EBS克隆后彻底清除生产密码 - 数据库编程

当我们对EBS生产环境克隆出一套测试环境，怎么清楚生产上所有的密码认证呢？
确保应用层的进程都停下来了, 数据库是OPEN的。 第一步,清除生产密码 Step1 - Clear All Credentials su - ora 如果还没克隆，那么在下还没生成.env文件，那么至少要有这些环境变量： export ORACLE_SID= export ORACLE_HOME= export PATH=$ORACLE_HOME/bin unset TWO_TASK
sqlplus 'as sysdba'< 第二步，重新建立密码认证，确保期间没有报错，并且最后两个输出都是Y。Step 2 - Re-establish Bootstrap Credentials The database at the moment has no credentials. Now log on as "SYS" with operation system authentication. This will allow you to establish new credentials.
su - ora
sqlplus '/as sysdba'<alter user APPLSYSPUB identified by CLONE; alter user APPLSYS identified by CLONE; alter user APPS identified by CLONE; update APPLSYS.FND_ORACLE_USERID set ENCRYPTED_ORACLE_PASSWORD='CLONE' where ORACLE_USERNAME = 'APPLSYSPUB' / REM Provide boot-strap info for FNDCPASS... update APPLSYS.FND_ORACLE_USERID set ENCRYPTED_ORACLE_PASSWORD='ZG' || 'B27F16B88242CE980EF07605EF528F9391899B09552FD89FD' || 'FF43E4DDFCE3972322A41FBB4DDC26DDA46A446582307D412' where ORACLE_USERNAME = 'APPLSYS' / update APPLSYS.FND_ORACLE_USERID set ENCRYPTED_ORACLE_PASSWORD='ZG' || '6CC0BB082FF7E0078859960E852F8D123C487C024C825C0F9' || 'B1D0863422026EA41A6B2B5702E2299B4AC19E6C1C23333F0' where ORACLE_USERNAME = 'APPS' / commit; conn APPS/CLONE select APPS.fnd_web_sec.change_guest_password( 'CLONE', 'CLONE' ) "RES" from dual; commit; select APPS.fnd_web_sec.change_password('SYSADMIN','CLONE') "RES" from dual; commit; EOF

第三步，产生修改其余用户的脚本，假如不想修改其他用户的密码，可以不做。 ATTENTION : It has been identified, that some Customers running into an error for the SQL PLus command select APPS.fnd_web_sec.change_password('SYSADMIN','CLONE') "RES" from dual; In this case, please check Note 1350776.1 for the solution, before your are going ahead with the next steps ! Now we have completed establishing a set of bootstrap EBS credentials in the database. 现在我们已经完成一系列的在数据库中的EBS引导认证。 Step 3 - Prepare Scripts for Setting Additional Passwords su - ora sqlplus '/as sysdba' < dbusers4.sql HOST grep '^FNDCPASS ' step3.lst > dbusers5.sh exit EOF
第四步，跑第3步产生的脚本dbusers4.sql su - ora sqlplus '/as sysdba'<
第五步，Step 5 - Assign New Passwords to All Schemas Managed with EBS 在应用层，用appl用户跑第3步做出的脚本，dbusers5.sh This step uses the "FNDCPASS" command to set the passwords for all the EBS managed schemas and all the base product schemas. The "FNDCPASS" must be run from an application tier node.(Any node with an APPL_TOP file system.) You will need to locate and copy the "dbusers5.sh" script from the directory where it was created in Step 3. Again, as with any dynamcially generated scripts that you run on your system, you should review the contents of the file before running it. To verify that you have assigned passwords to all the database users, run the following query and ensure that it does not return any rows: select USERNAME,PASSWORD from DBA_USERS where PASSWORD='0000000000000000';
为了验证所有数据库用户的密码都被改过来了，可以用 select USERNAME,PASSWORD from DBA_USERS where PASSWORD='0000000000000000'; 当然，如果你不喜欢用clone作为密码，可以登陆form的define user或者用fndcpass工具再将密码改过来。 su - appl FNDCPASS apps/clone 0 Y system/clone USER 第六步，在你真正启动应用层进程前，还要做这些配置，然后执行autoconfig。 [root@erpp1 erpp1]# su - appl [appl@erpp1 ~]$ echo $GWYUID APPLSYSPUB/PUB [appl@erpp1 ~]$ [appl@erpp1 ~]$ echo $CONTEXT_FILE /u01/erpp1/inst/apps/erpp1_erpp1/appl/admin/erpp1_erpp1.xml [appl@erpp1 ~]$ vi $CONTEXT_FILE 查找APPLSYSPUB，将后面的密码PUB改为

EBS克隆后彻底清除生产密码(一)