Database Authentication Password Policies (Doc ID 523729.1)

Last updated on AUGUST 01, 2017

Applies to:

Siebel CRM - Version 7.8.2 SIA [19213] to 8.2.2 SIA[22320] [Release V7 to V8]
Information in this document applies to any platform.
Product Release: V7 (Enterprise)
Version: 7.8.2 [19213] Com/Med
Database: Oracle 9i
Application Server OS: None - Not Implementing Web Server OS
Database Server OS: None - Not Implementing Web Server OS

This document was previously published as Siebel SR 38-2969937151.
Checked for Relevancy 01/07/2017 and added the link of different strategies of authentication for siebel

Symptoms

Hi,

Would you be able to provide me a few clear statements on how password policies can be implemented with Siebel using database authentication on an Oracle 9i database? We are looking to implement password policies without having to use an LDAP or AD solution.

The questions I need answered are:

1. Password Expiration – as per SR 38-689230951, SR 38-830530751 and SR 38-783715756 it appears that this is not possible to implement this with Oracle database authentication despite Oracle supporting this internally. This appears to have been a CR back in Siebel v6 which has not been implemented. According to bookshelf password expiration is supported by LDAP, AD and IBM DB2 databases only (see Table 6 in security guide for Siebel Business Apps > Security Adapter Authentication). I assume there’s no plans of this CR being implemented in the next release?

2. Password Length & Format – on the same table, under the account policies (such as password expiration, password syntax, and account lockout) for the database security adapter in Table 6:

"Among supported RDBMS vendors for the Siebel Database, account policy (password expiration only) is supported only for supported IBM DB2 Universal Database platforms."

This implies that other RDBMS vendor platforms (i.e. Oracle) support the other features mentioned here – I know that these can be implemented through Oracle however what is not clear is how the Oracle messages are displayed to the user – can you confirm how Siebel displays messages to user if we implement the following policies on Oracle:

-          Minimum Password Length

-          Mandatory use of numbers / characters

-          Account Lockout

If these features cannot be supported through database authentication can I suggest the documentation is changed to indicate that no account policies can be implemented for database authentication?

Many Thanks.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms