My Oracle Support Banner

Enterprise Users with Exclusive Schemas Get ORA-1017 Errors When Connecting to the Database (Doc ID 359986.1)

Last updated on FEBRUARY 25, 2020

Applies to:

Advanced Networking Option - Version to 11.2
Information in this document applies to any platform.
Checked for relevance on 26-Sep-2013


Exclusive schemas created in the database for an enterprise user must exactly match their respective user DN in OID. When ODM (Oracle Directory Manager) is used to view the user DN of an enterprise user stored in the "cn=Users" container, it will display an uppercase U as the first character of "cn=Users".

A user entry as viewed by ODM may look like this:

If this user DN syntax is used to create the exclusive schema for enterprise users*, those users may not be unable to connect and will get an ORA-1017 error. This issue can occur no matter what is the LDAP Server used for EUS ( OVD, OID, OUD).

* Note: While this problem is being reported for the AIX platform, it does not seem to pose a problem on other platforms.


Typically a trace obtained with event 28033 will look like this :




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.