How to Resolve ORA-28040: No matching authentication protocol with Docker - oracle

Good afternoon, I am trying to run an oracle database with docker, but when I try to connect from the sql developer I get the following error:
ORA-28040: No matching authentication protocol
The question is that I am using the parameters that are specified to be necessary to connect to the database, such as the host ip (10.164.7.203) and port 1521:
Try to apply the solution described here:
https://logic.edchen.org/how-to-resolve-ora-28040-no-matching-authentication-protocol/
but I haven't managed to solve the problem either
The container is lifting normally and I have even done operations with sqlplus and everything is fine

the container DON'T use $ORACLE_HOME/network/admin/sqlnet.ora
you must modify in
/app/oracle/product/12.2.0/dbhome_1/admin/ORCLCDB
SQLNET.ALLOWED_LOGON_VERSION=8

Related

Cannot connect to Oracle database via TCPS

We have an Oracle server set up and are using TCP with SSL as connection. This setup was made with the assistant wizard and we used the default settings pretty much everywhere (which also means that no tnsnames.ora or listener.ora exist). lsnrctl status shows that the correct ports are listening.
We are trying to connect to this database via DBeaver and SQuirrel SQL but cannot get it to work. We have set the vmargs for the programs to contain the certificate of the server (e.g. dbeaver.exe -vmargs -Djavax.net.ssl.trustStore=C:/...keystore.jks -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.trustStoreType=JKS), which works fine.
Connecting to the database with a concrete JDBC URL string (jdbc:oracle:thin:#(DESCRIPTION=(ADDRESS=(PROTOCOL=TCPS)(HOST=IP)(PORT=5500))(CONNECT_DATA=(SERVICE_NAME=testdb)))) does not work and times out after 60 seconds without a proper error (IO Error: Got minus one from a read call). We have tried pretty much everything and cannot get it to work.
The ports are correctly assigned, the database can successfully get accessed with the normal TCP protocol and port 1521.jdbc:oracle:thin:#(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=IP)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=testdb)))
Are we missing steps? There don't seem to be any firewall issues. The certificates seem to be working fine as well, but we cannot connect with any of the programs (or sqlplus via command line).
Anyone know what could be the problem? Thanks!
Can you check out the SSL blog or our OTN page for step-by-step instructions? If you are using TLSv1.2 then the JDK version and JDBC driver versions are very important.
In the end I got it to work. There are various sites online that show you how it's done. I used this one:
https://database.edorex.ch/blog/database-connection-with-a-certificate/
Getting the wallets set up, certificates set up and the user set up in the database were the most important steps. Additionally, I had to separate the server and client machines. The server is now on a VM and it works that way, I couldn't get it to work having both on the same machine.

ORA-12541 TNS :no listener on 1 specific remote database, but not on others

Some context: I'm setting up an environment to run some Ruby code our Lead wrote to connect to some remote Databases. I'm using Win10 and have WSL installed. I have installed SQL*Plus, docker, and Ruby, and am sure I have installed all the dependent gems (actually at this point I know for a fact its not a ruby problem). I'm using Docker to use a pre-built image of an Oracle Database, and I have populated it with data.
Obfuscated company DB information:
'Broken' DB (TNS no listener)
Username: W-WORK-DEV
Password: password
Host: host1
Port: 999
SID: W-WORK-DB.tech.company
'Working' DB (can connect just fine)
Username: C-OLD-DEV
Password: password
Host: host2
Port: 999
SID: C-OLD-DB.tech.company
Please note the names I have provided here are purely for obfuscation, they do not represent anything about age or even config. They are essentially the same, just different databases on different hosts. Also note this is a corporate company and would have a lot of base infrastructure for their internal network.
The issue I am having is that with the specific database I am working on, I cannot connect to it. I connect to the company intranet via a VPN (I work offsite) and have issues connecting to WORK-DB.tech.company, though I can connect to C-OLD-DB.tech.company. Methods I have tried to connect with:
Oracle SQL Developer
I have inputted all the correct jdbc strings and username / password. Have even asked other people to attempt to connect (at least 3 others). They can all access C-OLD-DB as well as W-WORK-DB. When using this method, I get The network adapter could not establish the connection.
Side note: I'm fairly sure I have connected to the DB just fine in the past, though I can't be certain because I'm fairly new to this team and have only accessed it once, if that.
SQL*Plus via WSL
I installed SQL*Plus because I think Ruby was accessing it in some capacity when running the script. I got to the point where the script was able to connect to my local docker Database, but when it tried to connect to the remote database, it would return TNS: no listener. I attempted this using sqlplus as well and got the same error.
Example:
sqlplus C-OLD-DEV/password#host2:999/C-OLD-DB.tech.company
This command works and connected to the DB jsut fine.
sqlplus W-WORK-DEV/password#host1:999/W-WORK-DB.tech.company
This command gave me TNS: no listener.
During my research I had found mentions about tnsnames.ora, sqlnet.ora, and listener.ora. I have found relevant files around the company intranet and attempted to use them in my own personal environment to no avail (one of the sqlnet.ora files actually stopped me from being able to connect to any) I found mention about a config/database.yml file related to ruby, but our code already has the database information set up and I seem to be getting to the same solution as the script when trying to manually connect via sqlplus.
Here are some relevant environment variables I have set up when doing these installs. I'm thinking that at some point when trying to set up my environment, I messed up some config that changed the way sqldeveloper or sql plus would connect to that database.
$ echo $ORACLE_HOME: /usr/lib/oracle/12.2/client64/
$ echo $TNS_ADMIN: /usr/lib/oracle/12.2/client64/network/admin
$ echo $LD_LIBRARY_PATH: /usr/lib/oracle/12.2/client64/lib
I hope I have provided all the information I have come across and have explained clearly what my issue is, if you have any questions feel free to comment about it so I can clear it up. Thank you for any and all your help.
So my problem ended up being a 'firewall/port' issue. In the end i found out that specific port I was connecting to was blocked, but I thought it was only on my system. Turns out the VPN I'm using was the issue blocking that port. Company has a Primary Data Center and a Secondary one, and apparently the SDC VPN was blocking that port from me. I switched to using the PDC VPN and it worked.
Are you using the 64 bit jdbc drivers?

Communication between two databases (Oracle, VirtualBox)

Currently I am trying to understand how can two databases communicate to each other (for instance: get data from one to another).
Detailed description
I have two Oracle databases, one on Windows and latter on Oracle VirtualBox. On Windows DB I have one user (PAI) with single table called TESTME. On VirtualBox, only user (PAI_VB) was created. Now, I want to display the content of the TESTME table from SQL Developer from VB.
I have done
I want to display table TESTME using LINK statement:
CREATE DATABASE LINK LINK_TO_PAI
CONNECT TO PAI IDENTIFIED BY PAI
USING 'DESCRIPTION = (ADDRESS=(PROTOCOL=TCP)(HOST=myIP)(PORT=1521))
(CONNECT_DATA=(SERVICE_NAME=XE))';
Note: data from 'DESCRIPTION' section were taken from tnsname.ora file on Windows.
Having that, via following query I will manage to display table:
SELECT * FROM PAI.TESTME#LINK_TO_PAI;
Unfortunately, it does not work.
Error from console
ORA-12154: TNS:could not resolve the connect identifier specified
12154. 00000 - "TNS:could not resolve the connect identifier specified"
*Cause: A connection to a database or other service was requested using
a connect identifier, and the connect identifier specified could not
be resolved into a connect descriptor using one of the naming methods
configured. For example, if the type of connect identifier used was a
net service name then the net service name could not be found in a
naming method repository, or the repository could not be
located or reached.
*Action:
- If you are using local naming (TNSNAMES.ORA file):
- Make sure that "TNSNAMES" is listed as one of the values of the
NAMES.DIRECTORY_PATH parameter in the Oracle Net profile
Questions
Could you please propose solution to my problem (I know that in *Action section there is a hint but still I cannot solve it).
Maybe, you could introduce me another way to make communication between two databases possible.
EDIT
I managed to connect from my VB machine to one on Win10 via SQLDeveloper and SQLPlus. Unfortunately, using Oracle LINK I can not access data from database.
SOLVED !!
I managed to solve my issue. The problem laid in LINK. Since following part:
'DESCRIPTION = (ADDRESS=(PROTOCOL=TCP)(HOST=myIP)(PORT=1521))
(CONNECT_DATA=(SERVICE_NAME=XE))'
was inside tnsnames.ora file i should define my link as follows:
CREATE DATABASE LINK LINK_TO_PAI
CONNECT TO PAI IDENTIFIED BY PAI
USING 'xe';
After that minor change, I was able to freely us LINK in my example. Cheers :)
Here's what you need to have for a working database link:
Network connectivity between the two hosts.
Oracle Listener process running on the host you want to connect to.
Correct TNS entry while creating the link.
Correct username and password to connect to the remote database.
The TNS-12154 error you're getting means the database running on the virtual host can't get to XE's listener using the description you gave it.
Make sure you're using the correct IP address when trying to connect to your Windows host from your virtual machine.
Run tnsping from your virtual environment to see if it can get to the Windows host listener.
tnsping 'DESCRIPTION = (ADDRESS=(PROTOCOL=TCP)(HOST=your_windows_host_ip_from_step_1)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=XE))'
or just tnsping XE if you have the TNS entry stored as XE in tnsnames.ora file on your virtual machine.
See also: Oracle documentation — Testing Connections.
Once you get OK response from tnsping try connecting to XE with sqlplus (sqlplus PAI/PAI#XE) or via SQL Developer running on the virtual host. If you can connect that way your database link should also work with the same TNS entry.
This is a tricky part of oracle because there are a number of diverent ways to make a connection.
I suggest that you begin to make sure that you have a tnsnames.ora file both on windows and in your virtualbox environment. What os are you running in VirtualBox by the way?
In both tnsnames.ora files both databases should be named. Easiest to make them identical.
Then connect with sql*plus from windows to your database in VirtualBox and from VirtualBox to your database on Windows.
Just to make sure your network and tns config are OK.
If this works recreate your db-link with the servce alias from tnsnames after using. This should work.

I can access my oracle database by command line, but cannot by navicat, ORA-12514 error

I use the command prompt to connect my Oracle database. All functions work, but when I try to use my Navicat to connect to the database, it shows the following error message:
ORA-12514:TNS:listener does not currently know of service requested in
connect descriptor.
My general settings for Navicat are:
host type:basic
ip address:127.0.0.1(also try my ip, but still have same problem)
port:1521
service name:orcl
By "all functions work", I assume you mean you are able to connect to the database and query.
Can you show us the connect that you use.
If you are using sqlplus in this fashion,
sqlplus userid/password#database1
it means your current client is pointing to the correct tnsnames.ora. May be navicat does not point to the correct tnsnames.ora file? The error indicates that you want to connect to, say database1, and Oracle is not able to map "database1" to the correct server, host and port number.
Have you gone through the connectiond details here?
http://www.navicat.com/en/products/navicat_oracle/oracle_detail_win.html
What is your operating system version and oracle version?

How to use "basic" as connection type?

I'm able to use Oracle SQLDeveloper to make a connection to an Oracle database. I'm using "basic" as connection type and I can access database successfully. The problem is that basic authentication is the only way to access that database at the moment (there is some misconfigururation but this is another problem and can not be solved by myself).
To work around this I want to use basic authentication with JDBC. Is this possible? Can someone give me an example? I found only examples with thin or oci configuration. Both are not working for me.
Thank you very much!
From the help in SQL Developer:
Advanced connection type
Custom JDBC URL: URL for connecting directly from Java to the
database; overrides any other connection type specification. If you
are using TNS or a naming service with the OCI driver, you must
specify this information: Example:
jdbc:oracle:thin:scott/#localhost:1521:orcl
Note that in this example, the "/" is required, and the user will be
prompted to enter the password. I actually wasn't prompted for p/s see notes below
To use a custom JDBC URL, the system on which SQL Developer is running
must have an Oracle Client installation that contains the JDBC and
orai18n libraries, is present on the path, and is version 10.2 or
later.
So all you need to do is select the "Advanced" connection Type, then input the below line (changed to your settings)
jdbc:oracle:thin:USER/#HOST:PORT:SID
but it will also work (and use the Username/Password already inputted) if you omit the "User/" as such
jdbc:oracle:thin:#HOST:PORT:SID
It seems to use the password that is already in the "Password" box in the Database Connection.
If this does not work for you, post how it does not work. I tried the connections from "Basic", TNSNames, and Advanced (using the THIN client) without incident- take note of the using a custom JDBC URL, but I would have to ask why if that is the intent?
hth
There was no mistake in configuration. But there was a problem with the cluster (cluster switched to the other node). I can't understand this behaviour and I can't reproduce it anymore, but it's working again now. Thanks for your help!

Resources