• Blog
  • Get Help Now!
  • Customer Portal

BlueGecko Denmark

  • Why you need us
    • Why act now
    • Why are we unique
  • What we do
    • Products Supported 24/7
      • MySQL
      • Postgres
      • SQL Server
      • Open Source
      • OS & Storage
  • How we do it
    • Consulting
    • System Monitoring
    • Security
  • Support
    • Blog
      • Oracle
      • MySQL
      • News & Events
      • Oracle Applications
      • Amazon Web Services
      • Jeremiah Wilton’s Oradeblog
      • OurSQL Community Podcast
      • Remote DBA
    • Team viewer
    • Whitepapers
  • About Us
    • Philosophy
    • The Blue Gecko Teams
    • Employment Opportunities
    • Partners
    • News
    • Press
  • Contact Us

April 21, 2009 by cedwards

FNDCPASS doesn’t always use the SYSTEM password

FNDCPASS does not check the system password when used to change an applications user account. We can check this with a simple test.

First, we’ll change the SYSTEM password to the default value “manager”:

[code language=”plain”][applmgr@appsrv01 ~]$ sqlplus system

SQL*Plus: Release 8.0.6.0.0 – Production on Thu Apr 23 13:10:17 2009

(c) Copyright 1999 Oracle Corporation. All rights reserved.<!–more–>

Enter password:

Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.3.0 – Production
With the Partitioning, OLAP and Data Mining Scoring Engine options

SQL> alter user system identified by manager;

User altered.

SQL> exit
Disconnected from Oracle Database 10g Enterprise Edition Release 10.2.0.3.0 – Production
With the Partitioning, OLAP and Data Mining Scoring Engine options
[applmgr@appsrv01 ~]$ [/code]

Next, we’ll use FNDCPASS to change the SYSADMIN application password using an incorrect value for the SYSTEM password:

[code language=”plain”][applmgr@appsrv01 ~]$ FNDCPASS apps/apps 0 Y system/badpassword USER SYSADMIN sysadmin
Log filename : L4203491.log

Report filename : O4203491.out[/code]

If we cat the log file, we can see the password change was successful:

[code language=”plain”][applmgr@appsrv01 ~]$ cat L4203491.log
+—————————————————————————+
Application Object Library: Version : 11.5.0

Copyright (c) 1979, 1999, Oracle Corporation. All rights reserved.

module:
+—————————————————————————+

Current system time is 23-APR-2009 13:11:39

+—————————————————————————+

+—————————————————————————+
Concurrent request completed successfully
Current system time is 23-APR-2009 13:11:39

+—————————————————————————+
[/code]

Next, we’ll try to change the GL schema password using the same incorrect SYSTEM password:

[code language=”plain”][applmgr@appsrv01 ~]$ FNDCPASS apps/apps 0 Y system/badpassword ORACLE GL gl

Log filename : L4203493.log

Report filename : O4203493.out[/code]

This time, the log shows failure because of an inability to connect as SYSTEM:

[code language=”plain”][applmgr@appsrv01 ~]$ cat L4203493.log
+—————————————————————————+
Application Object Library: Version : 11.5.0

Copyright (c) 1979, 1999, Oracle Corporation. All rights reserved.

module:
+—————————————————————————+

Current system time is 23-APR-2009 13:12:15

+—————————————————————————+

SECURITY-UNABLE TO CONNECT TO SYSTEM
APP-FND-01564: ORACLE error 1403 in changepassword

Cause: changepassword failed due to ORA-01403: no data found.

The SQL statement being executed at the time of the error was: and was executed from the file &ERRFILE.

+—————————————————————————+
Concurrent request completed
Current system time is 23-APR-2009 13:12:15

+—————————————————————————+
[/code]

It appears that FNDCPASS only uses the SYSTEM password when changing a database account, which makes sense, since only the APPS password is required to execute FND_WEB_SEC and change a password in FND_USER.

Filed Under: Oracle Applications Tagged With: fndcpass, Oracle Applications DBA, Oracle E-Business Suite, passwords

Categories

  • Amazon Web Services
  • Configuration Management
  • downtime
  • Drizzle
  • ebs
  • Education
  • elastic block store
  • elastic compute cloud
  • hosting
  • hot backup
  • ignorance
  • Infrastructure
  • IOUG
  • Jeremiah Wilton's Oradeblog
  • misconception
  • misconceptions
  • Monocle
  • MySQL
  • MySQL Council
  • News & Events
  • Oracle
  • Oracle Applications
  • Oracle Data Guard
  • Oracle Database
  • Oracle Database Appliance
  • Our People
  • OurSQL Community Podcast
  • outage
  • parallel
  • performance
  • podcast
  • proof
  • Remote DBA
  • replication
  • S3
  • Security
  • SQL Server
  • System monitoring
  • Uncategorized

Contact Blue Gecko

  • This field is for validation purposes and should be left unchanged.

Get Our Newsletter

  • This field is for validation purposes and should be left unchanged.

The Fine Print

  • Privacy Policy
  • Terms of Use
  • When is remote DBA the right solution
  • What are remote DBA services
  • Get Help

Blog Categories

  • 24/7 support
  • Blue Gecko 360° Services
  • Products Supported 24/7

Virtual runs

Contact Blue Gecko

Blue Gecko A/S
Slotsgade 21
DK – 4200 Slagelse
Denmark
Phone: (DK) +45 70 60 51 20

Networks

  • Email
  • Twitter

© Blue Gecko Group