User's Manual
Troubleshooting Enterprise User Security
12-26 Oracle Database Advanced Security Administrator's Guide
Troubleshooting Enterprise User Security
This section describes potential problems and associated corrective actions in the
following topics:
■ ORA-# Errors for Password-Authenticated Enterprise Users
■ ORA-# Errors for Kerberos-Authenticated Enterprise Users
■ ORA-# Errors for SSL-Authenticated Enterprise Users
■ NO-GLOBAL-ROLES Checklist
■ USER-SCHEMA ERROR Checklist
■ DOMAIN-READ-ERROR Checklist
ORA-# Errors for Password-Authenticated Enterprise Users
If you receive an ORA-# error while using password-authenticated Enterprise User
Security, then locate the error in the following section and take the recommended
action.
ORA-1017: Invalid username/password; login denied
Action: See "USER-SCHEMA ERROR Checklist" on page 12-34
ORA-28030: Problem accessing LDAP directory service
Cause: Indicates a problem with the connection between the database and the
directory.
Action: Check the following:
1. Check that there is a correct wallet_location value in the database's
sqlnet.ora file. If not, then use Oracle Net Manager to enter one.
2. If Domain Name System (DNS) server discovery of Oracle Internet
Directory is not used, check that there is a correct ldap.ora file in $LDAP_
ADMIN, $ORACLE_HOME/ldap/admin, $TNS_ADMIN, or $ORACLE_
HOME/network/admin. (See Oracle Internet Directory Administrator's Guide
for information about DNS server discovery.)
3. Check that the SSL port used (by way of either DNS discovery or an
ldap.ora file) supports SSL with no authentication.
4. Check that the LDAP_DIRECTORY_ACCESS parameter is set to PASSWORD
in the database initialization parameters file.