Oracle Passwords Change

Dear List
Q: Is there a documentation of how and where the Oracle users crpdta, crpctl, proddta, prodctl, dv7333, ... influence the OneWorld system? Especially, can their passwords be changed without influence to the OneWorld system?
Thanks
Roland.
Xe, SP15.010, XU2, W2K, Oracle 8.1.7.3


<P ID="edit"><FONT SIZE=-1>Edited by Sef on 12/16/01 10:12 PM.</FONT></P>
 

JEMILLER

VIP Member
Re: Oracel Passwords Change

Roland,

Generally OneWorld is installed so that each OneWorld user has an associated "System User" that is defined to Oracle and is granted the Oracle role JDE_ROLE. The system user is often Oracle user JDE, but some installations may choose to use another. Some sites choose to assign individual Oracle user id's to OneWorld users.

The JDE_ROLE should be granted SELECT, INSERT, UPDATE and DELETE rights to all OneWorld schemas.

With the above setup the schema owner (CRPDTA, PRODCTL, etc) passwords are only needed when you wish to use the OneWorld table design aid to generate a table or an index. As long as you leave the system user password alone you should be able to change the owner passwords without any issues.

Regards,


Justin Miller
justin.miller@teamspot.com

working with B7332 and XE on AS/400, NT, Solaris and AIX
 

cdawes

VIP Member
RE: Oracel Passwords Change

You can change and SHOULD change all the passwords on the following Oracle
userids:
(Please excuse the B733.2 references, just change them to the appropriate Xe
datasource)

Userid Description
JDE JDE Main Application connect-id
APPLEAD Application Lead Users
CNCADMIN CNC Administrator Users
DEVUSER Development Users
PRODUSER Production Users

DDB733 Data Dictionary Tables
OBJB733 Object Librarian Tables
SVMB733 Server Map Tables
SYSB733 System Tables

PRODB733 Production Environment - Central Objects
PRODCTL Production Environment - Control Tables
PRODDTA Production Environment - Business Data

CRPB733 CRP Environment - Central Objects
CRPCTL CRP Environment - Control Tables
CRPDTA CRP Environment - Busness Data

DEVB733 Development Environment - Central Objects
TESTCTL Development Environment - Control Tables
TESTDTA Development Environment - Business Data

PRISTB733 Pristine Environment - Central Objects
PRISTDTA Pristine Environment - Business Data

The 'JDE' userid is commonly used as the SYSTEM userid that is proxied in
for users so they don't need to know the database password. Any of the first
5 userids can be used for the same purpose.

The other datasource id's are used at vaious other times. For example, if
you wanted to copy a table from CRPDTA to PRODDTA you would need to know the
password on PRODDTA (or you could enter it into the users datasources so
that they could perform the function without knowing the password). You
would also need to know the password if you wanted to generate a table in a
Datasource.

Where you do need to be careful is during an upgrade as JDEdwards uses the
userid as the password in their scripts in all instances.........pretty
scarry!

If you don't change these passwords then anyone with a SQL tool on their PC
can cause severe damage to your system!



Colin Dawes




Colin Dawes, MSc
City of Guelph
B7332 SP15.1, Oracle 8.1.6.3, NT 4.0, Fat & WTS
 

Larry_Jones

Legendary Poster
Re: RE: Oracel Passwords Change

As as add-on to Justin's and Colin's statements be aware that R98403 (actually a low level BSFN) assumes the password will be the same as the schema/owner id. So CRPDTA's password must be set to CRPDTA. Our practice is to temporarily reset these passwords to their default values whenever we need to run this utility. There are SARs on this little gotcha - someday JDE will address ...

Larry Jones
ljones@wagstaff.com
OneWorld XE, SP 15.1
HPUX 11, Oracle SE 8.1.6
Mfg, Distribution, Financials
 

gerd_renz3

VIP Member
Re: Oracel Passwords Change

In addition I would like to mention the R98403, or in more general terms: whenever OW wants to create or recreate a table it connects with the table owner´s name to the database. This can be pretty nasty when you do upgrades. So the password to crpdta, proddta should be well kept. You need them!
Still for security reason I would always change ALL original JDE oracle logins.
I also agree that it is a good idea to use some login different from JDE as system user. I usually create a new oracle user, grant JDE role to it and then map all OW-users to that user as System-User. This way I am free to change JDE´s password when I might need to do that.

Gerd


Em Thursday, August 02, 2001 em 07:17:18 AM, jdelist@jdelist.com escreveu:



--
ISM - Solucoes na Internet

http://www.ismnet.com.br/
 

gerd_renz3

VIP Member
RE: Oracel Passwords Change

Larry,
when you want to execute R98403 and your crpdta´s password is SECRET, add an entry for Business Data - CRP, system user crpdta, password SECRET for your user-id, using P98OWSEC. R98403 works fine even with the passwords changed.

Thanks, Gerd


Em Thursday, August 02, 2001 em 09:04:44 AM, jdelist@jdelist.com escreveu:



--
ISM - Solucoes na Internet

http://www.ismnet.com.br/
 
Top