Configuring parameters in ccsoraenv.dat file

After you install the Security Content Update (SCU 2017-3), run the Agent Content Update (ACU) job on your Oracle agent computers. After the ACU, a sample
ccsoraenv.dat
configuration parameter file is available on each agent at the following location:
<Agent installation directory>\ESM\bin\dcmodules\Control\Oracle
This file contains the parameters that are used in Oracle credential management after you enable the feature. You must modify these agent-specific password configuration settings to use the Oracle credential management feature as per your requirements.
Before you edit the
ccsoraenv.dat
file, consider the following points:
  • If the line begins with #, it is treated as a comment.
  • If you do not configure a parameter, the default value of the parameter is used.
  • If an invalid parameter value is specified, the default value of the parameter is used.
  • The password is created based on the values that you define in the
    ccsoraenv.dat
    file. The default values are used if the file or its entries are not present.
  • If the password change fails, the failure details are logged in the CCS error logs. In this case, data collection fails.
The parameters in the
ccsoraenv.dat
file and their details are listed in the following table:
Parameters in ccsoraenv.dat file
Parameter
Description
Parameter Values
Example
MANAGEORAUSER​PASSWORD
Use this parameter to enable the automated credential management for the Oracle user accounts that are created in the Oracle database. This parameter manages passwords only for the accounts that are explicitly configured with the respective Oracle databases. After you enable this parameter, the password of the pre-created configured account changes depending on the value that you set for the PassChangedPeriod parameter.
By default, this parameter is set to 0.
To enable, set the parameter to 1.
Minimum value: 0
Maximum value: 1
config MANAGEORAUSER PASSWORD 1
PassChangedPeriod
Use this parameter to specify the day on which the Oracle password is auto-regenerated by CCS agent. The value of this parameter is the number of days before the Oracle password expiry date. For example, if the value of this parameter is 5, and if Oracle password is set to expire on 10 January, CCS will change the Oracle password on 6 January.
If the Oracle user password is already expired, it cannot be auto-regenerated and data collection fails. In this case, you must manually reset the expired password.
By default, the parameter is set to 35. Set the parameter as per the password policy of your organization.
config PassChangedPeriod 22
PassSpecString
Define this parameter with the set of permissible special characters that you want CCS agent to use while generating passwords for the configured Oracle user account.
You must mention the special characters as per the password policy of your organization. The following special characters are defined by default:
  • underscore (_)
  • plus (+)
  • hyphen (-)
  • equal to (=)
  • brackets [<>, ()]
  • question mark (?)
  • asterisk (*)
  • percent (%)
  • hash (#)
  • exclamation mark (!)
config PassSpecString _+-=<>?()*%#!
PasswordLength
Use this parameter to define the minimum length of Oracle user passwords that are managed by CCS agent.
By default, the minimum password length is 12. Set the parameter as per the password policy of your organization.
Minimum value: 8
Maximum value: 127
Default value: 12
config PasswordLength 13