Enterprise Manager job system enables you to automate database password change for:

• Monitoring database users, using the job Change the Password for the Database Monitoring User.
• Non-monitoring database users, using the job Change the Password for a Database User.
• Automatic Storage Management (ASM) users, using the job Change the Password for the Automatic Storage Management User.

You can schedule the Change the Password for the Database Monitoring User and Change the Password for a Database User jobs on Oracle Database and Cluster Database instances. You can schedule the Change the Password for the Automatic Storage Management User job on Cluster ASM and ASM instances.

These jobs support database users in the primary and standby databases, with SYSDBA and SYSDG privileges except the SYS user itself.

You only have to apply the password change jobs to the primary database. This is because to change the password on the standby database, the job relies on the Oracle Database 12.2 and higher feature of auto-propagating passwords from the primary database to the standby database. Note: It does not support changing monitoring passwords for primary and standby databases with either a far sync or snapshot Standby database.

Here is how the password change jobs works once it is applied to the primary database:

• EM automatically places both primary and standby databases in blackout.
• The password on the primary database is updated.
• Agent monitoring credentials and named credentials are updated.
• In parallel, the password on the standby is updated using the auto-propagating passwords feature.
• Blackouts are stopped on both primary and standby databases.

For more details on password management, see Guidelines for Managing Target Credentials.