My Oracle Support Banner

How to Capture the Username of the Altered User (Doc ID 199455.1)

Last updated on APRIL 21, 2020

Applies to:

Oracle Database Cloud Service - Version N/A and later
Oracle Database - Enterprise Edition - Version 9.2.0.1 to 11.2.0.3 [Release 9.2 to 11.2]
Oracle Database Cloud Schema Service - Version N/A and later
Gen 1 Exadata Cloud at Customer (Oracle Exadata Database Cloud Machine) - Version N/A and later
Oracle Cloud Infrastructure - Database Service - Version N/A and later
Information in this document applies to any platform.
Checked for relevance on 19-Apr-2013


Purpose

This article explains how to audit/capture what user passwords are altered in the database.

Scope

A user with the "ALTER USER" privilege can alter other users passwords. Oracle provides Client events through which these operations can be traced. You can use "AFTER ALTER" or "BEFORE ALTER" Client Event to capture the details pertaining to the altered user.

The trigger will fire only for the normal users. It will not fire when the monitored action is executed by a SYSDBA user or by a user being granted the ADMINISTER DATABASE TRIGGER privilege

The following example will collect:

1) The user that executed the "ALTER USER" statement
2) The name of the user whose password was altered.

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.