FNDCPASS Utlity in R12.2

Changing passwords frequently helps ensure database security, Oracle Applications provides a command line utility, FNDCPASS, to change/reset Oracle Applications schema passwords. This utility changes the password registered in Oracle Applications tables, changes the schema password in the database and can also change user passwords.

Key Considerations:

  1. Autoconfig Requirement:
    After changing the APPLSYSPUB or GUEST user passwords, need to run the autoconfig.

  2. Pre-Change Preparations:

    • Shutdown Applications: Before changing the APPS password, make sure to shut down the application.
    • Backup Critical Tables: Perform a backup of the FND_USER and FND_ORACLE_USER_ID tables. If anything goes wrong during the password change process, you can restore these tables to revert to the previous state.
  1. Restrictions:

    • The system and sys user passwords cannot be changed using the FNDCPASS utility.
    • Users not registered in the FND metadata tables cannot be modified using this utility.
Syntax:

1. FNDCPASS  apps/apps 0 Y  system/manager  SYSTEM  APPLSYS WELCOME
2. FNDCPASS  apps/apps 0 Y  system/manager  ORACLE  GL      GL1
3. FNDCPASS  apps/apps 0 Y  system/manager  USER     VISION  WELCOME
4. FNDCPASS  apps/apps 0 Y  system/manager ALLORACLE
  
Note:

The SYSTEM token is used when changing the APPLSYS password.

The ORACLE token is used when changing a SINGLE Applications schema password.

The ALLORACLE token is used when changing ALL Applications schema passwords.

The USER token is used when changing an Applications USER password.


1. Changing Apps/Applsys password


FNDCPASS  apps/apps 0 Y  system/manager  SYSTEM  APPLSYS WELCOME


User: APPLSYS  
Password : cloneapps

What will happen in FNDCPASS Command changing in Apps Password:

Steps and Impacts of Changing the APPS Password:

  1. Shutdown the Application Tier Services:
    Before initiating the apps password change, it's essential to shut down the application tier services.

  2. Validation of the APPLSYS Schema:
    The utility will validate the APPLSYS schema, ensuring that everything is in order before proceeding with the password change.

  3. Re-registering the Password in Oracle Applications:
    Once the password is changed, it is re-registered within the Oracle Applications, ensuring that all components recognize the new credentials.

  4. Re-encryption of Passwords in Critical Tables:

    • The FND_USER table, which stores user passwords, will have all its passwords re-encrypted.
    • Similarly, all passwords in the FND_ORACLE_USER_ID table will also be re-encrypted.
  5. Updating Passwords in the FND_ORACLE_USER_ID Table:

    • The APPLSYS password is updated in the FND_ORACLE_USER_ID table.
    • The APPS password is also updated in the same table, ensuring consistency across the database.
  6. Synchronization of APPLSYS, APPS, and APPS_NE Passwords:

    • The APPLSYS and APPS passwords are changed to the same value.
    • The APPLSYS password change automatically updates the APPS and APPS_NE passwords to the same value, ensuring uniformity.
  7. Execution of the ALTER USER Command:
    The ALTER USER command is executed to officially change the Oracle password, reflecting the changes in the database.

  8. Updates in the DBS_USERS Table:
    The changes made are reflected in the DBS_USERS table, updating the password information.

  9. Running Autoconfig:
    After the password change, it is necessary to manually run Autoconfig to apply the changes across the Oracle Applications environment.

  10. Restarting the Application and Updating JDBC Datasource:

    • Start the admin server and update the JDBC datasource with the new password.
    • Once the updates are made, restart the entire application to ensure that the new password is fully integrated.


2.Changing Frontend User Password

FNDCPASS apps/cloneapps 0 Y system/system123 USER sysadmin sysadmin



User: sysadmin Password sysadmin

Once password changed after Run autoconfic in database and application side

Note:

0 & Y are flags for FNDCPASS

0 is request id (request ID 0 is assigned to request ID's which are not submitted via Submit Concurrent Request Form)

'Y' indicates that this method is directly invoked from the command-line and not from the Submit Request Form. 



Comments

  1. I wish to show thanks to you just for bailing me out of this particular trouble. As a result of checking through the net and meeting techniques that were not productive, Same as your blog I found another one Oracle Cloud Applications .Actually I was looking for the same information on internet for Oracle Cloud Applications Consultant and came across your blog. I am impressed by the information that you have on this blog. Thanks once more for all the details.

    ReplyDelete

Post a Comment

Popular posts from this blog

How to troubleshoot long running concurrent request in R12.2

How to run Gather Schema Statistics in R12.2

How to compile forms in R12.2