Skip to main content

Oracle E-Business Suite Password Management using AFPASSWD

AFPASSWD Utility:

It is an enhanced version of FNDCPASS and includes the following features:
  • It prompts for passwords required for the current operation.
  • It avoids the security risk incurred by entering passwords on the command line for FNDCPASS.
  • User enter the new password twice to confirm.
  • Can be used to migrate Oracle EBS user passwords to a non-reversible hash password scheme.
Note: Always run AutoConfig after changing any system (type 2) password.
Refer : How To Change Applications Passwords Using Applications Schema Password Change Utility (FNDCPASS or AFPASSWD) (Doc ID 437260.1)
 To migrate Oracle E-Business Suite user passwords to a password hashing scheme:
AFPASSWD [-c <APPSUSER>[@<TWO_TASK>]] -m <HASH_MODE> {FULL|BACKGROUND|PARTIAL}
Known issues of AFPASSWD:
  • Adadmin Fails After Schema Password Is Changed Using AFPASSWD (Doc ID 1492939.1)
  • ISSUE DURING AFPASSWD UTILITY RUN (Doc ID 2157967.1)
  • AFPASSWD Relink Fails While Applying R12 Patch With Error Undefined Reference To `iifgcg' (Doc ID 1499357.1)
  • Migrating Password Using AFPASSWD Fails With Error: "Users with Invalid passwords" (Doc ID 2194846.1)
AFPASSWD Usage:
AFPASSWD [-c <APPSUSER>[@<TWO_TASK>]] -f <FNDUSER>
AFPASSWD [-c <APPSUSER>[@<TWO_TASK>]] -o <DBUSER>
AFPASSWD [-c <APPSUSER>[@<TWO_TASK>]] -a
AFPASSWD [-c <APPSUSER>[@<TWO_TASK>]] -l <ORACLEUSER> {TRUE|FALSE}
AFPASSWD [-c <APPSUSER>[@<TWO_TASK>]] -L {TRUE|FALSE}
AFPASSWD [-c <APPSUSER>[@<TWO_TASK>]] -s <APPLSYS>
AFPASSWD [-c <APPSUSER>[@<TWO_TASK>]] -h

These options have the following functions:
-c <APPSUSER>[@<TWO_TASK>]:
Specifies the connection string to use, the Oracle E-Business Suite user, and/or the value of TWO_TASK.
Can be use in combination with others. Default values from the environment will be used.

-f <FNDUSER>:
Changes password for an Oracle E-Business Suite user.
User name that with spaces or special characters must be enclosed in double quotation marks;
For example, "JO BAY" or "
JO.BAY@EXAMPLE.COM"..
-o <DBUSER>:
Changes the password for an Oracle EBS database user.
Note: This only applies to users listed in the FND_ORACLE_USERID table, not database users in general.
-a:
Changes all Oracle passwords for schemas that are registered as base product schemas in the FND_ORACLE_USERID table (
excluding the passwords of APPS, APPLSYS, and APPS_NE) to the same password, in the same way as the ALLORACLE mode does in FNDCPASS.
-l:
Locks or unlocks an individual Oracle EBS database user (ORACLE_USER) (except required schemas).
Specify TRUE to lock or FALSE to unlock.
-L:
Locks or unlocks all Oracle EBS database users (except required schemas). Specify TRUE to lock or FALSE to unlock.
-s <APPLSYS>:
Changes the password for the APPLSYS user, the APPS user, and the APPS_NE user.
This requires the execution of AutoConfig on all tiers. After changing the APPLSYS password, you must also perform the steps to Update WLS Data Source.
-h:
Displays help.

 

Comments

Popular posts from this blog

MySQL InnoDB cluster troubleshooting | commands

Cluster Validation: select * from performance_schema.replication_group_members; All members should be online. select instance_name, mysql_server_uuid, addresses from  mysql_innodb_cluster_metadata.instances; All instances should return same value for mysql_server_uuid SELECT @@GTID_EXECUTED; All nodes should return same value Frequently use commands: mysql> SET SQL_LOG_BIN = 0;  mysql> stop group_replication; mysql> set global super_read_only=0; mysql> drop database mysql_innodb_cluster_metadata; mysql> RESET MASTER; mysql> RESET SLAVE ALL; JS > var cluster = dba.getCluster() JS > var cluster = dba.getCluster("<Cluster_name>") JS > var cluster = dba.createCluster('name') JS > cluster.removeInstance('root@<IP_Address>:<Port_No>',{force: true}) JS > cluster.addInstance('root@<IP add>,:<port>') JS > cluster.addInstance('root@ <IP add>,:<port> ') JS > dba.getC...

MySQL slave Error_code: 1032 | MySQL slave drift | HA_ERR_KEY_NOT_FOUND

MySQL slave Error_code: 1032 | MySQL slave drift: With several MySQL, instance with master slave replication, I have one analytics MySQL, environment which is larger in terabytes, compared to other MySQL instances in the environment. Other MySQL instances with terabytes of data are running fine master, slave replication. But this analytics environment get started generating slave Error_code :1032. mysql> show slave status; Near relay log: Error_code: 1032; Can't find record in '<table_name>', Error_code: 1032; handler error HA_ERR_KEY_NOT_FOUND; the event's master log <name>-bin.000047, end_log_pos 5255306 Near master section: Could not execute Update_rows event on table <db_name>.<table_name>; Can't find record in '<table_name>', Error_code: 1032; Can't find record in '<table_name>', Error_code: 1032; handler error HA_ERR_KEY_NOT_FOUND; the event's master log <name>-bin.000047, end_l...

InnoDB cluster Remove Instance Force | Add InnoDB instance

InnoDB cluster environment UUID is different on node: To fix it stop group replication, remove instance (use force if require), add instance back Identify the node which is not in sync: Execute following SQL statement on each node and identify the node has different UUID on all nodes. mysql> select * from mysql_innodb_cluster_metadata.instances; Stop group replication: Stop group replication on the node which does not have same UUID on all nodes. mysql > stop GROUP_REPLICATION; Remove instances from cluster: Remove all secondary node from the cluster and add them back if require. $mysqlsh JS >\c root@<IP_Address>:<Port_No> JS > dba.getCluster().status() JS > dba.getCluster () <Cluster:cluster_name> JS > var cluster = dba.getCluster("cluster_name"); JS >  cluster.removeInstance('root@<IP_Address>:<Port_No>'); If you get "Cluster.removeInstance: Timeout reached waiting......" JS > cluster.removeInstance(...