Proxy Account Password

Hello,

I am new to TOAD and recently received a request for proxy account password reset at my job. Lets say the schema is DPAP on Dev and Test (databases DBD1 and DBT1) and the account is Charles[DPAP], how would I reset my DPAP proxy account passwords which are set to expire in 1-2 days?

Thanks

I'm assuming you are the DBA and CHARLES is a different user.

You can either:
go to the editor and run
alter user CHARLES identified by blah;

or, find the user CHARLES in the schema browser, double-click it, then change the password in the window that comes up and click OK.

You don't need to be concerned that one user can proxy through another for the purposes of changing a password.

Yes, I am the DBA.
Charles is the user and DPAP is the schema.
So the proxy account that I am trying to change the password for looks like this: Charles[DPAP].
This sucks for me because I am new to Proxy servers and TOAD so forgive me if I sound a little newbie-ish

So for my case would it be

alter user Charles[DPAP] identified by TemporaryPassword password expire

Since you are new at this, here are some details.

CHARLES and DPAP are different users in the database (user=schema, don't get hung up on these terms).

If they both have the CREATE SESSION privilege, then either of them could connect to the database. In your case, DPAP just happens to have the ability to "connect through" charles, so that using Charles's username and password, we can connect to DPAP.

There is no Charles[DPAP] user, and this syntax is never used in SQL. It is only used during login to indicate that one user is connecting through another.

The users are set up like this:

c:\sqlplus / as sysdba
SQL*Plus: Release 12.2.0.0.0 on Thu Sep 19 12:25:59 2019

Copyright (c) 1982, 2015, Oracle.  All rights reserved.

SQL> create user charles identified by charles;
User created.

SQL> create user dpap identified by dpap;
User created.

SQL> alter user dpap grant connect through charles;
User altered.

SQL> grant create session to dpap;
Grant succeeded.

Then, to connect....

C:\>sqlplus charles[dpap]/charles

SQL*Plus: Release 12.2.0.0.0 on Thu Sep 19 12:33:08 2019

Copyright (c) 1982, 2015, Oracle.  All rights reserved.

Connected to:
Oracle Database 12c Enterprise Edition Release 12.2.0.0.1 - 64bit 
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options

SQL> show user;
USER is "DPAP"

now, to change the CHARLES's password...back in the DBA session....

SQL> alter user charles identified by new_password;
User altered.

tack on "password expire" if you want.

and now....

C:\>sqlplus charles[dpap]/new_password

SQL*Plus: Release 12.2.0.0.0 on Thu Sep 19 12:43:01 2019

Copyright (c) 1982, 2015, Oracle.  All rights reserved.

Connected to:
Oracle Database 12c Enterprise Edition Release 12.2.0.0.1 - 64bit
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options
1 Like

"You don't need to be concerned that one user can proxy through another for the purposes of changing a password."

OK I think its all starting to make a sense. So the proxies have nothing to deal with the password reset? I would just reset the soon to be expired account like I would do any other expired account?

THANNNK YOU!!! Definitely was overthinking it!

That's it, right.

1 Like