Skip to content

How to Change or Reset password of super user cn=orcladmin account

February 18, 2010

oidpasswd utility is used in changing the super user account (cn=orcladmin) and ODS database schema password.

Note: cn=orcladmin is different from orasso orcladmin account which is used for SSO administration. if you want to change /pls/orasso orcladmin acccount you can do it directly from ODS or OIDDAS.

I) Changing cn=orcladmin password if ODS password is known

$oidpasswd  conn=Connect string   reset_su_password=true

Command would prompt for ODS password ex:

$oidpasswd  conn=Connect string of MR reset_su_passwword=true

OID DB user password:
 password: Enter password
 confirm password: Enter Password
 OID super user password reset successfully

II) Unlocking super user cn=orcladmin account.

$oidpasswd connect=connect_string  unlock_su_account=true

III) Changing cn=orcladmin password if ODS password is unkown or forgotten.

Resetting the cn=orcladmin is bit lengthy and would require some down time on OID.

1. Shutdown the OID processes

$ opmnctl stopproc ias-component=OID

2. Verify that there is no OID process running

% ps -ef | grep -i oid

3. Rename ls oidpwd* files in $ORACLE_HOME/ldap/admin directory.

4. Login into OID database and change ODS password

SQL> alter user ods identified by password;

5. Verify that you are able to login to the database using following command.

$ sqlplus ods/password@connect_string

6. Execute the oidpasswd command to recreate the files renamed in step 3

%oidpasswd connect=connect_string create_wallet=true

Note: To use in this step the same password defined in step 4.

7. Verify that the files renamed in step 3 have been recreated under $ORACLE_HOME/ldap/admin directory

8. If the orcladmin account is locked then use following command

$ oidpasswd connect=connect_string unlock_su_acct=true

9. If the password for orcladmin needs to be changed then use following command

$ oidpasswd connect=connect_string reset_su_password=true
OID DB user password:
password: Enter password
confirm password: Enter Password
OID super user password reset successfully

10. Start the OID process

% opmnctl startproc ias-component=OID

11. Verify that the account orcladmin has been unlocked or that the password has been changed successfully

$ $ORACLE_HOME/bin/ldapbind -p port -D cn=orcladmin -w newpasswd

Reference:
472752.1 : How to Unlock/Reset Super User cn=orcladmin When the ODS’s Password Has Been Forgotten or is Unknown?
251354.1:  OID Superuser Password Locked: How to Unlock the orcladmin Password

OIDPASSWD:
http://download.oracle.com/docs/cd/B14099_07/manage.1012/b14082/syntax.htm#sthref3864
A.9 OID Database Password Utility (oidpasswd) Syntax

Note: if you want to change the passwords of cn=orcladmin and ODS Database schema  and sync their passwords (cn=orcladmin & ODS would have same passwords). You need to change orcladmin and then ODS

Other Links

1.  Installing Oracle Internet Directory on RAC

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s