to remember. In that case, when any one of them lost, your other information protected by that password will be in danger as well. It is serious to use different passwords for different systems and accounts.
7. Do not use some common words that other users maybe guess
Most of users prefer to use some common words to remember easily, for example, login name, birth date, driver's license, passport number, pets' name and other words contained their personal information someone knows. In that case, your Windows system will not be safe anymore. Moreover, do remember not to use some words spelled backwards, abbreviations, sequences or repeated characters and adjacent letters, such as, asdfgh, 123456, 888888, abcdef and so on.
You can smoothly use your Windows now because the strong and powerful Windows password is created successfully, Certainly, I believe that many users lost Windows password and forgot Windows password, then you need have to reset Windows password or recover Windows password. It is a big problem for plenty of Windows users that how to reset Windows password. how to recover Windows password and they are puzzled by resetting windows password, for instance, reset Windows 7 password, recover password Windows XP, remove Windows Vista password and other operating systems after they create the password with complex letters, numbers and symbols. However, it is unnecessary to worry and it is said that things will eventually sort themselves out. There are many ways to reset forgotten Windows password, including use windows password reset disk and windows password reset software, like Super Windows Password Reset, a professional windows password reset software which could enable you to logon to Windows smoothly without reinstalling system.
we have a oracle database version 11.2.0.1. now we have installed database gateways 11g in sql server machine and created db link in oracle and working fine
Now my question is:
Windows 2003 server having sql server and 11g Gateways installed
But oracle database is 10g............if i create link in Oracle it will work? because 11gR2 gateway will synch with Oracle 10g database.
While searching for password encryption I came across these statements.
1.Password Encryption While Connecting. This protection is always in force, by default. Passwords are always automatically and transparently encrypted during network (client/server and server/server) connections, using a modified DES (Data Encryption Standard) or 3DES algorithm, before sending them across the network.
Confirm whether by default oracle encrypts the password before sending it to the database across the network even when the clear text password is used for connecting from a jdbc client.
there is urge to limit account usability in oracle.
let's say i have request to create user HR1, and additional information is that this account should be available for using till 31-dec-2011. is there possibility to set this validity during creation?
Is there any setting on oracle that allows to disconnect users automatically and display a message to users such: "Try a new connection to the db in 30 minutes"?
Let us say I want to audit data updates, deletes on existing table EMP_TAB that has a few hundred thousands of records.I created a shadow table Emp_tab_audit and added few audit columns
Emp_tab ( Empno NUMBER NOT NULL, Ename VARCHAR2(10), Job VARCHAR2(9),
[code]...
I am mostly interested in UPDATES and DELETES but I decided to add INSERTS to have full history for each eomplyee in one table (audit schema) instead of querying two tables all the time (production table and audit table) to see the changes.
I created this AFTER INSERT, UPDATE, DELETE trigger.decided to copy the :NEW values for INSERT and UPDATE and :OLD values for DELETE. attached.
so when insert happens, the first audit row is created in EMP_TAB_AUDIT. update happens, the 2nd new row is created in EMP_TAB_AUDIT.
The problem I am facing is the old records that curently exist. If someone updates an old row I am copying the :NEW values so I won't have a copy of the :OLD values unless I create 2 ROWS (one for the old and one for the new).
Do you think I should copy all the hundreds of thousands of records to the AUDIT tables for this to work.
******************************************************************* CREATE OR REPLACE TRIGGER TRG_EMP_AUDIT AFTER INSERT OR DELETE OR UPDATE ON EMP_TAB FOR EACH ROW DECLARE v_operation VARCHAR2(10) := NULL;
I have tried to implement RLS policy of oracle.I have two Schema X1 & X1_DBA.
I have created the emp table in X1_DBA create table emp(empid number,ename varchar2(10),deptno number) and inserted some rows into the Table. i have created the below function in X1_DBA schema & Given Select Privilege to X1.
CREATE OR REPLACE FUNCTION no_dept10( p_schema IN VARCHAR2, p_object IN VARCHAR2) RETURN VARCHAR2
[code]...
When i Add the Policy in X1_DBA.schema i am getting the Error as Table does not exist
Can i get some documents on oracle RAC database encryption.?what are the pros and cons of encryption?Does this comes with oracle Database or something we need to buy from oracle sales persons?
Provide me the script which would track all the users security violations like ... say for example i want to find which users logged in and what he did in database prospective.
Does any technical details on the tables found in Oracle Internet Directory? I've checked eTRM and google etc.. - nothing there apart from very minor snippets. I'd like logical schema drawings (PDF) if possible or even a list of the tables and what they do as like the modules in EBS.
I understand how to create a database directory object to point to a directory on the server File System. Is there a way to take the next step and create a new directory on the host file system from within Oracle?
