EUS With Server Chaining to AD Fails With ORA-28293: No matched Kerberos Principal found in any user entry (Doc ID 1169323.1)

Last updated on SEPTEMBER 10, 2019

Applies to:

Advanced Networking Option - Version 10.2.0.1 and later
Oracle Internet Directory - Version 11.1.1 and later
Information in this document applies to any platform.

Symptoms

Enterprise User Security (EUS) with Kerberos Authentication and Server Chaining of OID to Active Directory.

The following error is received when trying to authenticate to EUS as an AD user via Server Chaining:
ERROR:
ORA-28293: No matched Kerberos Principal found in any user entry

It has been verified that EUS Kerberos authentication IS working for a native OID user (without Server Chaining)
It has been verified that Server Chaining IS working and that user accounts can be located using attribute krbPrincipalName as the search filter.

Changes

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

EUS With Server Chaining to AD Fails With ORA-28293: No matched Kerberos Principal found in any user entry (Doc ID 1169323.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!