Forgot your password?    
+ Reply to Thread
Results 1 to 3 of 3

Thread: Oracle ORAPWD Use & Application

  1. #1

    Oracle ORAPWD Use & Application

    ORAPWD : ORAPWD is a utility for creating a password file for an oracle database that helps granting SYSDBA and SYSOPER privilege to normal database users to connect with administrative privileges.

    By default the user ‘ SYS ’ has both these SYSDBA and SYSOPER privilege which are the top level privileges available in oracle database.

    Users having SYSOPER privilege can startup a database , shutdown the database , alter database in open or mount mode , alter database backup control file , recover a database , changing database to archive mode while users having SYSDBA privilege have all SYSOPER privilege with admin option along with create database , altering database with begin/end backup , restricted session , recover database .


    Creating an Oracle Password File with ORAPWD utility:
    $ orapwd
    Usage : orapwd file=<fname> password=<password> entries=<users> force=<y/n> ignorecase=<y/n> nosysdba=<y/n>
    Where
    fname is the name of the file that will hold the password information. The password file location will default to the current directory unless a path is provided.
    password is the one for the SYS user.
    entries parameter tells Oracle the numbers of database users that can be granted SYSDBA or SYSOPER in the password file. We cannot increase entries later, so set the value high.
    Name and Location of the password file:
    At database startup time, Oracle will only look for the password file in the ORACLE_HOME/dbs directory. The naming convention that Oracle will search for is: orapwSID. The SID must match the ORACLE_SID environment variable. If orapwSID can not be found, Oracle will look for a file named orapw. If Oracle can not find a orapw file we will get the ORA-01990 at database startup time.


    Setting REMOTE_LOGIN_PASSWORDFILE parameter
    :

    In addition to creating the password file, we must also set the init.ora parameter REMOTE_LOGIN_PASSWORDFILE to one of:
    NONE: When this parameter is set to NONE, Oracle to behave as if the password file does not exist. Oracle ignores any password file. Privileged users must be authenticated by the operating system. This is the default value for this parameter.
    EXCLUSIVE: An EXCLUSIVE password file can be used with only one database. An EXCLUSIVE file can contain the names of users other than SYS. Using an EXCLUSIVE password file lets you grant SYSDBA and SYSOPER system privileges to individual users and have them connect as themselves.
    SHARED: A SHARED password file can be used by multiple databases running on the same server. The only user recognized by a SHARED password file is SYS. All users needing SYSDBA or SYSOPER system privileges must connect using the same name, SYS, and password. We cannot change the password for SYS if the password role is SHARED.
    After setting REMOTE_LOGIN_PASSWORDFILE parameter we need to restart database.

    The parameter setting can be confirmed by:

    SQL> show parameter password;

    NAME TYPE VALUE
    remote_login_passwordfile string EXCLUSIVE

    Also , if the ORAPWD utility has not been used to create a password file , attempting to grant SYSDBA and SYSOPER privilege to the users will result in the following error :

    SQL> grant sysdba to scott;
    ORA-01994: GRANT failed: cannot add users to public password file

    Once the orapwd file has been created , it works.
    Grant SYSDBA or SYSOPER to users.

    SQL> grant sysdba ,sysoper to scott;
    Grant succeeded.

    Confirm that the user is listed in the password file.

    SQL> select * from v$pwfile_users;

    USERNAME SYSDBA SYSOPER
    -------------------- ------ -------
    SYS TRUE TRUE
    SCOTT TRUE FALSE

    Thanks
    Sandeep
    Last edited by Hemant; 11-01-2011 at 09:21 AM.

  2. #2
    Expert Oracle Administrator
    Join Date
    Oct 2011
    Location
    New Delhi, India
    Posts
    427
    Thanks Sandeep for this detailed explanation on Orapwd and its implications

  3. #3
    Oracle DBA
    Join Date
    Oct 2011
    Posts
    11
    Thanks Sandy for nice post.

+ Reply to Thread

Similar Threads

  1. Transparent Application Failover (TAF) setup and testing - Oracle 10g RAC
    By devesh_ocp in forum RAC Installation, ASM Install , ASM Administration
    Replies: 1
    Last Post: 04-24-2012, 05:40 PM
  2. problem facing while reinstalling oracle application
    By manishkr23 in forum Oracle Apps Patching and Cloning, Installation , Migration,Upgrades
    Replies: 1
    Last Post: 03-05-2012, 06:00 PM
  3. Server-side Transparent Application Failover (TAF) in Oracle RAC
    By Hemant in forum RAC Performance,LoadBalancing,TAF,FAN,Troubleshooting
    Replies: 0
    Last Post: 12-15-2011, 03:08 AM
  4. Changing Look and feel of Oracle Application
    By harsh in forum Concepts,Service Management,Apache,OC4J,OPMN,JServ,Forms, Issues,Troubleshooting,
    Replies: 0
    Last Post: 12-08-2011, 04:28 PM
  5. Count Current Forms Application Users Connected to the Application
    By Amit in forum SCRIPTS : Users,Profiles,Applications,Responsibilities,Forms,JDBC,Patch,Versions,Products
    Replies: 0
    Last Post: 11-01-2011, 03:25 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

DBA Lounge (P) Ltd. deals in Oracle Technologies on Consulting, Resourcing, Corporate Training


Online and corporate training available on Oracle Database 11g, Oracle 11g Real Application Cluster (RAC), Oracle Applications 11i/R12, Oracle Fusion Middleware 11g, Oracle Identity Management-OIM, Oracle Internet Directory 11g-OID, Oracle Business Intelligence Enterprise Edition-OBIEE, Oracle Golden Gate, Oracle Access Management-OAM, Oracle Internet Directory-ODS, Oracle Identity Analytics Architecture-OIA Statistics