[oracle] ORA-01017: invalid username/password; logon denied ORA-28040: No matching authentication protocol
错误:
ORA-01017: invalid username/password; logon denied
ORA-28040: No matching authentication protocol
原因1: 客户端与服务器oracle 版本不一
注意修改Oracle 实例上些参数需要修改密码
SQLNET.ALLOWED_LOGON_VERSION_SERVER
SQLNET.ALLOWED_LOGON_VERSION_SERVER Setting | 8 | 11 | 12 | 12a |
---|---|---|---|---|
Server runs in Exclusive Mode? |
No |
No |
Yes |
Yes |
Generate the |
Yes |
Yes |
No |
No |
Generate the |
Yes |
Yes |
Yes |
No |
Generate the |
Yes |
Yes |
Yes |
Yes |
-
SQLNET.ALLOWED_LOGON_VERSION_SERVER
=12a
the most restrictive and secure setting, only permits the12C
password version. -
SQLNET.ALLOWED_LOGON_VERSION_SERVER
=12
permits both the11G
and12C
password versions to be used for authentication. -
SQLNET.ALLOWED_LOGON_VERSION_SERVER
=8
permits the most password versions:10G
,11G
, and12C
.
https://docs.oracle.com/en/database/oracle/oracle-database/19/dbseg/configuring-authentication.html#GUID-B4EA8B28-B76E-4C03-AB59-0B322DA9F3EF
https://docs.oracle.com/en/database/oracle/oracle-database/19/netrf/parameters-for-the-sqlnet.ora.html#GUID-B2908ADF-0973-44A9-9B34-587A3D605BED
SQLNET.ALLOWED_LOGON_VERSION_CLIENT
SQLNET.ALLOWED_LOGON_VERSION_CLIENT = 12a
for Oracle Database 12c Release 1 (12.1.0.2) or later (strongest protection)
for the critical patch updates CPUOct2012 and later Oracle Database 11g authentication protocols (stronger protection)SQLNET.ALLOWED_LOGON_VERSION_CLIENT =
12
for Oracle Database 11g authentication protocols (default)
11 SQLNET.ALLOWED_LOGON_VERSION_CLIENT =
for Oracle Database 10g authentication protocols
10SQLNET.ALLOWED_LOGON_VERSION_CLIENT =
for Oracle8i authentication protocol
8SQLNET.ALLOWED_LOGON_VERSION_CLIENT =
原因2:
SQLNET.AUTHENTICATION_SERVICES = (NTS) 此参数在linux系统 上设置,出现在了错误
SQLNET.AUTHENTICATION_SERVICES
-
none
for no authentication methods, including Microsoft Windows native operating system authentication. WhenSQLNET.AUTHENTICATION_SERVICES
is set tonone
, a valid user name and password can be used to access the database. 只有密码验证模式 -
all
for all authentication methods. 所有验证模式 -
beq
for native operating system authentication for operating systems other than Microsoft Windows -
kerberos5
for Kerberos authentication kerberos 验证 -
nts
for Microsoft Windows native operating system authentication 只适用于windows 平台的oracle系统 -
radius
for Remote Authentication Dial-In User Service (RADIUS) authentication RADIUS验证 -
tcps
for SSL authentication SSL验证