Manualshelf

User's Manual

ManualsBrandsOracle ManualsNetwork RouterOracle Database B10772-01
341342343344345346347348349350
Troubleshooting Enterprise User Security
12-30 Oracle Database Advanced Security Administrator's Guide
Cause: Indicates a problem with the connection between the database and the
directory.
Action: See the actions listed for resolving "ORA-28030: Problem accessing
LDAP directory service" on page 12-26 in the troubleshooting section for
password-authenticated enterprise users.
ORA-28271: No permission to read user entry in LDAP directory service
Action: See the actions listed for resolving "ORA-28271: No permission to read
user entry in LDAP directory service" on page 12-27 in the troubleshooting
section for password-authenticated enterprise users.
ORA-28292: No domain policy registered for Kerberos-based authentication
Action: Perform the following actions:
1. Use Enterprise Security Manager to set the user authentication policy for
this enterprise domain to KERBEROS or ALL.
2. See "DOMAIN-READ-ERROR Checklist" on page 12-35
ORA-28290: Multiple entries found for the same Kerberos principal name
Cause: The Kerberos principal name for this user is not unique within the user
search base containing this user.
Action: Use Oracle Internet Directory Self-Service Console to change the
Kerberos principal name, or to change the other copies so that it is unique.
ORA-28291: No Kerberos principal value found
Action: Check the following:
1. Check that the user entry in the directory has the krbprincipalname
attribute.
If it does not have the krbprincipalname attribute, then check the
following:
Check that the default attributes for new user creation by using Oracle
Internet Directory Self-Service Console include krbprincipalname,
and then
Use Enterprise Security Manager Console or Oracle Internet Directory
Self-Service Console to create the user again, or
Add the orclcommonattributes object class.