R12 FND User password lock down

When making your R12 server available on-line you need to protect your FND user password.

This assumes that you have ONLY opened port 8000 for APPS login access.

For any other access I can only recommend to use VPN as a full OEL and RDBMS lock down is very complex.

I used the following script (use at your own risk):

begin
    /* lock ALL seeded accounts first */
    update fnd_user set end_date=sysdate;
    commit;
    /* then unlock the necessary ones */
    update fnd_user set end_date=null where user_name in (
        ‘ANONYMOUS’,
        ‘APPSMGR’,
        ‘AUTOINSTALL’,
        ‘CONCURRENT MANAGER’,
        ‘FEEDER SYSTEM’,
        ‘GUEST’, /* NEVER touch this account as this enables APPS login */
        ‘INITIAL SETUP’,
        ‘ORACLE’, /* my demo account */ 
        ‘SYSADMIN’
    );
    commit;
    /* set password – but NOT for GUEST */
    fnd_user_pkg.updateuser(‘ANONYMOUS’,null,’password’);
    fnd_user_pkg.updateuser(‘APPSMGR’,null,’password’);
    fnd_user_pkg.updateuser(‘AUTOINSTALL’,null,’password’);
    fnd_user_pkg.updateuser(‘CONCURRENT MANAGER’,null,’password’);
    fnd_user_pkg.updateuser(‘FEEDER SYSTEM’,null,’password’);
    fnd_user_pkg.updateuser(‘INITIAL SETUP’,null,’password’);
    fnd_user_pkg.updateuser(‘SYSADMIN’,null,’password’);
    fnd_user_pkg.updateuser(‘ORACLE’,null,’password’);
    commit;
end;
/
exit;

Note: Do NOT to touch the GUEST user.