This application has an option in which you can use LDAP so that the application authenticates against the windows password for the user. But the users who don’t have a windows account in our Active Directory can still enter the application with their Oracle account and password. So far so good for the users in the other active directory who wants to login in the application.
But due to an oversight of the developers, if you activate LDAP you cannot change your password anymore for Oracle. The functions for that in the application are disabled. And we don’t want to go back to the non LDAP situation, because one password for almost all applications is a good thing (there is profile on the Windows environment about changing passwords and such).
I can change the passwords for the users as Administrator, but that is not doable for obvious reasons.
So I thought, if we build an website who has an Oracle connection, then you can write functions to change the password, while authenticating the old password and such for the users that could not use windows-authenticating.
From: Norm [TeamT] [mailto:bounce-NormTeamT@toadworld.com]
Sent: Tuesday, 5 April, 2016 15:54
Subject: RE: [Toad World - Oracle Discussion Forum] Change Oracle password using a website.
RE: Change Oracle password using a website.
Reply by Norm [TeamT]
In a word, no. But I’m puzzled as to what the developer did and if that prevents the oracle password from being changed, how will a Web system be able to change it?
I think the user might have a profile with a password verification function, or, there’s a profile parameter that prevents password changes soon after the previous one (I’d check to see that I’m not getting confused with Unix but I’m on day 2 of a new contract and I have no account set up yet!).
Anyway I suspect you might get around this by creating a new profile with appropriate settings, altering the user that needs the password change to have this as the profile, change the password, then set the profile back again.
Based purely on what I have understood from your email. Apologies if I’m off base.
I’m puzzled though. The application prevents you changing the oracle password? Is this an application user’s password as opposed to a genuine oracle database account’s password. I don’t see how an application can prevent you changing a database user’s password with ALTER USER X IDENTIFIED BY NEWPASSWORD.
Norm [ TeamT ].
Sent from my Android device with K-9 Mail. Please excuse my brevity.
To reply, please reply-all to this email.
Stop receiving emails on this subject.
Or Unsubscribe from Oracle notifications altogether.
Toad World - Oracle Discussion Forum
this post as spam/abuse.
Wim de Lange
Senior IT expert
3194 AG Rotterdam NL
Tel +31 10 23 14 724 • Mobile +31 65 15 34 387
Fax +31 10 41 63 034
e-mail W.deLange@alcontrol.nl •
- The information in this e-mail is confidential and may also be legally privileged.The contents are intended for recipient only and are subject to the legal notice available at: www.alcontrol.nl. Registered Office:Alcontrol BV, Steenhouwerstraat 15, 3194 AG Rotterdam.*