One of these messages appears in Symantec Data Loss Prevention (DLP) Enforce.

• Oracle Protect account locked. 
• Oracle Alert log: “ORA-28000: the account is locked"
• IncidentPersister0.log Or MonitorController0.log: ORA-01017: invalid username/password; logon denied.

Oracle locks the protect user account after too many failed attempts to log in to DLP Enforce. This can occur during installation or when changing a password.

There are two ways to unlock the Oracle database account: 

• From the Oracle Enterprise Manager 
• From the command line using SQL*Plus

Unlock using Oracle Enterprise Manager

1. From the Oracle Enterprise Manager, select Network > Databases > Security > Users. 
2. Edit the protect user, then select the unlocked radio button.

Unlock from the command line using SQL*Plus

1. Load SQL*Plus. 
2. Check what is locked and what is not locked with the following command:
   

   select username,account_status from dba_users;

   Note: Remember to add the semicolon or the command will not execute.
   
   
3. To unlock the [username] (without brackets) account, enter the following command:
   

   alter user [username] account unlock;

4. Rerun step 2 to verify success.