Table of Contents
Advertisement
4.
DOMAIN-READ-ERROR Checklist
If your database cannot read its enterprise domain information in Oracle Internet
Directory, then check the following:
Use the following syntax to view the DN that was used with the CREATE USER
statement:
SELECT EXTERNAL_NAME FROM DBA_USERS WHERE USERNAME='<schema>';
If you are using a shared schema, then check the following:
–
Use Enterprise Security Manager to ensure that you have created a
user-schema mapping either for the entire enterprise domain, or for the
database.
–
If the user-schema mapping is intended to apply to this database (not to the
entire enterprise domain), then check that the database can read its own
entry and subtree in the directory.
To check this, enter the following ldapsearch command for your
database-to-directory connection type:
*
If the database connects to the directory over SSL, then use
ldapsearch -h <directory_host> -p <directory_SSLport> -U 3 -W
"file:<database_wallet_path>" -P <wallet_password> -b "<database_
DN>" "objectclass=*"
where <wallet_password> is the password to the wallet, which
enables you to open or change the wallet.
If the database connects to the directory by using password
*
authentication, then use
ldapsearch -h <directory_host> -p <directory_port> -D <database_DN>
-w <database_directory_password> -b "<database_DN>" "objectclass=*"
where <database_directory_password> is the password in the
database wallet, which is the database's password to Oracle Internet
Directory.
You should see the database entry and the relevant mapping.
–
If the user-schema mapping applies to the entire enterprise domain rather
than to only this individual database, then see
Checklist"
on page 12-35.
Enterprise User Security Configuration Tasks and Troubleshooting 12-35
Troubleshooting Enterprise User Security
"DOMAIN-READ-ERROR
Advertisement
Chapters
Table of Contents
Troubleshooting
Need help?
Do you have a question about the Oracle Database B10772-01 and is the answer not in the manual?