Username with failed login

Links

Frequent Oracle Errors

•	TNS:could not resolve the connect identifier specified
•	Backtrace message unwound by exceptions
•	invalid identifier
•	PL/SQL compilation error
•	internal error
•	missing expression
•	table or view does not exist
•	end-of-file on communication channel
•	TNS:listener unknown in connect descriptor
•	insufficient privileges
•	PL/SQL: numeric or value error string
•	TNS:protocol adapter error
•	ORACLE not available
•	target host or object does not exist
•	invalid number
•	unable to allocate string bytes of shared memory
•	resource busy and acquire with NOWAIT specified
•	error occurred at recursive SQL level string
•	ORACLE initialization or shutdown in progress
•	archiver error. Connect internal only, until freed
•	snapshot too old
•	unable to extend temp segment by string in tablespace
•	Credential retrieval failed
•	missing or invalid option
•	invalid username/password; logon denied
•	unable to create INITIAL extent for segment
•	out of process memory when trying to allocate string bytes
•	shared memory realm does not exist
•	cannot insert NULL
•	TNS:unable to connect to destination
•	remote database not found'>ora-02019
•	exception encountered: core dump
•	inconsistent datatypes
•	no data found
•	TNS:operation timed out
•	PL/SQL: could not find program
•	existing state of packages has been discarded
•	maximum number of processes exceeded
•	error signaled in parallel query server
•	ORACLE instance terminated. Disconnection forced
•	TNS:packet writer failure
•	see ORA-12699
•	missing right parenthesis
•	name is already used by an existing object
•	cannot identify/lock data file
•	invalid file operation
•	quoted string not properly terminated

Username with failed login

Username with failed login

2005-08-15 - By Paul Drake

Reply: 1 2 3 4 5 6

On 8/15/05, Mike Schmitt <mschmitt@(protected)> wrote:
>
> Hi All,
>
> I am trying to catch failed login attempts by using an after servererror
> database trigger. We would like to be able to catch the username that is
> being provided with these attempts, but so far I haven't had any luck.
>
> Is is possible to capture the name that was provided as part of the logon
> attempt and record that information, or do we have to use a different
> method?
>
> The edited trigger/proc we are using look like the following (We are using
> 9.2.0.4):
>
>

Mike,

Instead of coding this by hand, why not just leverage the provided
functionality?

SQL> show parameter audit_trail

NAME TYPE VALUE
-- ---- ---- ---- ---- ---- ---- --- -- ---- --- -- ---- ---- ---- ---- ---- --
audit_trail string TRUE

SQL> audit session whenever not successful;

Audit succeeded.

SQL> connect notauser/notmypass@(protected)
ERROR:
ORA-01017 (See ORA-01017.ora-code.com): invalid username/password; logon denied

Warning: You are no longer connected to ORACLE.

after reconnecting with a prvileged account:

1 select username, userhost, returncode
2 from dba_audit_session
3 where timestamp>sysdate-1/24
4* and username='NOTAUSER'
SQL> /

USERNAME USERHOST RETURNCODE
-- ---- ---- -- -- ---- ---- ---- ---- ---- -- -- ---- --
NOTAUSER MYDOMAIN\MYDESKTOP 1017

hth.

Pd
--
http://www.freelists.org/webpage/oracle-l