DOYENSYS Knowledge Portal




We Welcome you to visit our DOYENSYS KNOWLEDGE PORTAL : Doyensys Knowledge Portal




Friday, June 22, 2018

How to Troubleshoot an ORA-28030 Error while accessing LDAP.



ORA-28030: Server encountered problems accessing LDAP directory service.
Cause: Unable to access LDAP directory service.
Action: Please contact your system administrator.

There are many reasons for causing this error when you are trying to login to the database with your oracle internet directory (OID) authentication. The error sample is shown as below:

    SQL> conn schema@dbtest
    Enter password:
    ERROR:
    ORA-28030: Server encountered problems accessing LDAP directory service

    Warning: You are no longer connected to ORACLE.

Here how I usually troubleshoot this kind of issue. Two examples.

First of all, you need to enable the trace to dump the actual errors in the database:

    SQL> alter system set events '28033 trace name context forever, level 9';
Second, regenerate the error:
    SQL> conn schema@dbtest
    Enter password:
    ERROR:
    ORA-28030: Server encountered problems accessing LDAP directory service
Third, disable the trace:
    SQL> alter system set events '28033 trace name context off';
After checking the trace files, I found errors. This is related to the OID server lnx-ldap DNS configuration. Check /etc/hosts or DNS to make sure the OID server lnx-ldap or the port 3131 is reachable.
    
    KZLD_ERR: failed to open connection to lnx-ldap:3131
    KZLD_ERR: 28030
    KZLD_ERR: failed from kzldob_open_bind.

Or you may see the error like this, this is because the wallet files were corrupted, you need to recreate the wallet, and make sure the wallet path is defined properly:

    kzld_discover received ldaptype: OID
    KZLD_ERR: failed to get cred from wallet
    KZLD_ERR: Failed to bind to LDAP server. Err=28032
    KZLD_ERR: 28032
    KZLD is doing LDAP unbind
    KZLD_ERR: found err from kzldini.

No comments: