23.4.1 Releasing individual users from password-invalid account lock state

Executor: DBA privilege holder

This section explains the procedure for releasing individual users from password-invalid account lock state. You must perform the steps in order they are shown below, beginning with step (1).

Organization of this subsection
(1) Check for users in password-invalid account lock state
(2) Change passwords

(1) Check for users in password-invalid account lock state

Check for users in password-invalid account lock state. An example follows:

Example
Display the authorization identifiers of users in password-invalid account lock state:

SELECT USER_ID
   FROM MASTER.SQL_USERS
     WHERE PWD_LOCK_TIME IS NOT NULL

Execution results

USER_ID
----------
USER1
USER2

Explanation
USER1 and USER2 are listed as being in password-invalid account lock state.
Reference note
If a user is in password-invalid account lock state, the date and time the user was placed in this status are set in the PWD_LOCK_TIME column of the SQL_USERS dictionary table. If a user is not in password-invalid account lock state, the NULL value is set in the PWD_LOCK_TIME column.

(2) Change passwords

Use a GRANT statement to change the password of a user who is in password-invalid account lock state. Examples follow:

Example
Change the password of user USER01 to f51HD7tc:

GRANT CONNECT TO USER01 IDENTIFIED BY "f51HD7tc"