ORACLE數據庫用戶鎖定及解鎖
相關錯誤:ORA-28000: the account is locked
錯誤解析:帳號被鎖定
錯誤原因:在oracle11g中,默認在default概要文件中設置了FAILED_LOGIN_ATTEMPTS=10,當輸入密碼錯誤次數達到設置值將導致此問題。
解決方法:
1.確認用戶所使用的概要文件:
sys@COREDB>select username,profile from dba_users;
USERNAME PROFILE
------------------------------ ------------------------------
SENDER DEFAULT
OGG DEFAULT
CMS DEFAULT
MYCOMM DEFAULT
CARCTRL DEFAULT
DP DEFAULT
ORACLE_OCM DEFAULT
XS$NULL DEFAULT
MDDATA DEFAULT
DIP DEFAULT
APEX_PUBLIC_USER DEFAULT
SPATIAL_CSW_ADMIN_USR DEFAULT
SPATIAL_WFS_ADMIN_USR DEFAULT
DBSNMP DEFAULT
FLOWS_FILES DEFAULT
MDSYS DEFAULT
ORDSYS DEFAULT
EXFSYS DEFAULT
WMSYS DEFAULT
APPQOSSYS DEFAULT
APEX_030200 DEFAULT
OWBSYS_AUDIT DEFAULT
ORDDATA DEFAULT
CTXSYS DEFAULT
ANONYMOUS DEFAULT
XDB DEFAULT
ORDPLUGINS DEFAULT
OWBSYS DEFAULT
SI_INFORMTN_SCHEMA DEFAULT
OLAPSYS DEFAULT
SYS DEFAULT
SYSTEM DEFAULT
OUTLN DEFAULT
33 rows selected.
這說明使用的都是默認的概要文件。
2.查看概要文件中有關登錄次數的限制:
sys@COREDB>select * from dba_profiles where profile='DEFAULT' and resource_name='FAILED_LOGIN_ATTEMPTS';
PROFILE RESOURCE_NAME RESOURCE LIMIT
------------------------------ -------------------------------- -------- ----------------------------------------
DEFAULT FAILED_LOGIN_ATTEMPTS PASSWORD 10
3.如果嘗試登錄次數限制為10次,將嘗試登錄次數的限制修改為不受限:
sys@COREDB>alter profile default limit failed_login_attempts unlimited;
Profile altered.
4.查看被鎖定用戶:
sys@COREDB>select username,account_status from dba_users where not account_status = 'OPEN';
USERNAME ACCOUNT_STATUS
------------------------------ --------------------------------
SPATIAL_WFS_ADMIN_USR EXPIRED & LOCKED
SPATIAL_CSW_ADMIN_USR EXPIRED & LOCKED
APEX_PUBLIC_USER EXPIRED & LOCKED
DIP EXPIRED & LOCKED
MDDATA EXPIRED & LOCKED
XS$NULL EXPIRED & LOCKED
ORACLE_OCM EXPIRED & LOCKED
OLAPSYS EXPIRED & LOCKED
SI_INFORMTN_SCHEMA EXPIRED & LOCKED
OWBSYS EXPIRED & LOCKED
ORDPLUGINS EXPIRED & LOCKED
XDB EXPIRED & LOCKED
ANONYMOUS EXPIRED & LOCKED
CTXSYS EXPIRED & LOCKED
ORDDATA EXPIRED & LOCKED
OWBSYS_AUDIT EXPIRED & LOCKED
APEX_030200 EXPIRED & LOCKED
APPQOSSYS EXPIRED & LOCKED
WMSYS EXPIRED & LOCKED
DBSNMP LOCKED(TIMED)
EXFSYS EXPIRED & LOCKED
ORDSYS EXPIRED & LOCKED
MDSYS EXPIRED & LOCKED
FLOWS_FILES EXPIRED & LOCKED
SYSTEM LOCKED(TIMED)
OUTLN EXPIRED & LOCKED
26 rows selected.
EXPIRED & LOCKED 口令到期並鎖定
LOCKED(TIMED) 密碼錯誤次數超過了系統設置的允許最大次數,用戶被鎖定
5.給指定用戶解鎖:
sys@COREDB>alter user system account unlock;
User altered.
1、通常我們遇到oracle用戶密碼輸入多次錯誤,那么改用戶就會變鎖定,那么解決方法很簡單,如下:
使用plsql工具sys用戶登錄(亦可dos命令輸入:sqlplus / as sysdba ) 解鎖
ALTER USER 用戶名 ACCOUNT UNLOCK;
2、那么遇到這種用戶會被鎖的情況,我們可以設置用戶密碼無限次嘗試登錄,而該用戶不會被鎖定:
ALTER PROFILE DEFAULT LIMIT FAILED_LOGIN_ATTEMPTS UNLIMITED;
3、另外,做項目運維的小伙伴經常遇到數據庫用戶密碼過期的情況,要定期去修改密碼很麻煩,那么我們可以設置用戶密碼不過期:
ALTER PROFILE DEFAULT LIMIT PASSWORD_LIFE_TIME UNLIMITED;