查看账户状态及锁定时间
select username,account_status,lock_date from dba_users where username='READER';
注:oracle数据库默认尝试10次后锁定用户
查询结果如下:
得知,READER用户当前状态为LOCKED,锁定时间是2019-12-04 12:53:33
解锁当前账户
alter user READER account unlock;
解锁完,再次查询账户状态为OPEN:
查看造成READER账户被锁定的IP
获取oracle监听日志路径,并查看监听日志在READER账户锁定时间段的内容
cd $ORACLE_HOME
find ./ -name listener.log
tail -n 100 listener.log
通过日志内容,可得知是192.168.0.1的主机在锁定时间段多次登陆失败导致账户被锁
04-DEC-2019 12:53:33
* (CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=tmp)(CID=(PROGRAM=oracleora)(HOST=ora)(USER=apache)))
* (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.0.1)(PORT=1521)) * establish * tmp * 0
04-DEC-2019 12:53:33
* (CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=tmp)(CID=(PROGRAM=oracleora)(HOST=ora)(USER=apache)))
* (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.0.1)(PORT=1521)) * establish * tmp * 0
查看ORACLE数据库允许的失败登陆尝试次数
select * from dba_profiles where resource_name = 'FAILED_LOGIN_ATTEMPTS';
修改失败登陆尝试次数(安全起见,不建议设为UNLIMITED)
alter profile default limit FAILED_LOGIN_ATTEMPTS 30;
alter profile default limit FAILED_LOGIN_ATTEMPTS unlimited;