Oracle Geodatabase Password

JohnSmith1 · ‎11-11-2013

Need suggestion from anyone, please.
I have Oracle DB 11gR1, my services are connected via Oracle user account to access. What is the proper way or easy way to change database password without impacting services? I changed once and my account was locked due to invalid password.
Thank you.

VinceAngelo · ‎11-11-2013

Are you referring to the SDE user password, or to the data owner account password(s)?

By what do you mean "service"? Application Server or ArcGIS Server?

- V

JohnSmith1 · ‎11-12-2013

Are you referring to the SDE user password, or to the data owner account password(s)?

Data owner account password

By what do you mean "service"? Application Server or ArcGIS Server?

- V

Services = Map Service/Image Service, which I created using data owner account to connect to database.

Thank you

VinceAngelo · ‎11-12-2013

I never create services using the data owner account -- best practice calls for a
different user with the least possible permission (ideally, just SELECT), granted
through roles -- but the problem is the same:

You can't change the password of the service user without impacting services.
You must stop (or delete) all impacted services, and alter the connection (or
recreate them entirely). This is another reason to use extremely limited user
accounts for services -- If they have nothing beyond query ability, there's less
reason to change the browse user's password.

- V

JohnSmith1 · ‎11-15-2013

I never create services using the data owner account -- best practice calls for a
different user with the least possible permission (ideally, just SELECT), granted
through roles -- but the problem is the same:

You can't change the password of the service user without impacting services.
You must stop (or delete) all impacted services, and alter the connection (or
recreate them entirely). This is another reason to use extremely limited user
accounts for services -- If they have nothing beyond query ability, there's less
reason to change the browse user's password.

- V

Yes, even we use different user/account, the problem is the same. The reason for change password is part of company policy (I think most companies adopted this policy). Users are not only browse/query, they can also alter. So I see that some other ArcGIS customers mentioned about change password but there is no a formal instruction/steps/direction from ESRI regarding the proper/easy way when it comes to change password. Are we looking into future version that can make change password a little bit easy?

Thank you

VinceAngelo · ‎11-15-2013

Even if an application does modify contents, it shouldn't use the table owner to access
the application. An application user (or, if you're willing to do the configuration, multiple
users, corresponding to individual logins) should be GRANTed the accesses needed to
execute the application.

You can certainly submit an enhancement request for password change support through
ideas.esri.com, but I expect that this would be fiendishly difficult to implement.

- V