Question: How to create OS password file using the orapwd command in Unix and Windows platforms? What are the arguments ( Values and description) of orapwd command?
1. Log on to the database as an administrative user.
2. Shutdown the database.
3. On Linux/UNIX: cd $ORACLE_HOME/dbs
Windows: cd %ORACLE_HOME%\database
4. Issue the orapwd command:
$ orapwd
Usage: orapwd file=[fname] password=[sys password] entries=[users] force=[y/n] ignorecase=[y/n] nosysdba=[y/n]
where,
file – name of password file (required),
password – password for SYS will be prompted if not specified at command line,
entries – maximum number of distinct DBA (optional),
force – whether to overwrite existing file (optional),
ignorecase – passwords are case-insensitive (optional),
nosysdba – whether to shut out the SYSDBA logon (optional Database Vault only, deprecated in 11.2),
There must be no spaces around the equal-to (=) character.
Comments:
I. On UNIX, the file name MUST be orapw[SID], [SID] being the name of the instance. On Windows, the file name MUST be pwd[SID].ORA.
II. The password MUST be the password for sys.
III. The number of entries is the maximum number of users that will be able to start and stop the database. It is important to remember that if this number is too low and additional users need to be added, passwordfile has to be recreated.
IV. If an old passwordfile exists then you can overwrite it with FORCE=Y or you have to remove it from the current directory before recreating the passwordfile.
V. IGNORECASE is a new parameter introduced in 11g and controls the case sensitivity of the passwords stored in the passwordfile.
VI. The parameter NOSYSDBA was added to the orapwd utility as part of the Database Vault product.
Lets see an example of orapwd command to create a new password file.
$ orapwd file=orapwTEST01 password=geeklab ignorecase=n
The above will create the passwordfile for an instance named TEST01 on Unix with case sensitive passwords. It is useful to mention that the instance name in the passwordfile name is case sensitive and should match in case the actual instance name.
5. Add the below parameter in the pfile of the TEST01 database instance:
REMOTE_LOGIN_PASSWORDFILE=exclusive
6. After all the above has been done, run this statement:
SQL> STARTUP; SQL> select * from v$pwfile_users;
Should this statement return any records, attempt a passwordfile authenticated sysdba connection. Should the connection work, everything is working fine. If the statement returns no records, the database instance must be restarted.