User Guide
Troubleshooting Enterprise User Security
12-32 Oracle Database Advanced Security Administrator's Guide
2.
If these values are incorrect, reset the database wallet by using Database
Configuration Assistant.
3. Use the DN and the password returned by mkstore in the following
ldapbind:
ldapbind -h <directory host> -p <non-SSL directory port> -D "<database
DN>" -w <password>
ORA-28302: User does not exist in the LDAP directory service
Action: Check that the user entry is present in the directory.
ORA-# Errors for SSL-Authenticated Enterprise Users
If you receive an ORA-# error while using SSL-authenticated Enterprise User
Security, then locate the error in the following section and take the recommended
action.
ORA-1017: Invalid username/password; login denied
Action: See "USER-SCHEMA ERROR Checklist" on page 12-34
ORA-28030: Problem accessing LDAP directory service
Cause: Indicates a problem with the connection between the database and the
directory.
Action: Check the following:
1. Check that there is a correct wallet_location value in the database's
sqlnet.ora file. If not, then use Oracle Net Manager to enter one.
2. If Domain Name System (DNS) server discovery of Oracle Internet
Directory is not used, check that there is a correct ldap.ora file in $LDAP_
ADMIN, $ORACLE_HOME/ldap/admin, $TNS_ADMIN, or $ORACLE_
HOME/network/admin. (See Oracle Internet Directory Administrator's Guide
for information about DNS server discovery.)
3. Check that the SSL port used (by way of DNS discovery or an ldap.ora
file) supports SSL with two-way authentication.
Note: The mkstore utility is for troubleshooting purposes only.
The name and functionality of this tool may change in the future. In
10g Release 1 (10.1), Oracle supports only the viewEntry mode.










