Problem:
When connecting from Oracle Client 11g to an 18c DB or higher it throws this error:
ORA-28040: No matching authentication protocol
Analysis:
Starting from 18c SQLNET.ALLOWED_LOGON_VERSION_SERVER parameter is defaulted to 12, which means; if your applications is using Oracle Client 11g to connect to the DB server they will get ORA-28040 unless you set this parameter to 11.
Solution:
Under $ORACLE_HOME/network/admin Set the parameter SQLNET.ALLOWED_LOGON_VERSION_SERVER to 11, in case sqlnet.ora file is not exist under $ORACLE_HOME/network/admin then create it.
[On the Database Server by the oracle user]
Add SQLNET.ALLOWED_LOGON_VERSION_SERVER=11 to sqlnet.ora file:
# vi $ORACLE_HOME/network/admin/sqlnet.ora
SQLNET.ALLOWED_LOGON_VERSION_SERVER=11
Note: Neither restarting the listener nor restarting the DB is required here, the change should take effect immediately once you save the sqlnet.ora file.
Note: sqlnet.ora must be located under $ORACLE_HOME/network/admin, if you want to create a symbolic link of sqlnet.ora under $GRID_HOME/network/admin it's a good idea but not mandatory. sqlnet.ora file must always be located under ORACLE_HOME.
Note: In case your application is connecting to a 12.2 DB or higher from an Oracle Client older than 11.2 e.g. 11.1 or 10g then you must upgrade the Oracle Client to at least 11.2. According to MOS (Doc ID 207303.1) the least compatible Oracle Client version to connect to a 12.2 DB and higher is Oracle Client 11.2.
References:
Client / Server Interoperability Support Matrix for Different Oracle Versions (Doc ID 207303.1)
When connecting from Oracle Client 11g to an 18c DB or higher it throws this error:
ORA-28040: No matching authentication protocol
Analysis:
Starting from 18c SQLNET.ALLOWED_LOGON_VERSION_SERVER parameter is defaulted to 12, which means; if your applications is using Oracle Client 11g to connect to the DB server they will get ORA-28040 unless you set this parameter to 11.
Solution:
Under $ORACLE_HOME/network/admin Set the parameter SQLNET.ALLOWED_LOGON_VERSION_SERVER to 11, in case sqlnet.ora file is not exist under $ORACLE_HOME/network/admin then create it.
[On the Database Server by the oracle user]
Add SQLNET.ALLOWED_LOGON_VERSION_SERVER=11 to sqlnet.ora file:
# vi $ORACLE_HOME/network/admin/sqlnet.ora
SQLNET.ALLOWED_LOGON_VERSION_SERVER=11
Note: Neither restarting the listener nor restarting the DB is required here, the change should take effect immediately once you save the sqlnet.ora file.
Note: sqlnet.ora must be located under $ORACLE_HOME/network/admin, if you want to create a symbolic link of sqlnet.ora under $GRID_HOME/network/admin it's a good idea but not mandatory. sqlnet.ora file must always be located under ORACLE_HOME.
Note: In case your application is connecting to a 12.2 DB or higher from an Oracle Client older than 11.2 e.g. 11.1 or 10g then you must upgrade the Oracle Client to at least 11.2. According to MOS (Doc ID 207303.1) the least compatible Oracle Client version to connect to a 12.2 DB and higher is Oracle Client 11.2.
References:
Client / Server Interoperability Support Matrix for Different Oracle Versions (Doc ID 207303.1)
No comments:
Post a Comment