Thursday, March 3, 2016

How to reset user accounts in Oracle 11g on Linux


# su - oracle

$ sqlplus /nolog

SQL> conn /as sysdba

SQL>select limit from dba_profiles where resource_name = 'PASSWORD_REUSE_MAX' AND profile = 'DEFAULT';       <--10...more secure
NOTE: Should be 10....If not, change 10 in the reset command to the output number.

----------------------------------------------------------------------

SQL>alter profile default limit password_reuse_max unlimited;

-----------------------------------------------------------------------
#To see locked or expired users;
SQL>select username, account_status from dba_users;

-----------------------
#To get their passwords;

SQL>select name, password from user$ where name = 'EGD_USER';
----------------------------------------------------------------------- 

#select name,password from user$ where name = 'EGD_USER';  <- Copy the output into the line below: 'ACTUALOUTPUT'

SQL>alter user EGD_USER identified by values '8467F6B603CA4542';   <---paste here
NOTE: This process can be repeated for additional accounts:
            IMINT, GISPROD, DCGS_USER, CMWREMOTE, GPT93

-------------------

SQL>select limit from dba_profiles where resource_name = 'PASSWORD_REUSE_MAX' AND

profile = 'DEFAULT';

NOTE: Should match what it was before you started.  This is a security feature and will be a finding

if not put back.


SQL> alter profile default limit password_reuse_max 10;

#verify the users were reset ;

SQL> select username, account_status from dba_users;


#if account is "locked" still, most times the password is just expired and the account will auto unlock once the password is changed. 

SQL> alter user EGD_USER account unlock;

 

#Exit disconnects you from Oracle DB.

SQL> exit

#One more “exit” takes you back to root prompt #

$ exit
Posted by at No comments:

Replace a String in Multiple Files in Linux Using Grep and Sed

I recently had to replace every occurrence of a certain word / string in a ton of files spanning multiple directories, and this is the quickest way I've found to do it. It uses grep to search for a certain word and if it find its it runs sed to replace the strings you want. Note: This will not work on windows systems

Basic Format

Search for a specific string to see if it exists;
grep -rl 'matchstring' /opt

to change the string;
grep -rl matchstring /opt | xargs sed -i 's/matchstring/matchstring2/g'

to verify strings have been changed run the first command;
grep -rl 'matchstring' /opt

Note: The forward slash '/' delimiter in the sed argument could also be a different delimiter (such as the pipe '|' character). The pipe delimiter might be useful when searching through a lot of html files if you didn't want to escape the forward slash, for instance.

matchstring is the string you want to match, e.g., "football" string1 would ideally be the same string as matchstring, as the matchstring in the grep command will pipe only files with matchstring in them to sed. string2 is the string that replace string1. There may be times when you want to use grep to find only files that have some matchstring and then replace on a different string in the file than matchstring. For example, maybe you have a lot of files and only want to only replace on files that have the matchstring of 'phonenumber' in them, and then replace '555-5555' with '555-1337'. Not that great of an example (you could just search files for that phone number instead of the string 'phonenumber'), but your imagination is probably better than mine.

Example
grep -rl 'windows' ./ | xargs sed -i 's/windows/linux/g'

This will search for the string 'windows' in all files relative to the current directory and replace 'windows' with 'linux' for each occurrence of the string in each file.
Posted by at No comments:
Subscribe to: Posts (Atom)