使用plsql Developer连接时,发现报ora-28040 No matching authentication protocol
select username, account_status, default_tablespace, created, password_versions from dba_users;
password_versions表示当前用户是口令的认证方式。
[oracle@test ~]$ oerr ora 28040
28040, 0000, "No matching authentication protocol" //没有匹配的验证协议
// *Cause: There was no acceptable authentication protocol for
// either client or server.
// *Action: The administrator should set the values of the
// SQLNET.ALLOWED_LOGON_VERSION_SERVER and
// SQLNET.ALLOWED_LOGON_VERSION_CLIENT parameters, on both the
// client and on the server, to values that match the minimum
// version software supported in the system.
// This error is also raised when the client is authenticating to
// a user account which was created without a verifier suitable for
// the client software version. In this situation, that account's
// password must be reset, in order for the required verifier to
// be generated and allow authentication to proceed successfully.
可以看出从12C开始 SQLNET.ALLOWED_LOGON_VERSION参数已被废弃
MOS文档中显示,在默认情况下Oracle12.2对客户端版本有限制的,我们客户端版本是11g以下的
因此需要在$ORACLE_HOME/network/admin/sqlnet.ora文件中写以下两行
SQLNET.ALLOWED_LOGON_VERSION_SERVER=10
SQLNET.ALLOWED_LOGON_VERSION_CLIENT=10
注:如果客户端存在8i和9i版本的,建议数字写成最低版本数字,否则依然后出现部分客户端无法连接的情况
修改完sqlnet.ora,再次连接oracle,会报用户密码错误,此时必须要修改用户密码,password_versions字段才会出现10G的值。
ORA-01017: invalid username/password; logon denied
SQL>alter user test identified by "test_123";
User altered.
此时再次登陆就可以成功进入了。
再次查看下该用户信息
select username, account_status, default_tablespace, created, password_versions from dba_users where username='TEST';