SSO Configuration Assistant Fails During Installation With LDAP: Error 28862: Unknown Error Encountered

(Doc ID 372379.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Application Server Single Sign-On - Version to [Release 10gR2 to 10gR3]
Information in this document applies to any platform.
***Checked for relevance on 05-JAN-2016***


The SSO Configuration Assistant is failing during installation in a distributed 10gAS environment where the Metadata Repository database on Windows platform is behind a firewall and so Shared Server has been configured for the database as per Option 3 in <Note:361284.1> Port 1521 opened in firewall yet cannot connect to Oracle Server (ORA-12535,TNS-12203).

The configtools<timestamp>.log shows:
ACTION by SSOConfigAssistant :
d:\oracle\sso\10.1.2\bin\sqlplus orasso/*****@"cn=orcl,cn=oraclecontext" @d:\oracle\sso\10.1.2\sso\admin\plsql\sso\ssooidd.sql 636 "cn=orcladmin" ***** Y

SQL*Plus: Release - Production on Fri May 19 14:45:56 2006
Copyright (c) 1982, 2005, Oracle. All rights reserved.

SQL> Connected.
SQL> Creating OID entries for SSO
Error code : 1
Error message: User-Defined Exception
LDAP error : 28862: UnKnown Error Encountered

ERROR: deleting application entry
Error code: 1
Error message: User-Defined Exception
ERROR: creating SSO users and groups in OID

PL/SQL procedure successfully completed.

*** Refreshing WWC OID cache....***
ERROR at line 1:
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-06512: at "ORASSO.WWSEC_OID", line 1199
ORA-06512: at "ORASSO.WWSEC_OID", line 1328
ORA-06512: at "ORASSO.WWSEC_OID", line 2498
ORA-06512: at "ORASSO.WWSEC_OID", line 2528
ORA-06512: at "ORASSO.WWSEC_OID", line 1606
ORA-06512: at "ORASSO.WWSEC_OID", line 1755
ORA-06512: at "ORASSO.WWSEC_OID", line 2133

ORA-06512: at line 8

No errors.
Disconnected from Oracle Database 10g Enterprise Edition Release - Production
With the Partitioning, OLAP and Data Mining options


Checks already performed:

The OID non-SSL and SSL ports are open on the firewall.

The range of ports for Shared Server are open on the firewall.

ldapbind to the OID hostname and port listed in the log is successful.

ldapbind, or telnet from the database server to the OID hostname and port is successful.


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms