簡介
本文檔介紹如何解鎖Cisco IoT Field Network Director(IoT-FND)的Oracle使用者帳戶,並將密碼到期設定更改為無限制。
必要條件
需求
思科建議您瞭解以下主題:
- 基本Linux shell操作(檢視日誌、啟動進程等)
- 對SQL查詢的基本瞭解
採用元件
本文件所述內容不限於特定軟體和硬體版本。
本文中的資訊是根據特定實驗室環境內的裝置所建立。文中使用到的所有裝置皆從已清除(預設)的組態來啟動。如果您的網路運作中,請確保您瞭解任何指令可能造成的影響。
背景資訊
本檔案假設您有兩個獨立的Linux伺服器:
問題
症狀1:IoT-FND未啟動,資料庫連線驗證失敗。
[root@IoT-FND-SRV ~]# service cgms status
IoT-FND Version X.X.XX
08-01-2018 15:14:58 CEST: INFO: IoT-FND database server: XX.XX.XX.XX
08-01-2018 15:15:01 CEST: ERROR: IoT-FND database connection verification failed.
08-01-2018 15:15:02 CEST: ERROR: IoT-FND application server is not running.
症狀2:cgms_db_connection_test.log包含類似以下內容的條目:
[root@IoT-FND-SRV ~]# tail -n 50 /opt/cgms/server/cgms/log/cgms_db_connection_test.log
2018-08-01 12:27:22,767:INFO:main:TestDBConnection: Checking database connection. Please wait ...
2018-08-01 12:27:22,856:INFO:main:TestDBConnection: Database URL: jdbc:oracle:thin:@XX.XX.XX.XX:1522:cgms
2018-08-01 12:27:22,856:INFO:main:TestDBConnection: Database user: cgms_dev
2018-08-01 12:27:23,156:ERROR:main:TestDBConnection: Unable to check database connection. Exception:
java.sql.SQLException: ORA-28001: the password has expired
附註:IoT-FND應用程式使用CGMS_DEV資料庫使用者訪問Oracle資料庫。
附註: 預設情況下,Oracle資料庫已啟用口令過期功能,因此一段時間後,帳戶口令會過期,如果不更改口令,將無法使用它們。
症狀3:Oracle CGMS_DEV使用者帳戶狀態設定為EXPIRED。
[oracle@IoT-FND-Oracle]$ sqlplus / as sysdba
SQL*Plus: Release 12.1.0.2.0 Production on Wed Aug 1 16:02:25 2018
Copyright (c) 1982, 2014, Oracle. All rights reserved.
Connected to:
Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options
SQL> SELECT USERNAME,ACCOUNT_STATUS FROM DBA_USERS WHERE USERNAME LIKE 'cg%';
USERNAME
--------------------------------------------------------------------------------
ACCOUNT_STATUS
--------------------------------
CGMSDBA
OPEN
CGMS_DEV
EXPIRED
解決方案
步驟1.使用SSH登入到IoT-FND伺服器。
步驟2.停止FND服務。
[root@IoT-FND-SRV]$ service cgms stop
註:如果不停止IoT-FND服務,FND將嘗試使用舊密碼連線到資料庫,帳戶將被阻止,直到您完成此過程。
步驟3.使用SSH登入Oracle伺服器。
步驟4.切換到oracle system user:
[root@IoT-FND-Oracle]$ su - oracle
[oracle@IoT-FND-Oracle]$
步驟5.以sysdba使用者身份連線到Oracle資料庫的根例項:
[oracle@IoT-FND-Oracle]$ sqlplus / as sysdba
SQL*Plus: Release 12.1.0.2.0 Production on Wed Aug 1 16:19:23 2018
Copyright (c) 1982, 2014, Oracle. All rights reserved.
Connected to:
Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options
SQL>
步驟6.將password_life_limit設定修改為無限制:
sql> ALTER PROFILE DEFAULT LIMIT PASSWORD_LIFE_TIME UNLIMITED;
Profile altered.
步驟7.檢查哪些帳戶的密碼已過期。
SQL> SELECT USERNAME,ACCOUNT_STATUS FROM DBA_USERS WHERE ACCOUNT_STATUS='EXPIRED';
USERNAME
--------------------------------------------------------------------------------
ACCOUNT_STATUS
--------------------------------
CGMSDBA
OPEN
CGMS_DEV
EXPIRED
步驟8.設定CGMS_DEV使用者的密碼:
sql> ALTER USER CGMS_DEV IDENTIFIED BY
;
User altered.
