R12 FND User password lock down
When making your R12 server available on-line you need to protect your FND user password.
This assumes that you have ONLY opened port 8000 for APPS login access.
For any other access I can only recommend to use VPN as a full OEL and RDBMS lock down is very complex.
I used the following script (use at your own risk):
begin
/* lock ALL seeded accounts first */
update fnd_user set end_date=sysdate;
commit;
/* then unlock the necessary ones */
update fnd_user set end_date=null where user_name in (
‘ANONYMOUS’,
‘APPSMGR’,
‘AUTOINSTALL’,
‘CONCURRENT MANAGER’,
‘FEEDER SYSTEM’,
‘GUEST’, /* NEVER touch this account as this enables APPS login */
‘INITIAL SETUP’,
‘ORACLE’, /* my demo account */
‘SYSADMIN’
);
commit;
/* set password – but NOT for GUEST */
fnd_user_pkg.updateuser(‘ANONYMOUS’,null,’password’);
fnd_user_pkg.updateuser(‘APPSMGR’,null,’password’);
fnd_user_pkg.updateuser(‘AUTOINSTALL’,null,’password’);
fnd_user_pkg.updateuser(‘CONCURRENT MANAGER’,null,’password’);
fnd_user_pkg.updateuser(‘FEEDER SYSTEM’,null,’password’);
fnd_user_pkg.updateuser(‘INITIAL SETUP’,null,’password’);
fnd_user_pkg.updateuser(‘SYSADMIN’,null,’password’);
fnd_user_pkg.updateuser(‘ORACLE’,null,’password’);
commit;
end;
/
exit;
Note: Do NOT to touch the GUEST user.