How do I create an Oracle Stored Procedure to lock user accounts that's not logged onto the database for more than 90 days?
I assumed that I could create a Profile Object and list the Resource Parameters in my database but I am using Oracle 11g and it appears that feature doesn't exist.
This is what I tried so far:
select username from dba_audit_trail
where action_name = 'LOGON'
group by username
having max(timestamp) < sysdate - 90
I also attempted to create a profile attempting to use INACTIVE_ACCOUNT_TIME as my Resource Parameters but it does not exist in Oracle 11g:
CREATE PROFILE time_limit LIMIT
INACTIVE_ACCOUNT_TIME 90;
For 12c it can be:
begin
for x in
(select username
from dba_users
where last_login < sysdate - 90)
loop
execute immediate 'alter user ' || x.username || ' account lock';
end loop;
end;
If you're using 11g you may try your query for loop:
begin
for x in
(select username from dba_audit_trail
where action_name = 'LOGON'
group by username
having max(timestamp) < sysdate - 90)
loop
execute immediate 'alter user ' || x.username || ' account lock';
end loop;
end;