一聚教程网:一个值得你收藏的教程网站

热门教程

oracle 11g 使用 alter user identified by values password 恢复历史密码

时间:2022-06-29 09:50:40 编辑:袖梨 来源:一聚教程网


在11.1之前的版本,很多人可能都知道,可以通过alter user identified by values password 来还原oracle 数据库历史密码,但是在11g中出现几个问题:
1. dba_users中无password记录(值为空),这个问题可以通过直接查询user$.password依然有记录
SQL> select password from dba_users where username='SYS';
 
PASSWORD
------------------------------
 
 
SQL> select password from user$ WHERE name='SYS';
 
PASSWORD
------------------------------
8A8F025737A9097A
2.在11.1开始user$中的SPARE4有值,从而使得数据库密码区分大小写,参考blog:关于ORACLE 11G密码大小写敏感猜想(USER$.SPARE4)
SQL>  select SPARE4  from user$ WHERE name='SYS';
 
SPARE4
--------------------------------------------------------------------------------
S:C7C81BBE7760B5BBB3973F0971AA36C737BF6DCC4A34FE925CE70B0739BD
现在就存在疑问,在11G版本中,如何来还原Oracle数据库用户历史密码呢?,这里通过试验的方式证明,alter user identified by values后面值可以是user$.password 也可以是user$.SPARE4,只是两者在密码大小写上有区别,具体试验如下:

创建测试用户xifenfei
[oracle@localhost ~]$ ss
 
SQL*Plus: Release 11.2.0.4.0 Production on Fri Apr 10 16:00:03 2015
 
Copyright (c) 1982, 2013, Oracle.  All rights reserved.
 
 
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
 
SQL> select * from v$version;
 
BANNER
--------------------------------------------------------------------------------
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
PL/SQL Release 11.2.0.4.0 - Production
CORE    11.2.0.4.0      Production
TNS for Linux: Version 11.2.0.4.0 - Production
NLSRTL Version 11.2.0.4.0 - Production
 
SQL> select sysdate "www.xifenfei.com" from dual;
 
www.xifen
---------
10-APR-15
 
SQL> create user xifenfei identified by oracle;
 
User created.
 
SQL> grant create session to xifenfei;
 
Grant succeeded.
 
SQL> conn xifenfei/oracle
Connected.
SQL> conn xifenfei/ORACLE
ERROR:
ORA-01017: invalid username/password; logon denied
 
 
Warning: You are no longer connected to ORACLE.
SQL> conn / as sysdba
Connected.
SQL> show parameter sec_case_sensitive_logon ;
 
NAME                                 TYPE        VALUE
------------------------------------ ----------- ------------------------------
sec_case_sensitive_logon             boolean     TRUE
这里由于sec_case_sensitive_logon参数默认为true,因此密码区分大小写

修改数据库密码
SQL> select spare4,password from user$ where name='XIFENFEI';
 
SPARE4
--------------------------------------------------------------------------------
PASSWORD
------------------------------
S:6E34E993900317BBFD6289E4AE619D634AA6AD804C765A3DEE1CCABCC50D
1BA871FA3B1C3F45
 
 
SQL> alter user xifenfei identified by xifenfei;
 
User altered.
 
SQL> select spare4,password from user$ where name='XIFENFEI';
 
SPARE4
--------------------------------------------------------------------------------
PASSWORD
------------------------------
S:A75A184EA2767488E698C443E97CB2473B46A9C80C2C61833BA867CB8B17
1682CAA2339F770F
 
 
SQL> conn xifenfei/xifenfei
Connected.
SQL> conn xifenfei/XIFENFEI
ERROR:
ORA-01017: invalid username/password; logon denied
 
 
Warning: You are no longer connected to ORACLE.
SQL> conn xifenfei/oracle
ERROR:
ORA-01017: invalid username/password; logon denied
这里把xifenfei用户的密码从oracle修改为xifenfei

尝试values user$.password恢复以前密码
SQL> conn / as sysdba
Connected.
SQL> alter user xifenfei identified by values '1BA871FA3B1C3F45';
 
User altered.
 
SQL> select spare4,password from user$ where name='XIFENFEI';
 
SPARE4
--------------------------------------------------------------------------------
PASSWORD
------------------------------
 
1BA871FA3B1C3F45
 
 
SQL> conn xifenfei/oracle
Connected.
SQL> conn xifenfei/ORACLE
Connected.
SQL> conn xifenfei/xifenfei
ERROR:
ORA-01017: invalid username/password; logon denied
 
 
Warning: You are no longer connected to ORACLE.
通过该方式还原上次密码后,发现user$.SPARE4为空,也就使得Oracle不再区分密码大小写.

尝试values user$.spare4恢复以前密码
SQL> conn / as sysdba
Connected.
SQL> alter user xifenfei identified by xifenfei;
 
User altered.
 
SQL> select spare4,password from user$ where name='XIFENFEI';
 
SPARE4
--------------------------------------------------------------------------------
PASSWORD
------------------------------
S:48A11864AD633E904126C20E8C374A4AA45D87BB005D35AD2B10766E8E11
1682CAA2339F770F
 
 
SQL> conn xifenfei/xifenfei
Connected.
SQL> conn xifenfei/oracle
ERROR:
ORA-01017: invalid username/password; logon denied
 
 
Warning: You are no longer connected to ORACLE.
SQL> conn xifenfei/XIFENFEI
ERROR:
ORA-01017: invalid username/password; logon denied
 
 
SQL> alter user xifenfei identified by values '6E34E993900317BBFD6289E4AE619D634AA6AD804C765A3DEE1CCABCC50D';
SP2-0640: Not connected
SQL> conn / as sysdba
Connected.
SQL> alter user xifenfei identified by values '6E34E993900317BBFD6289E4AE619D634AA6AD804C765A3DEE1CCABCC50D';
alter user xifenfei identified by values '6E34E993900317BBFD6289E4AE619D634AA6AD804C765A3DEE1CCABCC50D'
*
ERROR at line 1:
ORA-00600: internal error code, arguments: [kzsviver:2], [], [], [], [], [],
[], [], [], [], [], []
--少写了S:,直接报ORA-600错误,怀疑S:是spare4列的某种标识
 
SQL>
SQL>
SQL>
SQL> alter user xifenfei identified by values 'S:6E34E993900317BBFD6289E4AE619D634AA6AD804C765A3DEE1CCABCC50D';
 
User altered.
 
SQL> select spare4,password from user$ where name='XIFENFEI';
 
SPARE4
--------------------------------------------------------------------------------
PASSWORD
------------------------------
S:6E34E993900317BBFD6289E4AE619D634AA6AD804C765A3DEE1CCABCC50D
 
SQL> conn xifenfei/oracle
Connected.
SQL> conn xifenfei/ORACLE
ERROR:
ORA-01017: invalid username/password; logon denied
 
 
Warning: You are no longer connected to ORACLE.
SQL> conn xifenfei/xifenfei
ERROR:
ORA-01017: invalid username/password; logon denied
这里发现通过values user$.spare4恢复以前密码后,user$.password列为空,但是密码依旧区分大小写。这里可以看出来,user$.password项以后可能取消掉,为了兼容性,因此Oracle在后续版本中依旧保留.

关于oracle 11G中恢复以前密码操作总结
1. 通过values user$.password恢复以前密码后,不区分大小写
2. 通过values user$.spare4恢复以前密码后,区分大小写
3. 目前两种方式都可以实现11g恢复以前密码,但是推荐使用user$.spare4值修改

热门栏目