I. Changing Directory Passwords
As part of the default DIT creation, several highly privileged users are created that should be secured before putting the directory into production.
One of the first accounts to secure is the Oracle Internet Directory Super User, cn=orcladmin. First, login to the Oracle Directory Manager application as the Directory Super User (cn=orcladmin). The default password for this user is welcome. After successfully logging into the directory, use the navigation menu (the tree menu on the left) and click on the entry directly below the very top entry (Oracle Internet Directory Servers). This entry will be the one that is your current connection with the LDAP directory. For example, this entry is labeled: "cn=orcladmin@hostname.com:389" as show below.
After clicking on this entry, you will be presented with a tabbed window in the content pane
(the right pane). From here, click on the tab named "System Passwords". To change the password of the Directory Super User, click on the password text field named "Super User
Password", change the password and click the "Apply" button.
II.Oracle Database Schema Passwords
OID Database Schema Owner
The Oracle Internet Directory runs on an Oracle database and creates two database users: ODS and ODSCOMMON. ODS is the schema owner that contains all of the database objects (tables, views, objects, etc.) used for OID functionality and directory storage. When the OID needs to login to the database, it uses the ODS database account which has a default password of ODS. You should secure this database user account before putting the LDAP directory into production.
The DBA can change ODS password by using the OID Database Password Utility (included
with the OID installation). The following example uses this utility to change the database password for ODS:
$ORACLE_HOME/bin/oidpasswd
current password: ods
new password: new_secret_password
confirm password: new_secret_password
password set.
No comments:
Post a Comment