Sie sind auf Seite 1von 39
 
 An Oracle White Paper May 2012
Oracle Fusion Applications Managing Passwords
Disclaimer
 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing
of any features or functionality described for Oracle’s products remains at the sole
 discretion of Oracle.
 
Fusion Applications
 –
 Changing Passwords
Copyright © 2012 Oracle Corporation
 Page 2
Table of Contents
 Introduction .................................................................................................................................................. 3 Administrators for Fusion Applications .................................................................................................... 3 Fusion Applications Super Administrator Users ....................................................................................... 5 Stop Fusion Applications ............................................................................................................................... 6 Changing APP ID Passwords .......................................................................................................................... 7 Changing Keystore Password ........................................................................................................................ 9 Changing Super User (FAdmin) Password ................................................................................................... 13 Changing System/Policy Users Password ................................................................................................... 15 Account Lock and Password Expiration Policies ......................................................................................... 15 Changing Fusion Applications Database Passwords ................................................................................... 16 Changing JDBC Data Sources .................................................................................................................. 16 Changing Credential Store Mapping ....................................................................................................... 20 Updating ESS Spawned Job Wallet ......................................................................................................... 22 Changing ODI Repository Password ........................................................................................................ 23 Changing BI Repository Password ........................................................................................................... 23 Updating ESSBase Registry...................................................................................................................... 26 Changing passwords in Oracle Metadata Repository schema ................................................................ 28 Changing Node Manager Password ............................................................................................................ 28 Changing BI System User Password ............................................................................................................ 29 Changing the Oracle Internet Directory Database Password ..................................................................... 29 Changing the Password for the ODSM Administrator Account .................................................................. 30 Restart Fusion Applications ........................................................................................................................ 30 Appendix A
 
Fusion Applications
 –
 Changing Passwords
Copyright © 2012 Oracle Corporation
 Page 3
Introduction
There are several types of administrative passwords that could be changed periodically based on security requirements and standard operating procedures. The scope of this document is to reflect how password changes in external components such as databases, IDMs, etc impacts Fusion Applications tier and how to reconfigure them. This document covers critical password changes such as Fusion Apps administrators, super users, Keystores, database schema, etc. This document does not include IDM and Oracle database related administrative user password changes. Also there is absolutely no attempt in this document on providing any best practices on password management and security policies. This document is targeted at experienced Fusion Applications System Administrators, Security Architects, and Operation teams. The sample code provided in any section is for demonstration purpose only.
 Administrators for Fusion Applications
The application provisioning process bootstraps the provisioned environment with two administrator groups for each application family. These two administrator groups are:
 
A system administrator - A directory group representing the WebLogic Server domain administrators for all the domains.
 
An application administrator - A directory group with an assigned enterprise role reflecting all the application roles and delegation privileges for all the applications in a given family. The purpose of creating these "Super Administrators" during provisioning is to enable ongoing administration and/or delegation privileges. The above process facilitates separation of duties between system administration and application administration responsibilities, but you are free to assign the same user to both hierarchies ("system admin" and "application admin"). The following table shows the groups that are created for each family.
Provisioned Administrator Groups

Ihre Neugier belohnen

Alles, was Sie lesen wollen.
Jederzeit. Überall. Auf jedem Gerät.
Keine Verpflichtung. Jederzeit kündbar.
576648e32a3d8b82ca71961b7a986505