大家好,这里是公众号 DBA学习之路,致力于分享数据库领域相关知识。
@TOC
前言
今天初八,开工大吉!祝大家新年快乐,发大财!
问题描述
一大早就有个客户找,说有个 Oracle 数据库,修改了 sys 密码,怎么都无法登录,一直报错:
## 修改 sys 密码成功
SQL> alter user sys identified by oracle;
User altered.
## 登录报错
[oracle@lucifer admin]$ sqlplus sys/oracle@lucifer as sysdba
SQL*Plus: Release 11.2.0.4.0 Production on Wed Feb 5 10:19:22 2025
Copyright (c) 1982, 2013, Oracle. All rights reserved.
ERROR:
ORA-01017: invalid username/password; logon denied
使用客户端工具连接报错:
这个问题看起来十分诡异,怎么会修改不了 sys 密码呢?
问题分析与解决
检查一下监听,监听状态是正常的:
[oracle@lucifer admin]$ lsnrctl stat
LSNRCTL for Linux: Version 11.2.0.4.0 - Production on 05-FEB-2025 09:54:25
Copyright (c) 1991, 2013, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1521)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 11.2.0.4.0 - Production
Start Date 05-FEB-2025 09:54:07
Uptime 0 days 0 hr. 0 min. 17 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /u01/app/oracle/product/11.2.0/db/network/admin/listener.ora
Listener Log File /u01/app/oracle/diag/tnslsnr/lucifer/listener/alert/log.xml
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=lucifer)(PORT=1521)))
Services Summary...
Service "lucifer" has 1 instance(s).
Instance "lucifer", status READY, has 1 handler(s) for this service...
Service "luciferXDB" has 1 instance(s).
Instance "lucifer", status READY, has 1 handler(s) for this service...
The command completed successfully
检查一下 sqlnet 配置,没问题:
[oracle@lucifer admin]$ cat sqlnet.ora
# sqlnet.ora Network Configuration File: /u01/app/oracle/product/11.2.0/db/network/admin/sqlnet.ora
# Generated by Oracle configuration tools.
NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)
ADR_BASE = /u01/app/oracle
尝试了一下 tnsping,报错了:
[oracle@lucifer admin]$ tnsping lucifer
TNS Ping Utility for Linux: Version 11.2.0.4.0 - Production on 05-FEB-2025 09:55:37
Copyright (c) 1997, 2013, Oracle. All rights reserved.
Used parameter files:
/u01/app/oracle/product/11.2.0/db/network/admin/sqlnet.ora
TNS-03505: Failed to resolve name
怀疑有可能是 TNS 配置有问题,所以看了下配置:
LUCIFER =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = lucifer)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = lucifer)
)
)
没道理啊,再一看,滑天下之大稽,原来是 TNS 文件名写错了 tnsname.ora:
[oracle@lucifer admin]$ ls
listener.ora samples shrept.lst sqlnet.ora tnsname.ora
这里应该是 tnsnames.ora,少了个 s:
[oracle@lucifer admin]$ mv tnsname.ora tnsnames.ora
心想,这下总该好了吧:
[oracle@lucifer admin]$ tnsping lucifer
TNS Ping Utility for Linux: Version 11.2.0.4.0 - Production on 05-FEB-2025 10:12:46
Copyright (c) 1997, 2013, Oracle. All rights reserved.
Used parameter files:
/u01/app/oracle/product/11.2.0/db/network/admin/sqlnet.ora
Used TNSNAMES adapter to resolve the alias
Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = lucifer)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = lucifer)))
OK (0 msec)
确实 tnsping 没问题了,再次尝试下连接 sys 用户:
[oracle@lucifer admin]$ sqlplus sys/oracle@lucifer as sysdba
SQL*Plus: Release 11.2.0.4.0 Production on Wed Feb 5 10:12:59 2025
Copyright (c) 1982, 2013, Oracle. All rights reserved.
ERROR:
ORA-01017: invalid username/password; logon denied
好家伙,还是报错,这么夸张吗?手动再次修改 sys 密码:
SQL> alter user sys identified by oracle;
User altered.
SQL> alter user system identified by oracle;
User altered.
再次尝试连接:
[oracle@lucifer admin]$ sqlplus sys/oracle@lucifer as sysdba
SQL*Plus: Release 11.2.0.4.0 Production on Wed Feb 5 10:13:25 2025
Copyright (c) 1982, 2013, Oracle. All rights reserved.
ERROR:
ORA-01017: invalid username/password; logon denied
擦,依然报错,试一下 system 用户连接:
[oracle@lucifer admin]$ sqlplus system/oracle@lucifer
SQL*Plus: Release 11.2.0.4.0 Production on Wed Feb 5 10:18:53 2025
Copyright (c) 1982, 2013, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL>
SQL>
啊,那看来就是 sys 用户本身有问题了,再看一下 sys 用户的状态:
SQL> set lines222 pages1000
col username for a25
col account_status for a20
col default_tablespace for a20
col temporary_tablespace for a20
col profile for a20
SELECT username,
account_status,
default_tablespace,
temporary_tablespace,
created,
profile
FROM dba_users
WHERE account_status = 'OPEN'
ORDER BY created;
USERNAME ACCOUNT_STATUS DEFAULT_TABLESPACE TEMPORARY_TABLESPACE CREATED PROFILE
------------------------- -------------------- -------------------- -------------------- ------------------ --------------------
SYSTEM OPEN SYSTEM TEMP 24-AUG-13 DEFAULT
SYS OPEN SYSTEM TEMP 24-AUG-13 DEFAULT
这也没问题啊,那怎么回事呢?看一下是不是密码文件有问题啊?不看不知道,一看吓一跳:
[oracle@lucifer dbs]$ ll
total 16
-rw-rw---- 1 oracle oinstall 1544 Jun 29 2023 hc_lucifer.dat
-rw-r--r--. 1 oracle oinstall 2851 May 15 2009 init.ora
-rw-r----- 1 oracle oinstall 24 Oct 15 2021 lkLUCIFER
-rw-r----- 1 oracle oinstall 3584 Jun 29 2023 spfilelucifer.ora
好家伙,没有密码文件,好吧,怪不得怎么改都没用,手动新建一个密码文件:
[oracle@lucifer dbs]$ orapwd file=orapwlucifer password=oracle
再次尝试连接 sys 用户:
[oracle@lucifer dbs]$ sqlplus sys/oracle@lucifer as sysdba
SQL*Plus: Release 11.2.0.4.0 Production on Wed Feb 5 10:23:17 2025
Copyright (c) 1982, 2013, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL>
SQL>
bingo,可以连了,真坑啊!!!结束。
写在最后
这个问题解决过程虽然比较简单,但是涉及基础知识点也不少,记录分享,以作参考。
📚 推荐阅读:DBA 学习之路
如果这篇文章对你有帮助,推荐访问我的 Oracle DBA 系统学习站点,涵盖 100 天完整学习路线:
- 🔧 Oracle 安装部署 · RMAN 备份恢复 · Data Pump 数据迁移
- 🏗️ RAC 高可用 · DataGuard 容灾 · 多租户架构
- 🔍 故障排查 · 升级迁移 · GoldenGate 数据同步
