Reviewing User Accounts and Passwords
All databases created by the Oracle Database Configuration Assistant include the SYS, SYSTEM, and DBSNMP database accounts.
In addition, Oracle provides several other administrative accounts. Before using these other accounts, you must unlock them and reset their passwords.
Note:
Use Oracle Enterprise Manager Database Express 12c to view the complete list of database accounts.
See Also:
- Reviewing Administrative Accounts
Describes the administrative user names. - Unlocking and Resetting User Passwords
Passwords for all Oracle system administration accounts exceptSYS,SYSTEM, andDBSNMPare revoked after installation.
Related Topics
Reviewing Administrative Accounts
Describes the administrative user names.
Table 8-1 Administrative Accounts
| User Name | Description | See Also |
|---|---|---|
|
|
Allows HTTP access to Oracle XML DB. |
|
|
|
The account owns the Oracle Application Express schema and metadata. |
|
|
|
The minimally privileged account used for Oracle Application Express configuration with Oracle HTTP Server and mod_plsql. |
|
|
|
Used for storing or managing all data and metadata required by Oracle Quality of Service Management. |
None |
|
|
The account where the unified audit data trail resides. |
|
|
The Oracle Text account. |
||
|
Used by Management Agent of Oracle Enterprise Manager to monitor and manage the database. |
Oracle Enterprise Manager Cloud Control Administrator's Guide |
|
|
Used by Directory Integration Platform (DIP) to synchronize the changes in Oracle Internet Directory with the applications in the database. |
None |
|
|
|
The account owned by Database Vault that contains public functions to retrieve the Database Vault Factor values. |
|
|
|
There are two roles associated with this account. Database Vault owner role manages the Database Vault roles and configurations. The Database Vault Account Manager is used to manage database user accounts. Note: Part of Oracle Database Vault user interface text is stored in database tables in the DVSYS schema. By default, only the English language is loaded into these tables. You can use the |
|
|
Owns the Expression Filter schema. |
None |
|
|
The account owns the Oracle Application Express uploaded files. |
Oracle Application Express App Builder User’s Guide | |
|
|
The internal account that owns the Global Data Services schema. It must not be unlocked or used for a database login. |
Oracle Database Global Data Services Concepts and Administration Guide |
|
|
The account used by Global Service Manager to connect to the Global Data Services catalog. |
Oracle Database Global Data Services Concepts and Administration Guide |
|
|
The account used by Global Service Manager to connect to the database. |
Oracle Database Global Data Services Concepts and Administration Guide |
|
Owns the Human Resources schema included in the Oracle Sample Schemas. It is available only if you loaded the Sample Schemas. |
||
|
The Oracle Label Security administrator account. |
Oracle Label Security Administrator’s Guide | |
|
The schema used by Oracle Spatial and Graph for storing geocoder and router data. |
||
|
The Oracle Spatial and Graph, and Oracle Multimedia Locator administrator account. |
||
|
This account contains the instrumentation for configuration collection used by the Oracle Configuration Manager. |
Oracle Configuration Manager Installation and Administration Guide |
|
|
|
This account contains the Oracle Multimedia DICOM data model. |
|
|
The Oracle Multimedia user. Plug-ins supplied by Oracle and third party plug-ins are installed in this schema. |
||
|
The Oracle Multimedia administrator account. |
||
|
Centrally manages metadata associated with stored outlines. Supports plan stability, which enables maintenance of the same execution plans for the same SQL statements. |
None |
|
REMOTE_SCHEDULER_AGENT |
The account to disable remote jobs on a database. | Oracle Database Administrator’s Guide |
|
Stores the information views for the SQL/MM Still Image Standard. |
||
|
|
The Catalog Services for the Web (CSW) account. It is used by the Oracle Spatial and Graph CSW cache manager to load all record type metadata, and record instances from the database into the main memory for the record types that are cached. |
|
|
|
The Web Feature Service (WFS) account. It is used by the Oracle Spatial and Graph WFS cache manager to load all feature-type metadata, and feature instances from the database into main memory for the feature types that are cached. |
|
|
Used for performing database administration tasks. |
Oracle Database Administrator’s Guide | |
|
|
The account used to perform backup and recovery tasks. |
Oracle Database Installation Guide (this guide) |
|
|
The account used to administer and monitor Oracle Data Guard. |
Oracle Database Installation Guide (this guide) |
|
|
The account used to perform encryption key management. |
Oracle Database Installation Guide (this guide) |
|
|
The account used to perform a limited set of administrative tasks to create a separate group of operating system users. |
Oracle Database Installation Guide (this guide) |
SYS$UMF |
The account used to administer Remote Management Framework, including the remote Automatic Workload Repository (AWR). | Oracle Database Performance Tuning Guide |
|
Used for performing database administration tasks. |
Oracle Database Administrator’s Guide | |
|
The account used to store the metadata information for Oracle Workspace Manager. |
||
|
Used for storing Oracle XML DB data and metadata. |
Unlocking and Resetting User Passwords
Passwords for all Oracle system administration accounts except SYS, SYSTEM, and DBSNMP are revoked after installation.
Before you use a locked account, you must unlock it and reset its password. If you created a preconfigured database during the installation, but you did not unlock accounts required to use the database, then you must unlock and reset those accounts using these procedures.
Apply the following guidelines when specifying passwords:
-
Passwords must be between 8 and 30 characters long.
-
Passwords must not start with a numeral.
-
Password cannot contain invalid characters: ! @ % ^ & * ( ) + = \ | ` ~ [ { ] } ; : ' " , < > ?
-
Passwords must not be the same as the user name.
-
Passwords must not be Oracle reserved words.
-
The
SYSaccount password cannot bechange_on_install. (case-insensitive) -
The
SYSTEMaccount password cannot bemanager. (case-insensitive) -
The
SYSMANaccount password cannot besysman. (case-insensitive) -
The
DBSNMPaccount password cannot bedbsnmp. (case-insensitive) -
If you choose to use the same password for all the accounts, then that password cannot be
change_on_install,manager,sysman, ordbsnmp. (case-insensitive) -
Passwords must have at least one alphabetic, one numeric, and one special character.
-
Passwords must not be simple or obvious words, such as
welcome,account,database, anduser.
Note:
If you select the option to create the database as a multitenant container database, then you must provide the pluggable database administrator password.
If you created a starter database during the installation, but you did not unlock the required account, unlock the account using one of the following methods:
- Using Enterprise Manager Database Express 12c to Unlock Accounts and Reset Passwords
Use this procedure to unlock and reset user account passwords using Oracle Enterprise Manager Database Express 12c. - Using SQL*Plus to Unlock and Change Passwords
Use this SQL*Plus procedure to unlock and reset user account passwords.
See Also:
Using Enterprise Manager Database Express 12c to Unlock Accounts and Reset Passwords
Use this procedure to unlock and reset user account passwords using Oracle Enterprise Manager Database Express 12c.
To unlock and reset user account passwords:
See Also:
Tip:
Click Help in the Oracle Enterprise Manager Database Express 12c window for more information