Oracle 賬號 EXPIRED(GRACE) 意義-拾億
系統環境:Red Hat Enterprise Linux Server release 7.5 (Maipo)
資料庫版本:SQL*Plus: Release 19.0.0.0.0 - Production Version 19.7.0.0.0
資料庫:PDB
關於oracle狀態官方解釋如下:
ACCOUNT_STATUS:
Account status:
OPEN
The account is open.
EXPIRED
The password for the account is expired, either because the PASSWORD_LIFE_TIME limit was reached or because the password was expired by the ALTER USER ... PASSWORD EXPIRE command. The user can log in with the expired password, then change the password.
EXPIRED(GRACE)
The password for the account is expired because the PASSWORD_LIFE_TIME limit was reached, but the password change grace period (PASSWORD_GRACE_TIME) has not yet elapsed. The user can log in with the expired password, but will receive an ORA-28002 warning as a reminder that the password must soon be changed. If the PASSWORD_GRACE_TIME elapses, the user can log in with the expired password, then change the password.
LOCKED
The account is locked, either by the ALTER USER ... ACCOUNT LOCK command, or because the number of consecutive failed login attempts exceeded the FAILED_LOGIN_ATTEMPTS limit and the value of PASSWORD_LOCK_TIME is UNLIMITED. The account can be unlocked by the ALTER USER ... ACCOUNT UNLOCK command.
LOCKED(TIMED)
The account is locked because the number of consecutive failed login attempts exceeded the FAILED_LOGIN_ATTEMPTS limit and the PASSWORD_LOCK_TIME has not yet elapsed. The account can be unlocked either by the ALTER USER ... ACCOUNT UNLOCK command or by waiting until the PASSWORD_LOCK_TIME has elapsed.
EXPIRED & LOCKED
The password for the account is expired, as described for the EXPIRED account status, and the account is locked as described for the LOCKED account status. The account can first be unlocked as described for the LOCKED account status, then the password can be changed as described for the EXPIRED account status.
EXPIRED(GRACE) & LOCKED
The password for the account is expired, as described for the EXPIRED(GRACE) account status, and the account is locked as described for the LOCKED account status.
The account can first be unlocked as described for the LOCKED account status, then the password can be changed as described for the EXPIRED(GRACE) account status.
EXPIRED & LOCKED(TIMED)
The password for the account is expired, as described for the EXPIRED account status, and the account is locked as described for the LOCKED(TIMED) account status. The account can first be unlocked as described for the LOCKED(TIMED) account status, then the password can be changed as described for the EXPIRED account status.
EXPIRED(GRACE) & LOCKED(TIMED)
The password for the account is expired, as described for the EXPIRED(GRACE) account status, and the account is locked as described for the LOCKED(TIMED) account status. The account can first be unlocked as described for the LOCKED(TIMED) account status, then the password can be changed as described for the EXPIRED(GRACE) account status.
OPEN & IN ROLLOVER
The account is in the password rollover period. The user can log in with either the earlier password or the new password. However, at the time the user logs in, the server recalculates whether the account is still in its password rollover period. If the password rollover period has elapsed, then the login will succeed only if the new password was specified, and the account status will change to OPEN.
EXPIRED & IN ROLLOVER
The account is in the password rollover period and the password is expired as described for the EXPIRED account status. The user can log in with either the earlier password or the new password. However, at the time the user logs in, the server recalculates whether the account is still in its password rollover period. If the password rollover period has elapsed, then the login will succeed only if the new password was specified, and the account status will change to EXPIRED. After logging in, the user will be prompted to change the password.
LOCKED & IN ROLLOVER
The account is in the password rollover period and is also locked as described for the LOCKED account status. The account can be unlocked as described for the LOCKED account status, after which the user can log in as described for the OPEN & IN ROLLOVER account status.
EXPIRED & LOCKED & IN ROLLOVER
The account is in the password rollover period, its password is expired as described for the EXPIRED account status, and the account is locked as described for the LOCKED account status. The account can be unlocked as described for the LOCKED account status, after which the user can log in as described for the EXPIRED & IN ROLLOVER account status.
