OID 11g: How To Change The Storage Of All Passwords And Password Verifiers Hash Formats To SHA? (Doc ID 1534243.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Internet Directory - Version 11.1.1 and later
Information in this document applies to any platform.

Goal

Oracle Internet Directory (OID) 11g.

During a security pen test, the following password formats were observed in OID directory:

X-ORCLDBPWD - Legacy Oracle database password format.
„X-ORCLNTV - Windows NTLM.
„X-ORCLLMV - Windows LanMan.
„MD5, SASL/MD5, X-ORCLWEBDAV, X-ORCLCIFSMD5 - MD5
„SSHA - SHA-1

The pen test recommendation is that only the SHA method should be used to store passwords.

How to set all password and verifiers hashes to also be SSHA512?
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms