[oracle] ORA-01017: invalid username/password; logon denied ORA-28040: No matching authentication protocol

错误:

  ORA-01017: invalid username/password; logon denied

  ORA-28040: No matching authentication protocol

 

 原因1: 客户端与服务器oracle 版本不一

注意修改Oracle 实例上些参数需要修改密码

SQLNET.ALLOWED_LOGON_VERSION_SERVER

SQLNET.ALLOWED_LOGON_VERSION_SERVER Setting8111212a

Server runs in Exclusive Mode?

No

No

Yes

Yes

Generate the 10G password version?

Yes

Yes

No

No

Generate the 11G password version?

Yes

Yes

Yes

No

Generate the 12C password version?

Yes

Yes

Yes

Yes

  • SQLNET.ALLOWED_LOGON_VERSION_SERVER = 12a  the most restrictive and secure setting, only permits the 12C password version.

  • SQLNET.ALLOWED_LOGON_VERSION_SERVER = 12     permits both the 11G and 12C password versions to be used for authentication.

  • SQLNET.ALLOWED_LOGON_VERSION_SERVER 8     permits the most password versions: 10G, 11G, and 12C.

https://docs.oracle.com/en/database/oracle/oracle-database/19/dbseg/configuring-authentication.html#GUID-B4EA8B28-B76E-4C03-AB59-0B322DA9F3EF

https://docs.oracle.com/en/database/oracle/oracle-database/19/netrf/parameters-for-the-sqlnet.ora.html#GUID-B2908ADF-0973-44A9-9B34-587A3D605BED

 

SQLNET.ALLOWED_LOGON_VERSION_CLIENT

SQLNET.ALLOWED_LOGON_VERSION_CLIENT = 12a     for Oracle Database 12c Release 1 (12.1.0.2) or later (strongest protection)

SQLNET.ALLOWED_LOGON_VERSION_CLIENT = 12     for the critical patch updates CPUOct2012 and later Oracle Database 11g authentication protocols (stronger protection)

SQLNET.ALLOWED_LOGON_VERSION_CLIENT = 11    for Oracle Database 11g authentication protocols (default)

SQLNET.ALLOWED_LOGON_VERSION_CLIENT = 10        for Oracle Database 10g authentication protocols

SQLNET.ALLOWED_LOGON_VERSION_CLIENT = 8          for Oracle8i authentication protocol

原因2:

SQLNET.AUTHENTICATION_SERVICES = (NTS) 此参数在linux系统 上设置,出现在了错误

SQLNET.AUTHENTICATION_SERVICES

  • none for no authentication methods, including Microsoft Windows native operating system authentication. When SQLNET.AUTHENTICATION_SERVICES is set to none, a valid user name and password can be used to access the database.  只有密码验证模式

  • all for all authentication methods. 所有验证模式

  • beq for native operating system authentication for operating systems other than Microsoft Windows

  • kerberos5 for Kerberos authentication kerberos 验证

  • nts for Microsoft Windows native operating system authentication 只适用于windows 平台的oracle系统

  • radius for Remote Authentication Dial-In User Service (RADIUS) authentication   RADIUS验证

  • tcps for SSL authentication SSL验证

 

 

posted on 2020-04-15 22:23  InnoLeo  阅读(492)  评论(0编辑  收藏  举报