LOCKED(TIMED) & IN ROLLOVER
The account is in the password rollover period and is also locked as described for the LOCKED(TIMED) account status. The account can be unlocked as described for the LOCKED(TIMED) account status, after which the user can log in with either the earlier password or the new password. However, at the time the user logs in, the server recalculates whether the account is still in its password rollover period. If the password rollover period has elapsed, then the login will succeed only if the new password was specified.
EXPIRED & LOCKED(TIMED) & IN ROL
The account is in the password rollover period, its password is expired as described for the EXPIRED account status, and the account is locked as described for the LOCKED(TIMED) account status. The account can be unlocked as described for the LOCKED(TIMED) account status, after which the user can log in as described for the EXPIRED & IN ROLLOVER account status.
此次我們只測試資料庫使用者狀態
OPEN 和 EXPIRED(GRACE) 的expiry_date的意義
測試使用者的PROFILE:
測試賬號:TEST,SKY
現象:
我們設定的PRO_COMMON_USER 的PASSWORD_LIFE_TIME 為3天,PASSWORD_GRACE_TIME 為10天,但通過dba_users 檢視發現:
賬號SJY 是 open,同時 EXPIRY_DATE 是2021-02-10 18:21:38,而上一次密碼調整時間(此次為建立時間)2021-02-07 18:21:38,時間正好是3天;
賬號TEST 狀態是 EXPIRED(GRACE), EXPIRY_DATE 是2021-02-17 22:10:01,上一次密碼調整時間(此次為建立時間)2021-02-03 5:05:51,而時間是13天左右(此時不做時分秒的差異解釋)
解釋:
當資料庫賬號狀態不同的時候,他的時間列的意義是不同的
當狀態為OPEN 的時候是記錄資料庫過期的時間,即PASSWORD_LIFE_TIME;
當狀態為 EXPIRED(GRACE)的時候是記錄資料庫過期的時間加密碼提示過期時間,即PASSWORD_LIFE_TIME+PASSWORD_GRACE_TIME;
關於賬號TEST時分秒的時間差異是由於我再測試的時候22:10:01 調整了資料庫profile 屬性PASSWORD_LIFE_TIME,所以觸發了新的時間戳!
此次只是個人的一個測試,有不足地方,歡迎大家討論!
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/26342786/viewspace-2756756/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- ORACLE賬戶提示EXPIRED(GRACE)問題解決Oracle
- Oracle OJVM apply faile-拾億OracleJVMAPPAI
- Oracle 11G PSU 31326410 PSU apply failed 處理-拾億OracleAPPAI
- 使用者賬號個組賬號概述
- 快速顯示oracle錯誤號的含義Oracle
- 意義
- linux使用者賬號和組賬號概述Linux
- 賬號安全之掃號
- 試驗二:檢視centos的版本號以及版本號所代表的意義CentOS
- 搜狐號多賬號運營工具,多個賬號同步運營
- 賬號遷移
- windows賬號克隆Windows
- 蘋果企業賬號和個人賬號區別蘋果
- Oracle跨主機複製資料庫背後的意義Oracle資料庫
- 搜狐號多賬號管理工具,管理多個自媒體賬號
- 大魚號多賬號管理工具,管理200+自媒體賬號
- 《Steam賬號被盜》
- 申請 mysql 賬號MySql
- vue中“:”、“.”、“@”意義Vue
- 人生的意義
- 蘋果開發者賬號最新註冊流程(公司賬號篇)蘋果
- windows10如何新增賬號_windows10新增賬號的方法Windows
- 賬號越來越難申請,蘋果企業賬號回收蘋果
- 短影片多賬號管理系統,多平臺多賬號同步
- yarn certificate has expiredYarn
- 微信提醒使用者:批量惡意註冊賬號可能面臨法律制裁
- 新惡意軟體可盜取Steam、Epic等多個遊戲平臺賬號遊戲
- 蘋果開發者賬號最新註冊流程(個人賬號篇)蘋果
- nginx的配置檔案server_name的意義 location意義NginxServer
- 多賬號登入控制
- 如何註冊facebook賬號
- 如何切換SVN賬號
- Git 多賬號 SSH 配置Git
- 百家號多賬號運營系統,多平臺運營自媒體賬號
- code review的意義View
- 快手多賬號運營工具,多個賬號同時進行運營
- 趣頭條多賬號運營工具,運營200+賬號,提高收益
- 短影片多賬號管理平臺,一鍵釋出多個影片賬號