Ora-# Errors For Ssl-Authenticated Enterprise Users - Oracle Database B10772-01 Administrator's Manual

Troubleshooting Enterprise User Security
ORA-28302: User does not exist in the LDAP directory service

ORA-# Errors for SSL-Authenticated Enterprise Users

If you receive an ORA-# error while using SSL-authenticated Enterprise User
Security, then locate the error in the following section and take the recommended
action.
ORA-1017: Invalid username/password; login denied
ORA-28030: Problem accessing LDAP directory service
12-32 Oracle Database Advanced Security Administrator's Guide
If these values are incorrect, reset the database wallet by using Database
2.
Configuration Assistant.
Use the DN and the password returned by mkstore in the following
3.
ldapbind:
ldapbind -h <directory host> -p <non-SSL directory port> -D "<database
DN>" -w <password>
The mkstore utility is for troubleshooting purposes only.
Note:
The name and functionality of this tool may change in the future. In
10g Release 1 (10.1), Oracle supports only the viewEntry mode.
Action: Check that the user entry is present in the directory.
Action: See "USER-SCHEMA ERROR Checklist"
Cause: Indicates a problem with the connection between the database and the
directory.
Action: Check the following:
Check that there is a correct wallet_location value in the database's
1.
sqlnet.ora file. If not, then use Oracle Net Manager to enter one.
If Domain Name System (DNS) server discovery of Oracle Internet
2.
Directory is not used, check that there is a correct ldap.ora file in $LDAP_
ADMIN, $ORACLE_HOME/ldap/admin, $TNS_ADMIN, or $ORACLE_
HOME/network/admin. (See Oracle Internet Directory Administrator's Guide
for information about DNS server discovery.)
Check that the SSL port used (by way of DNS discovery or an ldap.ora
3.
file) supports SSL with two-way authentication.
on page 12-34