Introduction
Este documento descreve como desbloquear a conta de usuário da Oracle do Cisco IoT Field Network Diretor (IoT-FND) e alterar a configuração de expiração de senha para ilimitada.
Prerequisites
Requirements
A Cisco recomenda que você tenha conhecimento destes tópicos:
- Operações básicas de shell do Linux (ver registros, iniciar um processo etc.)
- Compreensão básica de consultas SQL
Componentes Utilizados
Este documento não se restringe a versões de software e hardware específicas.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. Se a rede estiver ativa, certifique-se de que você entenda o impacto potencial de qualquer comando.
Informações de Apoio
Este documento pressupõe que você tem dois servidores Linux separados:
Problema
SINTOMA 1: IoT-FND não está sendo iniciado, falha na verificação da conexão do banco de dados.
[root@IoT-FND-SRV ~]# service cgms status
IoT-FND Version X.X.XX
08-01-2018 15:14:58 CEST: INFO: IoT-FND database server: XX.XX.XX.XX
08-01-2018 15:15:01 CEST: ERROR: IoT-FND database connection verification failed.
08-01-2018 15:15:02 CEST: ERROR: IoT-FND application server is not running.
SINTOMA 2: cgms_db_connection_test.log contém entradas semelhantes a:
[root@IoT-FND-SRV ~]# tail -n 50 /opt/cgms/server/cgms/log/cgms_db_connection_test.log
2018-08-01 12:27:22,767:INFO:main:TestDBConnection: Checking database connection. Please wait ...
2018-08-01 12:27:22,856:INFO:main:TestDBConnection: Database URL: jdbc:oracle:thin:@XX.XX.XX.XX:1522:cgms
2018-08-01 12:27:22,856:INFO:main:TestDBConnection: Database user: cgms_dev
2018-08-01 12:27:23,156:ERROR:main:TestDBConnection: Unable to check database connection. Exception:
java.sql.SQLException: ORA-28001: the password has expired
Note: O aplicativo IoT-FND usa o usuário do banco de dados CGMS_DEV para acessar o banco de dados Oracle.
Nota: Por padrão, o banco de dados Oracle tem a Expiração de Senha habilitada, portanto, após algum tempo, as senhas da conta expiram e não é possível usá-las sem alterar a senha.
SINTOMA 3: O status da conta de usuário do Oracle CGMS_DEV é definido como EXPIRED.
[oracle@IoT-FND-Oracle]$ sqlplus / as sysdba
SQL*Plus: Release 12.1.0.2.0 Production on Wed Aug 1 16:02:25 2018
Copyright (c) 1982, 2014, Oracle. All rights reserved.
Connected to:
Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options
SQL> SELECT USERNAME,ACCOUNT_STATUS FROM DBA_USERS WHERE USERNAME LIKE 'cg%';
USERNAME
--------------------------------------------------------------------------------
ACCOUNT_STATUS
--------------------------------
CGMSDBA
OPEN
CGMS_DEV
EXPIRED
Solução
Etapa 1. Faça login no servidor IoT-FND com SSH.
Etapa 2. Interrompa os serviços do FND.
[root@IoT-FND-SRV]$ service cgms stop
Observação: se você não interromper os serviços IoT-FND, o FND tentará se conectar ao banco de dados usando uma senha antiga e a conta será bloqueada até que você conclua este procedimento.
Etapa 3. Faça login no servidor Oracle com SSH.
Etapa 4. Mudar para o usuário do sistema oracle:
[root@IoT-FND-Oracle]$ su - oracle
[oracle@IoT-FND-Oracle]$
Etapa 5. Conecte-se à instância raiz do banco de dados Oracle como usuário sysdba:
[oracle@IoT-FND-Oracle]$ sqlplus / as sysdba
SQL*Plus: Release 12.1.0.2.0 Production on Wed Aug 1 16:19:23 2018
Copyright (c) 1982, 2014, Oracle. All rights reserved.
Connected to:
Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options
SQL>
Etapa 6. Modificar a definição password_life_limit para ilimitado:
sql> ALTER PROFILE DEFAULT LIMIT PASSWORD_LIFE_TIME UNLIMITED;
Profile altered.
Passo 7. Verifique quais contas têm senhas expiradas.
SQL> SELECT USERNAME,ACCOUNT_STATUS FROM DBA_USERS WHERE ACCOUNT_STATUS='EXPIRED';
USERNAME
--------------------------------------------------------------------------------
ACCOUNT_STATUS
--------------------------------
CGMSDBA
OPEN
CGMS_DEV
EXPIRED
Etapa 8. Definir senha para o usuário CGMS_DEV:
sql> ALTER USER CGMS_DEV IDENTIFIED BY
;
User altered.
Observação: se você souber a senha antiga, poderá reutilizá-la. Se não, você precisará executar o script cgmsSetup.sh no servidor IoT-FND para modificar as senhas do banco de dados definidas no FND.
Etapa 9. Desbloquear a conta de usuário CGMS_DEV:
SQL> ALTER USER CGMS_DEV ACCOUNT UNLOCK;
User altered.
Etapa 10. Verifique o status da conta de usuários CGMS_:
SQL> SELECT USERNAME,ACCOUNT_STATUS FROM DBA_USERS WHERE USERNAME LIKE 'cg%';
USERNAME
--------------------------------------------------------------------------------
ACCOUNT_STATUS
--------------------------------
CGMSDBA
OPEN
CGMS_DEV
OPEN
Etapa 11. Faça login no servidor IoT-FND com SSH.
Etapa 12. Inicie o script /opt/cgms/bin/setupCgms.sh para alterar a configuração de senha do banco de dados. Deixe todas as outras configurações com seus valores padrão:
[root@IoT-FND-SRV]# /opt/cgms/bin/setupCgms.sh
08-01-2018 16:40:43 CEST: INFO: ========== IoT-FND Setup Started - 2018-08-01-16-40-43 ==========
08-01-2018 16:40:43 CEST: INFO: Log file: /opt/cgms/bin/../server/cgms/log/cgms_setup.log
Are you sure you want to setup IoT-FND (y/n)? y
08-01-2018 16:40:46 CEST: INFO: User response: y
Do you want to change the database settings (y/n)? y
08-01-2018 16:40:54 CEST: INFO: User response: y
Enter database server hostname or IP [XX.XX.XX.XX]:
08-01-2018 16:40:55 CEST: INFO: Database server: XX.XX.XX.XX
Enter database server port [1522]:
08-01-2018 16:40:57 CEST: INFO: Database server port: 1522
Enter database SID [cgms]:
08-01-2018 16:40:59 CEST: INFO: Database SID: cgms
Do you wish to configure another database server for this IoT-FND ? (y/n)? n
08-01-2018 16:41:02 CEST: INFO: User response: n
08-01-2018 16:41:02 CEST: INFO: Configuring database settings. This may take a while. Please wait ...
08-01-2018 16:41:03 CEST: INFO: Database settings configured.
Do you want to change the database password (y/n)? y
08-01-2018 16:41:06 CEST: INFO: User response: y
Enter database password:
Re-enter database password:
08-01-2018 16:41:10 CEST: INFO: Configuring database password. This may take a while. Please wait ...
08-01-2018 16:41:13 CEST: INFO: Database password configured.
Do you want to change the keystore password (y/n)? n
08-01-2018 16:41:16 CEST: INFO: User response: n
Do you want to change the web application 'root' user password (y/n)? n
08-01-2018 16:41:19 CEST: INFO: User response: n
Do you want to change the FTP settings (y/n)? n
08-01-2018 16:41:22 CEST: INFO: User response: n
Do you want to change router CGDM protocol settings (y/n)? n
08-01-2018 16:41:24 CEST: INFO: User response: n
Do you want to change log file settings)? (y/n)? n
08-01-2018 16:41:25 CEST: INFO: User response: n
08-01-2018 16:41:25 CEST: INFO: ========== IoT-FND Setup Completed Successfully ==========
Etapa 13. Verificar a conectividade do banco de dados:
[root@IoT-FND-SRV ~]# service cgms status
IoT-FND Version X.X.X-XXX
08-01-2018 16:46:14 CEST: INFO: IoT-FND database server: XX.XX.XX.XX
08-01-2018 16:46:15 CEST: INFO: IoT-FND database connection verified.
08-01-2018 16:46:15 CEST: ERROR: IoT-FND application server is not running.
Etapa 14. Iniciar o aplicativo IoT-FND:
[root@IoT-FND-SRV ~]# service cgms start
Etapa 15. Verifique as operações da IoT-FND:
[root@IoT-FND-SRV ~]# service cgms status
IoT-FND Version X.X.X-XXX
08-01-2018 16:49:04 CEST: INFO: IoT-FND database server: XX.XX.XX.XX
08-01-2018 16:49:04 CEST: INFO: IoT-FND database connection verified.
08-01-2018 16:49:05 CEST: INFO: IoT-FND application server is up and running.
08-01-2018 16:49:06 CEST: INFO: IoT-FND is up and running.