User-Schema Error Checklist - Oracle Database B10772-01 Administrator's Manual

Troubleshooting Enterprise User Security
1.
2.
3.
4.

USER-SCHEMA ERROR Checklist

If your database cannot read the user schema, then check the following:
1.
2.
3.
12-34 Oracle Database Advanced Security Administrator's Guide
Check that the global role has been created in the database. To create global
roles, use the following syntax:
CREATE ROLE <role_name> IDENTIFIED GLOBALLY;
Use Enterprise Security Manager to check that the global role is included in an
enterprise role in the directory.
Use Enterprise Security Manager to check that the enterprise role is assigned to
the user in the directory.
If these checks are OK, then see the
page 12-35.
If this is an SSL-authenticated enterprise user, then ensure that the correct user
wallet is being used by checking the following:
– There is no WALLET_LOCATION parameter value in the client sqlnet.ora
file, and
The TNS_ADMIN parameter is set properly so that the correct sqlnet.ora
–
file is being used.
Check that the schema was created in the database as a global user by using the
following syntax:
CREATE USER username IDENTIFIED GLOBALLY AS ' ';
or by using the following syntax:
CREATE USER username IDENTIFIED GLOBALLY AS '<DN>';
If the following is true:
– The user schema is an exclusive schema (created with the
CREATE USER username IDENTIFIED GLOBALLY AS '<user_DN>';
syntax), and
– This is an SSL-authenticated user.
Then ensure that the DN in the user wallet matches the DN that was used in the
CREATE USER statement.
Use Oracle Wallet Manager to view the DN in the user wallet.
"DOMAIN-READ-ERROR Checklist" on