A technical troubleshooting blog about Oracle with other Databases & Cloud Technologies.

Password File management in 12C/19C

1 min read

Below are the list of additional privileged user in 12c apart from the privileged user SYSOPER, SYSDBA, SYSASM.

SYSBACKUP : It will be used to perform all backup and recovery related operations either via RMAN or SQL*PLUS.

SYSDG : It is in place to separate the Data Guard related operations from other activities.

SYSKM : It will be responsible for all TDE (Transparent Data Encryption) and Data Vault related administrative operations.

Password File Creation In 12c :

The option to include these new privileges has been added to the orapwd utility.

orapwd file=<fname> password=<password> entries=<users> force=<y/n> sysbackup=<y/n> sysdg=<y/n> syskm=<y/n>
 
Ex: orapwd FILE='$ORACLE_HOME/dbs/orapwinitsid.ora' entries=10 sysbackup=y
 
where
file - name of password file (required),
password - password for SYS (optional),
entries - maximum number of distinct DBA (required),
force - whether to overwrite existing file (optional),
ignorecase - passwords are case-insensitive (optional),
nosysdba - whether to shut out the SYSDBA logon
 
 
Once you re-create the password file, you will have to grant the SYSDBA and SYSOPER privileges to those database users who previously had those privileges.
The dynamic performance view V$PWFILE_USERS lists all the database users who have one of the six available privileges, as shown here:
SQL> select * from v$pwfile_users;