In another question on OTN forum, someone says that there are multiple (EM12c) users and they can create their own credentials. They ask how to view all of the credentials that exist for all users. A valid answer is already given: An EM administrator, including sysman, cannot view the named credentials owned by other administrators unless an explicit grant is provided.
I logged in as SYSMAN to Enterprise Manager Cloud Control console and checked the named credentials. As you can see, even SYSMAN can only see own credentials. So isnt’t there any way to override this “reasonable limitation”? I say “it’s reasonable”, because in my opinion, even SYSMAN (the Repository Owner) shouldn’t need to see the credentials of others. Anyway my curiosity wins, so I connected to repository Database (using Oracle SQL Developer) and examined tables, and I write the following query to show all named credentials:
SELECT cred_owner, cred_name, target_type, is_public
WHERE cred_owner <> '<SYSTEM>'
ORDER BY cred_owner;
To be able to filter out credentials which are internally created by Enterprise Manager, I added a “where condition” to the query. Here’s the result:
So now you may wonder if it’s possible to get the passwords of these credentials? I’ll write about it on tomorrow 🙂