zoukankan      html  css  js  c++  java

  • Who is locking the DB account?

    Sometimes the database account is locket frequently. That is because someone was trying to login to the database with a wrong password.  So, you may want to find out the person and tell him/her to use a correct password. Below are the way to accomplish it.

    Before we start, you need to know you can enable audit to accomplish it. But audit may cause some performance issue, besides you need to reboot the database which is very inconvenient. So we will not use this way. We use trigger to do it.

    We are going to create a database trigger, this trigger will be fired when the invalid password error(1017) happen. After being fired it will record the corresponding information like username , host and so one. Below are the trigger body.

    1 CREATE OR REPLACE TRIGGER sys.logon_trigger
2 AFTER SERVERERROR ON DATABASE
3 BEGIN
4   IF (IS_SERVERERROR(1017)) THEN
5 INSERT INTO who_lck_account VALUES(SYS_CONTEXT(‘USERENV’, ‘AUTHENTICATED_IDENTITY’), SYS_CONTEXT(‘USERENV’, ‘HOST’),SYS_CONTEXT(‘USERENV’, ‘OS_USER’), SYS_CONTEXT(‘USERENV’, ‘IP_ADDRESS’),SYSDATE);
6 COMMIT;
7   END IF;
8 END;

    You may noticed that the trigger is using a table. So below are the DDL for that table.

    1 SQL> create table sys.who_lck_account
2   2  (
3   3  USERNAME VARCHAR2(30),
4   4  USERHOST VARCHAR2(128),
5   5  OSUSER VARCHAR2(28),
6   6  USERIP VARCHAR2(128),
7   7  TIMESTAMP DATE
8   8  );

    Ok. Try to login with a error password, you will find you a recorded in the table.

    For example, I login with scott and the wrong password.

        kramer[/export/home/oratop ] sqlplus scott/tig@c21upg10

    SQL*Plus: Release 10.2.0.3.0 – Production on Fri Mar 22 13:58:59 2013

    Copyright (c) 1982, 2006, Oracle.  All Rights Reserved.

    ERROR:
    ORA-01017: invalid username/password; logon denied

    Enter user-name: ^C

    Check the table who_lck_account.

        SQL> SELECT * FROM sys.who_lck_account;

    USERNAME   USERHOST             OSUSER               USERIP                       TIMESTAMP
    ———- ——————– ——————– —————————- —————————-
    scott      kramer             oratop               192.168.1.44                 2013-03-22 13:58:56
    scott      kramer             oratop               192.168.1.44                 2013-03-22 13:58:56
    scott      kramer             oratop               192.168.1.44                 2013-03-22 13:58:59
    scott      kramer             oratop               192.168.1.44                 2013-03-22 13:58:59
  • 相关阅读:
    计算一个数的逆序数的个数(1)
    Javascript DOM(2)
    python 装饰器
    Javascript DOM
    Javascrip 入门第三节课
    C# sapnco支持.net 4.5了,真是个意外的发现
    uft调用rfc接口
    pyqt常用窗口组件
    python QQTableView中嵌入复选框CheckBox四种方法
    Pygame模块,功能表
  • 原文地址:https://www.cnblogs.com/kramer/p/2975872.html
Copyright © 2011-2022 走看看