ORA-12638 When Using Password Authenticated Database Links Between Databases Configured For Kerberos Authentication
(Doc ID 1559760.1)
Last updated on MARCH 07, 2019
Applies to:Advanced Networking Option - Version 18.104.22.168 to 22.214.171.124 [Release 11.2]
Information in this document applies to any platform.
When using a normal password authenticated database link between databases which have been configured to allow Kerberos authentication, then this can fail with ORA-12638.
This applies both where the session using the database link is password authenticated, and also where they are kerberos authenticated.
In the alert.log of the database you will observe errors similar to this:
TNS for Linux: Version 126.96.36.199.0 - Production
Oracle Bequeath NT Protocol Adapter for Linux: Version 188.8.131.52.0 - Production
TCP/IP NT Protocol Adapter for Linux: Version 184.108.40.206.0 - Production
Time: 29-APR-2015 16:56:05
Tracing not turned on.
Tns error struct:
ns main err code: 12638
TNS-12638: Credential retrieval failed
ns secondary err code: 0
nt main err code: 0
nt secondary err code: 0
nt OS err code: 0
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document