注意:如果您知道舊密碼,可以重複使用。如果不是,則您需要在IoT-FND伺服器上運行cgmsSetup.sh指令碼來修改FND中設定的資料庫密碼。
步驟9.解鎖CGMS_DEV使用者帳戶:
SQL> ALTER USER CGMS_DEV ACCOUNT UNLOCK;
User altered.
步驟10.驗證CGMS_使用者的帳戶狀態:
SQL> SELECT USERNAME,ACCOUNT_STATUS FROM DBA_USERS WHERE USERNAME LIKE 'cg%';
USERNAME
--------------------------------------------------------------------------------
ACCOUNT_STATUS
--------------------------------
CGMSDBA
OPEN
CGMS_DEV
OPEN
步驟11.使用SSH登入到IoT-FND伺服器。
步驟12.啟動/opt/cgms/bin/setupCgms.sh 指令碼更改資料庫密碼設定。保留所有其他設定及其預設值:
[root@IoT-FND-SRV]# /opt/cgms/bin/setupCgms.sh
08-01-2018 16:40:43 CEST: INFO: ========== IoT-FND Setup Started - 2018-08-01-16-40-43 ==========
08-01-2018 16:40:43 CEST: INFO: Log file: /opt/cgms/bin/../server/cgms/log/cgms_setup.log
Are you sure you want to setup IoT-FND (y/n)? y
08-01-2018 16:40:46 CEST: INFO: User response: y
Do you want to change the database settings (y/n)? y
08-01-2018 16:40:54 CEST: INFO: User response: y
Enter database server hostname or IP [XX.XX.XX.XX]:
08-01-2018 16:40:55 CEST: INFO: Database server: XX.XX.XX.XX
Enter database server port [1522]:
08-01-2018 16:40:57 CEST: INFO: Database server port: 1522
Enter database SID [cgms]:
08-01-2018 16:40:59 CEST: INFO: Database SID: cgms
Do you wish to configure another database server for this IoT-FND ? (y/n)? n
08-01-2018 16:41:02 CEST: INFO: User response: n
08-01-2018 16:41:02 CEST: INFO: Configuring database settings. This may take a while. Please wait ...
08-01-2018 16:41:03 CEST: INFO: Database settings configured.
Do you want to change the database password (y/n)? y
08-01-2018 16:41:06 CEST: INFO: User response: y
Enter database password:
Re-enter database password:
08-01-2018 16:41:10 CEST: INFO: Configuring database password. This may take a while. Please wait ...
08-01-2018 16:41:13 CEST: INFO: Database password configured.
Do you want to change the keystore password (y/n)? n
08-01-2018 16:41:16 CEST: INFO: User response: n
Do you want to change the web application 'root' user password (y/n)? n
08-01-2018 16:41:19 CEST: INFO: User response: n
Do you want to change the FTP settings (y/n)? n
08-01-2018 16:41:22 CEST: INFO: User response: n
Do you want to change router CGDM protocol settings (y/n)? n
08-01-2018 16:41:24 CEST: INFO: User response: n
Do you want to change log file settings)? (y/n)? n
08-01-2018 16:41:25 CEST: INFO: User response: n
08-01-2018 16:41:25 CEST: INFO: ========== IoT-FND Setup Completed Successfully ==========
步驟13.驗證資料庫連線:
[root@IoT-FND-SRV ~]# service cgms status
IoT-FND Version X.X.X-XXX
08-01-2018 16:46:14 CEST: INFO: IoT-FND database server: XX.XX.XX.XX
08-01-2018 16:46:15 CEST: INFO: IoT-FND database connection verified.
08-01-2018 16:46:15 CEST: ERROR: IoT-FND application server is not running.
步驟14.啟動IoT-FND應用程式:
[root@IoT-FND-SRV ~]# service cgms start
步驟15.驗證IoT-FND操作:
[root@IoT-FND-SRV ~]# service cgms status
IoT-FND Version X.X.X-XXX
08-01-2018 16:49:04 CEST: INFO: IoT-FND database server: XX.XX.XX.XX
08-01-2018 16:49:04 CEST: INFO: IoT-FND database connection verified.
08-01-2018 16:49:05 CEST: INFO: IoT-FND application server is up and running.
08-01-2018 16:49:06 CEST: INFO: IoT-FND is up and running.