$ FNDCPASS apps/oldAppsPWD 0 Y system/system_PWD SYSTEM APPLSYS N3WAqt_$EBS
APP-FND-02704: Unable to alter user APPS to change password.
The error does not tell the true cause. The problem in my case is the new password does not meet new rules added by DBA to APPS' profile for password security or single quotes are necessary to make FNDCPASS work with special character in the password.
Below line changes apps password to N3WAqt_$EBS. Note the single quotes.
$ FNDCPASS apps/oldAppsPWD 0 Y system/system_PWD SYSTEM APPLSYS 'N3WAqt_$EBS'
If the system_PWD has special character with it, single quotes are necessary. Otherwise FNDCPASS may not throw out an meaningful error but just does not change apps password.
Also when the password includes $ character, single quotes around it are needed to make sqlplus connection on Linux prompt work. Without it, it will give ORA-01017 error.
$ sqlplus apps/N3WAqt_$EBS
SQL*Plus: Release 10.1.0.5.0 - Production on Thu Nov 17 18:57:12 2016
Copyright (c) 1982, 2005, Oracle. All rights reserved.
ERROR:
ORA-01017: invalid username/password; logon denied
Enter user-name:
$ sqlplus apps/'N3WAqt_$EBS'
Connected to: ....
Or, get into sqlplus first and then connect to apps
$ sqlplus /nolog
SQL> conn apps/N3WAqt_$EBS
Connected.
If the password does not include $ character, the single quotes are not necessary for sqlplus:
$ FNDCPASS apps/'N3WAqt_$EBS' 0 Y system/system_PWD SYSTEM APPLSYS 'Cr8ze#p0Wd'
$ sqlplus apps/Cr8ze#p0Wd
Connected to: ....
Craze $
Additional notes:
1. FNDCPASS may also give misleading error from changing password when db parameter sec_case_sensitive_logon is set to TRUE.
2. If the new password does not meet the complexity requirements by Oracle database, FNDCPASS will not change APPS password and does not tell what is the real problem. It only says
Working...
APP-FND-02704: Unable to alter user APPS to change password.
Oracle error 28003: has been detected in alterpassword2.
You have to have more complexity in the new password to make it work!
3. When I used FNDCPASS to change APPS password, it refused to do so and give strange error:
FNDCPASS was not able to decrypt password for user 'ABCD1' during applsys password change.
FNDCPASS was not able to decrypt password for user 'ABCD2' during applsys password change.
FNDCPASS was not able to decrypt password for user 'ABCD3' during applsys password change.
ABCD1, ABCD2 and ABCD3 are not database account at all. But they are EBS users in inactive status for many years. Apparently FNDCPASS does not like their EBS password or security. The fix is to change their EBS password first, and then FNDCPASS is able to change APPS password.
No comments:
Post a Comment