18c Active Directory Password Authentication Fails With ORA-28276 for Client Connections Below 12c
(Doc ID 2472256.1)
Last updated on FEBRUARY 16, 2021
Applies to:Oracle Database - Enterprise Edition - Version 220.127.116.11.0 and later
JDBC - Version 18.104.22.168 to 22.214.171.124.0 [Release 11.1 to 12.1]
Information in this document applies to any platform.
Version 18c of the database introduces the ability to authenticate incoming connections using Active Directory without EUS (Enterprise User Security) or some other intermediate directory service, as discussed here in the following documentation:
Release 18 Security Guide
Chapter 5: Configuring Centrally Managed Users with Microsoft Active Directory
Section: About Configuring Password Authentication for Centrally Managed Users
There are 3 authentication methods that can be configured: Password authentication; Kerberos authentication; or SSL authentication.
When using password authentication, 126.96.36.199 client connections, such as the 188.8.131.52 JDBC driver, is able to connect to the 18.x database.
However, when connecting using an older client connection, such as 184.108.40.206, the connection fails with the following error:
ORA-28276: Invalid ORACLE password attribute
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document