2

I wish to connect to an Oracle database using LDAP for connection string lookup. LDAP/OID is already setup, and manually using the connection string retrieved from LDAP works. However, the automatic LDAP lookup of the connection string from an oracle client (sqlplus) does not! According to google, the files sqlnet.ora and ldap.ora need to be setup to inform the oracle client that we wish to use LDAP lookup. This is done and values are correct as far as I can tell:

export ORACLE_HOME=/etc/oracle

$ORACLE_HOME/network/admin/sqlnet.ora

NAMES.DIRECTORY_PATH = (LDAP)

$ORACLE_HOME/ldap/admin/ldap.ora

DIRECTORY_SERVERS = (<host>:<port>) DEFAULT_ADMIN_CONTEXT = "cn=OracleContext,dc=example,dc=com" DIRECTORY_SERVER_TYPE = OID

However, when I attempt to connect, I'm still met with

$ sqlplus64 'user/password@identifier' ERROR ORA-12154: TNS:could not resolve the connect identifier specified

Further, by straceing the sqlplus client, it can be seen that both files (sqlnet.ora, ldap.ora) are at least being opened:

open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 open("/usr/lib/oracle/12.1/client64/lib/libsqlplus.so", O_RDONLY|O_CLOEXEC) = 3 open("/usr/lib/oracle/12.1/client64/lib/libclntsh.so.12.1", O_RDONLY|O_CLOEXEC) = 3 open("/usr/lib/oracle/12.1/client64/lib/libclntshcore.so.12.1", O_RDONLY|O_CLOEXEC) = 3 open("/usr/lib/oracle/12.1/client64/lib/libnnz12.so", O_RDONLY|O_CLOEXEC) = 3 open("/lib/x86_64-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3 open("/lib/x86_64-linux-gnu/libm.so.6", O_RDONLY|O_CLOEXEC) = 3 open("/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3 open("/lib/x86_64-linux-gnu/libnsl.so.1", O_RDONLY|O_CLOEXEC) = 3 open("/lib/x86_64-linux-gnu/librt.so.1", O_RDONLY|O_CLOEXEC) = 3 open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 open("/usr/lib/oracle/12.1/client64/lib/libons.so", O_RDONLY|O_CLOEXEC) = 3 open("/lib/x86_64-linux-gnu/libaio.so.1", O_RDONLY|O_CLOEXEC) = 3 open("/usr/lib/oracle/12.1/client64/lib/libsqlplusic.so", O_RDONLY|O_CLOEXEC) = 3 open("/usr/lib/oracle/12.1/client64/lib/libociei.so", O_RDONLY|O_CLOEXEC) = 3 open("/etc/oracle/network/admin/oraaccess.xml", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/oracle/network/admin/oraaccess.xml", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/oracle/network/admin/sqlnet.ora", O_RDONLY) = 3 open("/etc/orabasetab", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/oracle/install/orabasetab", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 open("/lib/x86_64-linux-gnu/libnss_compat.so.2", O_RDONLY|O_CLOEXEC) = 3 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 open("/lib/x86_64-linux-gnu/libnss_nis.so.2", O_RDONLY|O_CLOEXEC) = 3 open("/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3 open("/proc/self/fd/", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 3 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 4 open("/etc/oracle/network/admin/sqlnet.ora", O_RDONLY) = 4 open("/usr/lib64/libnuma.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) open("/usr/lib64/libnuma.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) open("/proc/sys/kernel/shmmax", O_RDONLY) = 4 open("/proc/meminfo", O_RDONLY) = 4 open("/proc/sys/kernel/shmmax", O_RDONLY) = 4 open("/usr/lib64/libnuma.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) open("/usr/lib64/libnuma.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) open("/etc/localtime", O_RDONLY|O_CLOEXEC) = 4 open("/etc/hostid", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 4 open("/etc/host.conf", O_RDONLY|O_CLOEXEC) = 4 open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 4 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 4 open("/etc/oracle/ldap/admin/fips.ora", O_RDONLY) = -1 ENOENT (No such file or directory) open("/dev/urandom", O_RDONLY) = 4 open("/dev/urandom", O_RDONLY) = 5 open("entropy", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/oracle/ldap/admin/ldap.ora", O_RDONLY) = 6 open("/etc/oracle/ldap/admin/ldap.ora", O_RDONLY) = 6 open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 6 open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 6 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 6 open("/lib/x86_64-linux-gnu/libnss_mdns4_minimal.so.2", O_RDONLY|O_CLOEXEC) = 6 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 6 open("/lib/x86_64-linux-gnu/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = 6 open("/lib/x86_64-linux-gnu/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 6 open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 6 open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 6 open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 6 open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 6 strace: Process 30041 detached

Please let me know what I'm missing? I'm an Oracle newbie so rookie advice may be helpful!

The client is an ubuntu 16.04 server with the oracle instant client installed:

oracle-instantclient12.1-devel: 12.1.0.1.0-2 oracle-instantclient12.1-basic: 12.1.0.1.0-2 oracle-instantclient12.1-sqlplus: 12.1.0.1.0-2 oracle-instantclient12.1-odbc: 12.1.0.1.0-2
Improve this question
1
  • Could you use strace -fy -s 500 -o strace-$(date +%F_%H%M%S).txt sqlplus64 ... ? Check if the file is read. You can also use ltrace to see the C api, not only the system calls. Commented Jul 13, 2020 at 3:08

1 Answer 1

Reset to default
1

you also need to setup the TNS_ADMIN variable to point to the folder where your files are.

example :

export TNS_ADMIN=$ORACLE_HOME/ldap/admin

(it might point somewhere else by default,or depending on your environment variables, perhaps at a place with empty files). also, check your files permissions, your client need to be able to read these files (644).

and you also need to ensure that you are using the right SID for your database. do you have the NAMES.DEFAULT_DOMAIN variable setup in your sqlnet.ora file ? try appending .world to your SID in your command, such as :

sqlplus login/[email protected]

and/or add this line in your sqlnet.ora too :

NAMES.DEFAULT_DOMAIN = WORLD

also, you need to check a couple of other things, is your database "registered" correctly in OID ? (it's usually done with dbca)

another thing : when you browse to OID, what do you see under "cn=OracleContext,dc=example,dc=com" ? you should have an entry with your database sid (cn=DB_SID,cn=OracleContext,dc=example,dc=com). in this entry (if it exists), you should have an "orclnetdescstring" containing your database information (host, port & SID, the real tns in fact), is this information correct ? your problem probably comes from there (wrong description string in the database entry you are trying to contact, or database not registered correctly in OID) ..

there are numerous of other checks that you need to do, let me know if the above fix your problems, ty

Improve this answer
1
  • Unfortunately the above did not help. TNS_ADMIN is exported and no change is seen when specifying domain/default domain. The SID does exist in the OID with a string associated with 'orclnetdescstring'. (Although that string is base64 encoded). This shouldn't matter though, since connection string lookup via sqldeveloper works for the particular database SID I'm attempting to connect similarly to via sqlplus/programmatically(?) OID server setup itself shouldn't be the issue as it's established business infrastructure. Thanks very much for your reply! Please let me know anything else to try! Commented Sep 26, 2017 at 1:21

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.