Configuring parameters in ccsoraenv.dat file
After you install the Security Content Update (SCU 2017-3), run the Agent Content Update (ACU) job on your Oracle agent computers. After the ACU, a sample
ccsoraenv.dat
configuration parameter file is available on each agent at the following location:<Agent installation directory>\ESM\bin\dcmodules\Control\Oracle
This file contains the parameters that are used in Oracle credential management after you enable the feature. You must modify these agent-specific password configuration settings to use the Oracle credential management feature as per your requirements.
Before you edit the
ccsoraenv.dat
file, consider the following points:- If the line begins with #, it is treated as a comment.
- If you do not configure a parameter, the default value of the parameter is used.
- If an invalid parameter value is specified, the default value of the parameter is used.
- The password is created based on the values that you define in theccsoraenv.datfile. The default values are used if the file or its entries are not present.
- If the password change fails, the failure details are logged in the CCS error logs. In this case, data collection fails.
The parameters in the
ccsoraenv.dat
file and their details are listed in the following table:Parameter | Description | Parameter Values | Example |
|---|---|---|---|
MANAGEORAUSERPASSWORD | Use this parameter to enable the automated credential management for the Oracle user accounts that are created in the Oracle database. This parameter manages passwords only for the accounts that are explicitly configured with the respective Oracle databases. After you enable this parameter, the password
of the
pre-created
configured
account
changes
depending
on the value
that you set for the
PassChangedPeriod
parameter. | By default, this parameter is set to 0. To enable, set the parameter to 1. Minimum value: 0 Maximum value: 1 | config
MANAGEORAUSER
PASSWORD
1 |
PassChangedPeriod | Use this parameter to specify the day on which the Oracle password is auto-regenerated by CCS agent. The value of this parameter is the number of days before the Oracle password expiry date. For example, if the value of this parameter is 5, and if Oracle password is set to expire on 10 January, CCS will change the Oracle password on 6 January. If the Oracle user password is already expired, it cannot be auto-regenerated and data collection fails. In this case, you must manually reset the expired password. | By default, the parameter is set to 35. Set the parameter as per the password policy of your organization. | config PassChangedPeriod 22 |
PassSpecString | Define this parameter with the set of permissible special characters that you want CCS agent to use while generating passwords for the configured Oracle user account. | You must mention the special characters as per the password policy of your organization. The following special characters are defined by default:
| config PassSpecString _+-=<>?()*%#! |
PasswordLength | Use this parameter to define the minimum length of Oracle user passwords that are managed by CCS agent. | By default, the minimum password length is 12. Set the parameter as per the password policy of your organization. Minimum value: 8 Maximum value: 127 Default value: 12 | config PasswordLength 13 |