The Musings of CrashSensei

Random thoughts caught by the InterWeb

Configure Oracle Enterprise Manager 13c

By crashsensei | January 5, 2018 | 0 Comment

Configure OEM Database

  1. Connect to the database as SYSMAN
  2. Create a more restrictive password verification function
    CREATE OR REPLACE FUNCTION cstm_mgmt_verify_function 
    (username varchar2, 
       password varchar2, 
       old_password varchar2) 
       RETURN boolean IS  
       n boolean; 
       m integer; 
       differ integer; 
       digitcount integer; 
       charcount  integer; 
       punctcount integer; 
       digitarray varchar2(20); 
       punctarray varchar2(25); 
       chararray varchar2(52); 
    BEGIN  
       digitarray:= '0123456789'; 
       chararray:= 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; 
       punctarray:='!"#$%&()''*+,-/:;<=>?_'; 
    --Check if the password is same as the username 
    IF password = username THEN 
       raise_application_error(-20001, 'Password same as user'); 
    END IF; 
    --Check for the minimum length of the password 
    IF length(password) < 20 THEN 
       raise_application_error(-20002, 'Password length less than 20'); 
    END IF; 
    --Check if the password contains at least three letters,
    --three digits and three punctuation mark. 
    --1. Check for the digits 
    digitcount:=0; 
    m := length(password); 
    FOR i IN 1..10 LOOP  
      FOR j IN 1..m LOOP  
        IF substr(password,j,1) = substr(digitarray,i,1) THEN 
          digitcount := digitcount + 1; 
          IF digitcount > 2 THEN
            GOTO findchar;
          END IF;
        END IF; 
       END LOOP; 
    END LOOP; 
    IF digitcount < 3 THEN 
      raise_application_error(-20003, 'Password should contain at least three digits, three characters and three punctuation marks'); 
    END IF;
    --2. Check for the character 
    <<findchar>> 
    charcount:=0; 
    FOR i IN 1..length(chararray) LOOP  
      FOR j IN 1..m LOOP  
        IF substr(password,j,1) = substr(chararray,i,1) THEN 
           charcount:= charcount+ 1; 
           IF charcount > 2 THEN
             GOTO findpunct; 
           END IF;
        END IF;	   
      END LOOP; 
    END LOOP; 
    IF charcount < 3 THEN 
      raise_application_error(-20003, 'Password should contain at least three digits, three characters and three punctuation marks'); 
    END IF; 
    --3. Check for the punctuation 
    <<findpunct>> 
    punctcount:=0; 
    FOR i IN 1..length(punctarray) LOOP  
      FOR j IN 1..m LOOP  
        IF substr(password,j,1) = substr(punctarray,i,1) THEN 
           punctcount := punctcount + 1; 
           IF punctcount > 2 THEN
             GOTO endsearch; 
           END IF;
      END IF;
      END LOOP; 
    END LOOP; 
    IF punctcount < 3 THEN 
      raise_application_error(-20003, 'Password should contain at least three digits, three characters and three punctuation marks');
    END IF; 
    <<endsearch>> 
    --Check if the password differs from the previous password by at least 5 letters 
    IF old_password = '' THEN 
      raise_application_error(-20004, 'Note: Old password is null');
    END IF; 
    --Everything is fine; return TRUE ;    
    differ := length(old_password) - length(password); 
    IF abs(differ) < 5 THEN 
      IF length(password) < length(old_password) THEN 
        m := length(password); 
      ELSE 
        m:= length(old_password); 
      END IF; 
      differ := abs(differ); 
      FOR i IN 1..m LOOP 
        IF substr(password,i,1) != substr(old_password,i,1) THEN 
                 differ := differ + 1; 
        END IF; 
      END LOOP; 
      IF differ < 5 THEN 
        raise_application_error(-20004, 'Password should differ by at least 5 characters'); 
        END IF; 
      END IF; 
    --Everything is fine return TRUE;    
      RETURN(TRUE);
    END;
    /
  3. Create a new password profile to keep key operation accounts from expiring
    CREATE PROFILE cstm_mgmt_profile LIMIT
       FAILED_LOGIN_ATTEMPTS UNLIMITED
       PASSWORD_LIFE_TIME UNLIMITED
       PASSWORD_REUSE_TIME UNLIMITED
       PASSWORD_REUSE_MAX UNLIMITED
       PASSWORD_VERIFY_FUNCTION cstm_mgmt_verify_function
       PASSWORD_LOCK_TIME UNLIMITED
       PASSWORD_GRACE_TIME UNLIMITED;
  4. Assign accounts to new profile
    ALTER USER sys PROFILE cstm_mgmt_profile;
    ALTER USER system PROFILE cstm_mgmt_profile;
    ALTER USER dbsnmp PROFILE cstm_mgmt_profile;
  5. Enable the dbsnmp account
    ALTER USER dbsnmp IDENTIFIED BY "<newPassword>";
    ALTER USER dbsnmp ACCOUNT UNLOCK;

Initial Web Config

  1. Browse to the login page https://<server-name>:7301/em/
  2. Login using the SYSMAN credentials
  3. Enable any accessibility options needed then click Save and Continue
  4. Click I Accept
  5. On the OEM welcome page choose your preferred home page. Both Summary and Databases are good options.
  6. Add the OEMREPO database to Enterprise Manager
    1. Under the setup menu choose Add Target >> Auto Discovery Results
    2. Highlight oemrepo and then click Promote
    3. Select oemrepo database and then enter the dbsnmp password
    4. Select the listener and then click Next
    5. Click Save and wait for the process to complete
    6. Click close
TAGS

0 Comments