Hi, recently I`ve been trying to set up 12.2.1.3.0 OID on, let's call it X, server - I created "fmw" repository database (also located at X) and installed OID in collocated mode, then created oid1 instance with WLST:
Instance name, Host name, State
==================================
oid1, X.us.oracle.com, RUNNING
==================================
At this point, everything seems to be running smoothly, however, I encountered two issues concerning database integration with OID:
--------------------------------
--------------------------------
1. I configured directory usage configuration on another host (let's call it Y, with netca) - hostname: X, port: 3060, SSL port: 3131, Oracle Context: cn=OracleContext,dc=us,dc=oracle,dc=com. Just to be clear, in order to do that, I set orclanonymousbindsflag value to 1 (in ODSM - cn=oid1,cn=osdldapd,cn=subconfigsubentry). Afterwards, I successfully registered the database with directory service (using dbca).
Contents of ldap.ora:
DIRECTORY_SERVERS= (X:3060:3131)
DEFAULT_ADMIN_CONTEXT = "dc=us,dc=oracle,dc=com"
DIRECTORY_SERVER_TYPE = OID
sqlnet.ora:
NAMES.DIRECTORY_PATH=(LDAP, TNSNAMES)
SQLNET.WALLET_LOCATION=(SOURCE=(METHOD=file)(METHOD_DATA=(DIRECTORY=/u02/app/oracle/admin/EMREPc/wallet)))
Wallet files were created successfully:
[oracle@Y admin]$ cd $ORACLE_BASE/admin/$ORACLE_SID/wallet
[oracle@Y wallet]$ ls
cwallet.sso cwallet.sso.lck ewallet.p12 ewallet.p12.lck
I tried to connect to the database (using globally created schemas or even random characters), but this error came up:
ORA-28030: Server encountered problems accessing LDAP directory service
Error troubleshooting with "28033 trace name context forever, level 9" tracing set:
kzld_discover received ldaptype: OID
KZLD_ERR: DB-OID SSL noauth failed. Err=554
KZLD_ERR: 554
KZLD is doing LDAP unbind
KZLD_ERR: found err from kzldini.
As I said before, anonymous access has already been enabled.
Further troubleshooting:
[oracle@Y trace]$ mkstore -wrl $ORACLE_BASE/admin/$ORACLE_SID/wallet -viewEntry ORACLE.SECURITY.DN
ORACLE.SECURITY.DN = cn=EMREPc,cn=OracleContext,dc=us,dc=oracle,dc=com
[oracle@Y trace]$ mkstore -wrl $ORACLE_BASE/admin/$ORACLE_SID/wallet -viewEntry ORACLE.SECURITY.PASSWORD
ORACLE.SECURITY.PASSWORD = <password>
Non-SSL port:
[oracle@Y trace]$ ldapbind -h X -p 3060 -D "cn=EMREPc,cn=OracleContext,dc=us,dc=oracle,dc=com" -w "<password>"
bind successful
SSL port:
[oracle@Y admin]$ ldapbind -h X -p 3131 -D "cn=EMREPc,cn=OracleContext,dc=us,dc=oracle,dc=com" -w "<password>" -U 1
bind successful
oid instance parameters:
orclsslAuthentication=1
orclsslEnable=2
orclsslPort=3131
orclsslVersion=3
orclsslWalletURL=file:
orclsslinteropmode=0
--------------------------------
--------------------------------
2. When I try to register a database on the same host where OID is installed (X) with dbca (either silent mode or GUI), the following error always comes up:
[oracle@X bin]$ dbca
sgslufread: Hard error on read, OS error = 104
#
# A fatal error has been detected by the Java Runtime Environment:
#
# SIGSEGV (0xb) at pc=0x00007f26fd9164c0, pid=88837, tid=139805595879168
#
# JRE version: Java(TM) SE Runtime Environment (8.0_91-b14) (build 1.8.0_91-b14)
# Java VM: Java HotSpot(TM) 64-Bit Server VM (25.91-b14 mixed mode linux-amd64 compressed oops)
# Problematic frame:
# C [libclntsh.so.12.1+0x13be4c0] gslcopc_OpenLdapConnection+0x310
#
# Failed to write core dump. Core dumps have been disabled. To enable core dumping, try "ulimit -c unlimited" before starting Java again
#
# An error report file with more information is saved as:
# /u02/app/oracle/middleware/oracle_common/common/bin/hs_err_pid88837.log
--------------------------------
--------------------------------
I thought both of these might be related to each other - when I configured the database as in the first example, OS error=104 came up as well, but it did not stop dbca from doing its job.
Thanks for help,
Robert