Pages

Monday, October 1, 2012

Create ORAPWD ORACLE PASSWORD FILE

REMOTE_PASSWORD_LOGIN parameter is set in init.ora parameter remote_login_passwordfile.  This parameter must be set to either SHARED or EXCLUSIVE. When set to SHARED, the password file can be used by multiple databases, yet only the SYS user is recognized.  When set to EXCLUSIVE, the file can be used by only one database, yet multiple users can exist in the file.  The parameter setting can be confirmed by:

SQL> show parameter password

NAME                          TYPE        VALUE
----------------------------- ----------- ----------
remote_login_passwordfile     string      EXCLUSIVE


To Create the password file.  This is done by executing the following command

$ orapwd file=filename  password=password entries=max_users

The file name is the name of the file that will hold the orapwd password information.  The file location will default to the current directory unless the full path is specified.  The contents are encrypted and are unreadable. The password required is the one for the SYS user of the database.

The max_users is the number of database users that can be granted SYSDBA or SYSOPER.  This parameter should be set to a higher value than the number of anticipated users to prevent having to delete and recreate the password file.

USING ORAPWD:
The syntax of the ORAPWD command is as follows:

ORAPWD FILE=filename [ENTRIES=numusers] [FORCE={Y|N}] [IGNORECASE={Y|N}] [NOSYSDBA={Y|N}]
Command arguments are summarized in the following table.

PARAMETER DESCRIPTION :

FILE: Name to assign to the password file. See your operating system                                                             documentation for name requirements. You must supply a                                                                        complete path. If you supply only a file name, the file is written to                                                          the current directory.

ENTRIES(Optional): Maximum number of entries (user accounts) to permit in the file.

FORCE(Optional):         If y, permits overwriting an existing password file.

IGNORECASE(Optional): If y, passwords are treated as case-insensitive.

NOSYSDBA(Optional): For Data Vault installations. See the Data Vault installation guide                                                           for your platform for more information.
There are no spaces permitted around the equal-to (=) character.


The command prompts for the SYS password and stores the password in the created password file.


EXAMPLE

The following command creates a password file named orapworcl that allows up to 30 privileged users with different passwords.


Create a new password file:
orapwd file=orapwSID password=oracle entries=5

If the password file already exists:
orapwd file=orapwSID password=oracle entries=5 FORCE=Y