-
加我微信
加我QQ
标签云
asm 恢复 asm恢复 bbed bootstrap$ dul In Memory kcbzib_kcrsds_1 kccpb_sanity_check_2 kfed MySQL恢复 ORA-00312 ORA-00607 ORA-00704 ORA-01110 ORA-01555 ORA-01578 ORA-08103 ORA-600 2662 ORA-600 2663 ORA-600 3020 ORA-600 4000 ORA-600 4137 ORA-600 4193 ORA-600 4194 ORA-600 16703 ORA-600 kcbzib_kcrsds_1 ORA-600 KCLCHKBLK_4 ORA-15042 ORA-15196 ORACLE 12C oracle dul ORACLE PATCH Oracle Recovery Tools oracle加密恢复 oracle勒索 oracle勒索恢复 oracle异常恢复 ORACLE恢复 Oracle 恢复 ORACLE数据库恢复 oracle 比特币 OSD-04016 YOUR FILES ARE ENCRYPTED 勒索恢复 比特币加密文章分类
- Others (2)
- 中间件 (2)
- WebLogic (2)
- 操作系统 (100)
- 数据库 (1,594)
- DB2 (22)
- MySQL (70)
- Oracle (1,462)
- Data Guard (49)
- EXADATA (7)
- GoldenGate (21)
- ORA-xxxxx (158)
- ORACLE 12C (72)
- ORACLE 18C (6)
- ORACLE 19C (13)
- ORACLE 21C (3)
- Oracle ASM (65)
- Oracle Bug (7)
- Oracle RAC (47)
- Oracle 安全 (6)
- Oracle 开发 (27)
- Oracle 监听 (27)
- