Locking unused accounts

[salsabiha]

hi ,
Is there a way to lock the accounts if the user have not used it for some time for example one or two months.

Thanks

[hrishy]

Hi

The user you create should have a password that would expire every two months .
Look up creating users in oracle documentation.

There are otherways but the one above is the simplest

regards
Hrishy

[salsabiha]

Thanks for the input . But ,once the password is expayered the user will be able to change his password during the grace period which will only start after he tryes to login . Please correct me if I am wrong .

My requirment is that a user who has not loged into his account for 2 months will be locked and only the administrator will be able to unlock the account .

[slimdave]

The grace period is optional, I believe.

You might consider a logon trigger to log the last date of logon, and a scheduled job to lock accounts that haven't been used for two months. Maybe there's a more graceful way but I can't think of it.

[jhmartin]

Oracle doesn't track the last login of a given user, you have to put something in for that yourself.

[Bore]

You might consider a logon trigger to log the last date of logon

There is just nothing to add to that post, as Nike says "Just do it"
AGAIN check if grace period is not optional. I belive it is and that's the easiest

Regards
Boris

[kausik_m123]

How bout this idea ...

1. Create a table that shud contain username and last_logon_time .
2. Write a trigger on logon event that will make entry into this table
by select username,logon_time from v$session;

3. Based on specific date range say if sysdate - last_logon_time > 20
alter user account lock.