EUS Authentication Fails With ORA-28030 (Doc ID 783502.1)

Last updated on AUGUST 05, 2016

Applies to:

Advanced Networking Option - Version 10.2.0.4 and later
Oracle Unified Directory - Version 11.1.2.3.0 to 11.1.2.3.0 [Release 11g]
Information in this document applies to any platform.
***Checked for relevance on 27-Sep-2012***

Symptoms

This note is applying to situations when:
#1. Any EUS authentication attempt fails with ORA-28030 (this can happen for single instance databases as well).
#2. When the database is a RAC database and is started with srvctl, the authentication is failing with: ORA-28030. When the database is started with sqlplus, the authentication works as expected.
Full error:

ORA-28030: Server encountered problems accessing LDAP


The first thing to do is to take a trace file for EUS authentication:

1. alter system set events '28033 trace name context forever, level 9';
2. run the failing connect
3. disable tracing:
alter system set events '28033 trace name context off';


If the problem is the one which is investigated in this note, the trace file should show:

kzld_discover received ldaptype: OID
KZLD_ERR: failed to get cred from wallet
KZLD_ERR: Failed to bind to LDAP server. Err=28032
KZLD_ERR: 28032
KZLD is doing LDAP unbind
KZLD_ERR: found err from kzldini.


KZLD_ERR: failed to get cred from wallet
means that the wallet that is used to authenticate the database to the directory cannot be found.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms