alter user password expire

[dbmullen]

connected as SYSTEM with DBA privs to a 10.2.0.3 oracle database with a default profile of

create profile DEFAULT limit
sessions_per_user unlimited
cpu_per_session unlimited
cpu_per_call unlimited
connect_time unlimited
idle_time unlimited
logical_reads_per_session unlimited
logical_reads_per_call unlimited
composite_limit unlimited
private_sga unlimited
failed_login_attempts 5
password_life_time 90
password_reuse_time .0103
password_reuse_max 3
password_lock_time 7
password_grace_time 15
password_verify_function VERIFY_FUNCTION;

when we right click/Edit user to change the password, the "expire password" is "greyed"

 

[Marco Kalter]

This indicates that the password is expired. I assume the expiration checkbox is checked? This password status will only change after setting the password.

 

[dbmullen]

the password is not Expired and the box is "greyed" so I can't change it.

 

[Marco Kalter]

I cannot immediately reproduce this. What s your exact PL/SQL Developer version?

 

[dbmullen]

version 7.1.4.1390 02.39236
well.. I can "change" the password but, it will be "expired" because the "expire-password" "check-box" is Greyed.

 

[Marco Kalter]

Okay, we'll investigate.

 

[Patrick Holmes]

This problem might relate to confusion I just had, but then figured out. In fact, I was about to create an enhancement request but I thought I'd check first to see if other people had the same problem, so I'll comment here instead of creating a new topic: PL/SQL Developer shows the "expired" checkbox as greyed-out if the dba_users.expiry_date for that user is not null, even if it is sometime in the future. If that user is assigned a non-default security profile which includes a "password life time" value, then (a) the user will *always* have a non-null expiry_date, set to some time in the future. For example, I created a new security profile with a "password life time" of 180 days, and assigned that profile to a user named "TEST". If you query dba_users for that user, you see an expiry_date six months in the future and the account_status is still 'OPEN'. PL/SQL Developer shows the "password expire" checkbox as checked, and does not show the actual status. I suspect that dbmullen has a similar situation. Regardless of whether this is the same situation, I recommend the following enhancement request: In addition to showing the "password expire" as greyed and checked, you should also show the expiry_date next to it, and you should also show the current status. This would make it less confusing to users (like me). (I knew the password shouldn't be expiring for about six months, so I didn't understand why the checkbox was checked until I figured out what PL/SQL Developer must be doing!)

Note: if an administrator wants to expire the username immediately, he or she still can using: "ALTER USER PASSWORD EXPIRE;" The account_status changes to "EXPIRED" and the expiry_date changes to SYSDATE at the time the alter user command was executed.

Hope this is helpful,
pat holmes

 

[Patrick Holmes]

P.S. I'm using Oracle 9i, for what that is worth. Also, even after the user changes the password, PL/SQL Developer still shows the checkbox as checked because the expiry_date is still not null.