今天一位同事接到一项任务是修改数据库SYS和SYSTEM用户的密码,老大在布置任务的时候还带了一句别忘了同步密码文件,于是想到了自己前几天写的一篇博客介绍Oracle密码文件的,当时只是写了如何创建密码文件,如何远程使用SYSDBA登录数据库做操作,但是并没有提到密码文件中用户的密码跟数据库中用户的密码是否有关系。
下面来测试一下,我用的平台是11.2.0.4
首先修改SYS的密码
sys@ORCL>alter user sys identified by zhaoxu;
User altered.
--由于11g里dba_user视图里的password是空值,所以选择user$视图
sys@ORCL>select password from user$ where name='SYS';
PASSWORD
------------------------------------------------------------------------------------------
C53B64BC84353309
--建议remote_login_passwordfile需要为EXCLUSIVE
sys@ORCL>show parameter remote_login_passwordfile
NAME TYPE VALUE
------------------------------------ --------------------------------- ------------------------------
remote_login_passwordfile string EXCLUSIVE 创建一个密码文件然后测试远程登录
#创建一个与SYS用户密码相同的密码文件
[oracle@rhel6 dbs]$ cd $ORACLE_HOME/dbs
[oracle@rhel6 dbs]$ orapwd file=orapworcl entries=3 password=zhaoxu
[oracle@rhel6 dbs]$ ls -l orapworcl
-rw-r----- 1 oracle oinstall 1536 Dec 26 21:32 orapworcl
#测试连接成功
[c:\~]$ sqlplus sys/[email protected]/orcl as sysdba
SQL*Plus: Release 12.1.0.1.0 Production on 星期一 12月 26 21:34:22 2016
Copyright (c) 1982, 2013, Oracle. All rights reserved.
连接到:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> select password from user$ where name='SYS';
PASSWORD
------------------------------------------------------------
C53B64BC84353309
#密码的HASH值没有变化
#创建一个与SYS密码不同的密码文件
[oracle@rhel6 dbs]$ orapwd file=orapworcl entries=3 password=luoxi force=y
[oracle@rhel6 dbs]$ ls -l orapworcl
-rw-r----- 1 oracle oinstall 1536 Dec 26 21:36 orapworcl
#测试连接,使用原密码文件的密码登录不成功,使用新密码文件的密码登录成功,但是SYS用户的密码HASH值仍没有变
[c:\~]$ sqlplus sys/[email protected]/orcl as sysdba
SQL*Plus: Release 12.1.0.1.0 Production on 星期一 12月 26 21:36:20 2016
Copyright (c) 1982, 2013, Oracle. All rights reserved.
ERROR:
ORA-01017: invalid username/password; logon denied
[c:\~]$ sqlplus sys/[email protected]/orcl as sysdba
SQL*Plus: Release 12.1.0.1.0 Production on 星期一 12月 26 21:36:30 2016
Copyright (c) 1982, 2013, Oracle. All rights reserved.
连接到:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> select password from user$ where name='SYS';
PASSWORD
------------------------------------------------------------
C53B64BC84353309 #修改SYS密码成功,密码HASH值与之前不同
sys@ORCL>alter user sys identified by oracle;
User altered.
sys@ORCL>select password from user$ where name='SYS';
PASSWORD
------------------------------------------------------------------------------------------
8A8F025737A9097A
#查看密码文件,在修改SYS密码时密码文件也有更新
[oracle@rhel6 dbs]$ ls -l orapworcl
-rw-r----- 1 oracle oinstall 1536 Dec 26 21:39 orapworcl
#测试远程登录,使用luoxi密码已不能登录数据库,但修改的SYS密码可以登录数据库
[c:\~]$ sqlplus sys/[email protected]/orcl as sysdba
SQL*Plus: Release 12.1.0.1.0 Production on 星期一 12月 26 21:41:50 2016
Copyright (c) 1982, 2013, Oracle. All rights reserved.
ERROR:
ORA-01017: invalid username/password; logon denied
[c:\~]$ sqlplus sys/[email protected]/orcl as sysdba
SQL*Plus: Release 12.1.0.1.0 Production on 星期一 12月 26 21:41:58 2016
Copyright (c) 1982, 2013, Oracle. All rights reserved.
连接到:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> ![oracle中的start with connect by用法[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)