HI Experts,
This is regarding the EUS setup for authenticating AD users into Oracle Databases using OUD proxy servers (OUD servers 11.1.2.3).
I have registered a database to OUD servers and authentication as AD users on database server side and client side is working fine.
But when replace the 2 OUD server IPs with a LOAD BALANCER host name in LDAP.ORA of Database server ( example: /u01/oracle/product/11.2.0/db_1/network/admin/ldap.ora ) , the AD users login failed on both DB server and client machines with Error "ORA-28030: Server encountered problems accessing LDAP directory service"
as per oracle document ( https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=419466090373269&id=261178.1&_adf.ctrl-state=1yjrb3189_28… )
I tried below command.
ldapbind -h oudlbserver.xyz.com -p 1636 -U 3 -W "file:/app/oracle/product/admin/eusdb1/wallet" -P "Oracle#1"
SSL handshake failed
I enabled DB trace log and found below error
kzld_discover received ldaptype: OID
KZLD_ERR: DB-OID SSL noauth failed. Err=554
KZLD_ERR: 554
KZLD is doing LDAP unbind
KZLD_ERR: found err from kzldini.
DO I need to import Load Balancer certs into the DB Wallet OR Database Java Home Certificate store to resolve this issue? If I user OUD IPs in ldap.ora the authentication works fine with out even importing DEV OUD certs into the database server!!!! Are there any additional steps involved with Load Balancer setup?