Learn how to change the password for the "protect" user in the Oracle database for Symantec Data Loss Prevention (DLP).
NOTE:
To avoid an account lock-out, run the DBPasswordChanger utility as soon as possible after the Oracle Data Loss Prevention account password is changed. If a lock-out does occur, see the article: "ORA-28000: the account is locked" for resolution.
Example:
Process Overview:
Detailed steps for 2-4 above:
Changing the database password for the protect account on Oracle:
IMPORTANT: Be sure to follow the guidelines for acceptable passwords in the article: Password guidelines for the Oracle 'protect' user
- Start a sqlplus session:
sqlplus /nolog
- Login as sysdba:
SQL> connect sys as sysdba
(Enter the password when prompted.)
- Change the protect password to potato:
- Verify the password change:
SQL> alter user protect identified by potato;
SQL> conn protect/potato
- Exit sqlplus:
SQL> exit
Changeing the password for the protect account used by the Enforce server:
NOTE: The examples assume a Windows installation; for Linux, substitute the appropriate paths (e.g. /opt/Vontu/Protect/bin)
- Start a command shell and change to the bin directory:
<DLP 15.0 and older> cd \SymantecDLP\Protect\bin
<DLP 15.1 and later> cd "C:\Program Files\Symantec\DataLossPrevention\EnforceServer\15.7\Protect\bin"
- Change the Oracle password in the configuration file:
For version 15.0 and earlier:
The syntax for DBPasswordChanger is:
DBPasswordChanger <PasswordFilePath> <New Oracle Password>
So:
DBPasswordChanger c:\SymantecDLP\protect\config\DatabasePassword.properties potato
For version 15.1 and later:
The syntax for DBPasswordChanger is:
DBPasswordChanger <PasswordFilePath> <New Oracle Password>
So:
DBPasswordChanger "C:\Program Files\Symantec\DataLossPrevention\EnforceServer\15.7\Protect\config\DatabasePassword.properties" potato