Show TOC

ALTER LOGIN POLICY StatementLocate this document in the navigation structure

Changes existing login policies or configures logical server access.

Quick Links:

Go to Parameters

Go to Examples

Go to Usage

Go to Permissions

Syntax

Syntax 1

ALTER LOGIN POLICY <policy-name> 
   { { ADD | DROP | SET } LOGICAL SERVER ls-assignment-list 
   [ LOGICAL SERVER ls-override-list ])

ls-assignment-list - (back to Syntax 1)
   { { ls-name, ...}  
   | ALL 
   | COORDINATOR 
   | SERVER 
   | NONE 
   | DEFAULT }

ls-override-list - (back to Syntax 1)
   { ls-name, ...}

ls-name - (back to ls-assignment-list) or (back to ls-override-list)
   { OPEN | <user-defined-ls-name> }

Syntax 2

ALTER LOGIN POLICY <policy-name> policy-option

policy-option - (back to Syntax 2)
   policy-option-name = policy-option-value

policy-option-name - (back to policy-option)
  AUTO_UNLOCK_TIME 
   | CHANGE_PASSWORD_DUAL_CONTROL
   | DEFAULT_LOGICAL_SERVER 
   | LOCKED 
   | MAX_CONNECTIONS 
   | MAX_DAYS_SINCE_LOGIN 
   | MAX_FAILED_LOGIN_ATTEMPTS 
   | MAX_NON_DBA_CONNECTIONS
   | PAM_FAILOVER_TO_STD 
   | PAM_SERVICENAME
   | PASSWORD_EXPIRY_ON_NEXT_LOGIN 
   | PASSWORD_GRACE_TIME 
   | PASSWORD_LIFE_TIME 
   | ROOT_AUTO_UNLOCK_TIME 
   | LDAP_PRIMARY_SERVER 
   | LDAP_SECONDARY_SERVER 
   | LDAP_AUTO_FAILBACK_PERIOD 
   | LDAP_FAILOVER_TO_STD 
   | LDAP_REFRESH_DN

policy-option-value - (back to policy-option)
   { UNLIMITED | DEFAULT | <value> }
Parameters

(back to top)

  • policy-name the name of the login policy. Specify root to modify the root login policy.
  • policy-option-value the value assigned to the login policy option. If you specify UNLIMITED, no limits are used. If you specify DEFAULT, the default limits are used. See Login Policy Options and LDAP Login Policy Options for supported values for each option.
  • policy-option-name the name of the policy option. See Login Policy Options and LDAP Login Policy Options for details about each option.
Applies to
Simplex and multiplex.
Examples

(back to top)

  • Example 1 sets the password_life_time value to UNLIMITED and the max_failed_login_attempts value to 5 in the Test1 login policy:
    ALTER LOGIN POLICY Test1 
password_life_time=UNLIMITED
max_failed_login_attempts=5;
Usage

(back to top)

If you do not specify a policy option, values for this login policy come from the root login policy. New policies do not inherit the MAX_NON_DBA_CONNECTIONS and ROOT_AUTO_UNLOCK_TIME policy options.

All new databases include a root login policy. You can modify the root login policy values, but you cannot delete the policy.

Permissions

(back to top)

Requires the MANAGE ANY LOGIN POLICY system privilege.


In this section: