Skip to content

Lock Application Owner Account

To make an IFS Cloud installation more secure you have the option of locking the Application Owner oracle account and the IFS User that acts as the Application Owner. This means that it will not allow you to log on to either SQLPlus or any IFS client as Application Owner. If the Application Owner is not locked it can run almost everything in IFS Cloud. Locking/disabling the Application Owner makes IFS Cloud more secure because you cannot (unless you are SYS or SYSTEM) make changes to standard business logic such as deploying new versions or removing or adding database objects. Furthermore, there is one less important password to keep safe.

To lock the Appowner account, administrators need to lock both the Oracle account and the IFS User Account. Locking Application Owner is an optional step to improve security and this step is not required to run IFS Cloud. Hence there is no support to manage Oracle users from the solution manager.

How to Deactivate the Application Owner IFS Account

Navigate to Solution Manager > Users and Permissions > Users. Select your Application owner and deactivate it. It is not recommended to remove the IFS User equivalent to appowner. Always keep the user deactivated in the production environment.

How to Lock the Application Owner Oracle Account

When you lock Application Owner account you can do it from SQLPlus.


Log on to SQLPlus as SYS and enter the following command:

to Unlock the Application Owner Oracle Account


Log on to SQLPlus as SYS and enter the following command:

Installing, upgrading or patching of IFS Cloud

If you need to install new code, you must perform an upgrade of IFS Cloud or even patch some code that you need to unlock the Application Owner account to be able to complete this task.