The password of the following schemas can be viewed from the Oracle Internet Directory.
B2B ORASSO_PS
BAM ORASSO_PUBLIC
DCM OWF_MGR
DISCOVERER5 PORTAL
DSGATEWAY PORTAL_APP
OCA PORTAL_DEMO
ODS PORTAL_PUBLIC
ORABPEL UDDISYS
ORAOCA_PUBLIC WCRSYS
ORASSO WIRELESS
ORASSO_DS WKPROXY
ORASSO_PA WKSYS
Way 1: Using “ldapsearch” command
$ ldapsearch -h HOST_NAME -p OID_PORT -D "cn=orcladmin" -w ROOT_PASS -b
"OrclResourceName=SCHEMA_NAME,orclReferenceName=SID,cn=IA
S Infrastructure Databases,cn=IAS,cn=Products,cn=OracleContext" -s base "objectclass=*"
Example of usage:
$ ldapsearch -h hostname.com -p 389 -D "cn=orcladmin" -w bpelbpel -b
"OrclResourceName=ORABPEL,orclReferenceName=soa.domain.com,cn=IAS Infrastructure Databases,cn=IAS,cn=Products,cn=OracleContext" -s base "objectclass=*"
Way 2: Using Oracle Directory Manager
Login as root orcladmin user. Under Entry Management, navigate to cn=OracleContext ->
cn=Products -> cn=IAS -> cn=IAS Infrastructure Databases -> orclReferenceName=SERVICE_NAME -> OrclResourceName=SCHEMA_NAME
We can notice that the SCHEMA password is stored in “orclpasswordattribute” in cleartext. The password is not encrypted since the OID encrypts only passwords stored in attribute "userpassword" based on the hashing defined in the root DSE. OID does not know which attribute(s) might contain password information. Another reason is that since OID uses one-way hash to encrypt passwords, it wouldn't be possible for Partner Applications such as Portal to use this password to login to the schema.
No comments:
Post a Comment