[Previous entry: "Frank Nimphius talks about displaying the authenticated username in ADF UIX using EL."] [Next entry: "Oracle secalert_us have sent out emails to tell some customers about the quarterly patch schedule"]
Updates to the default password list and checker for SAP default users
November 23rd, 2004 by Pete
Post to del.icio.us
Post to Furl
First thanks to Rich Holland who emailed me yesterday to give me some updates to the default password list for the SAP accounts listed. he has corrected me on the schema owner for SAP, it should be listed as SAPR3 for older versions of SAP and also for newer versions it is actually SAP{schema name}. Also he has made me aware that the SAP user listed is an application account as is DDIC. There is also a SAP* account in the application.
I have thought about it and decided to leave the SAP application users in the list even though they should never exist as Oracle database users. The reasoning is that these usernames have been around on various lists for a few years and there is a chance that someone could have created them in the database.
So I have updated the list to correctly identify these users as application users in the descriptions. I have also added a new page to discuss the issues with SAP default users when in an Oracle context.
This has all meant changes to all the list files accessed from the default password list page and also to the check tool to include updated MS Excel spreadsheet and data install scripts. I have added a change history list to the default password list main page.
November 23rd, 2004 at 10:52 pm
MojoMark says:
Hi Pete, this is a valuable tool. I'm a web-app developer, beginning dba, and aspiring entrepreneur. On most of these accounts, the report says "EXPIRED AND LOCKED". Can these accounts remain in this status? or should they be removed. And with regards to DBSNMP, should/can it be deleted, or EXPIRED and LOCKED?
Thanks.