My Oracle Support Banner

EUS Authentication Fails With ORA-28030 (Doc ID 783502.1)

Last updated on NOVEMBER 21, 2017

Applies to:

Advanced Networking Option - Version and later
Oracle Unified Directory - Version to [Release 11g]
Information in this document applies to any platform.
***Checked for relevance on 27-Sep-2012***


This note is applying to situations when:
#1. Any EUS authentication attempt fails with ORA-28030 (this can happen for single instance databases as well).
#2. When the database is a RAC database and is started with srvctl, the authentication is failing with: ORA-28030. When the database is started with sqlplus, the authentication works as expected.
Full error:

ORA-28030: Server encountered problems accessing LDAP

The first thing to do is to take a trace file for EUS authentication:

1. alter system set events '28033 trace name context forever, level 9';
2. run the failing connect
3. disable tracing:
alter system set events '28033 trace name context off';

If the problem is the one which is investigated in this note, the trace file should show:

kzld_discover received ldaptype: OID
KZLD_ERR: failed to get cred from wallet
KZLD_ERR: Failed to bind to LDAP server. Err=28032
KZLD_ERR: 28032
KZLD is doing LDAP unbind
KZLD_ERR: found err from kzldini.

KZLD_ERR: failed to get cred from wallet
means that the wallet that is used to authenticate the database to the directory cannot be found.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.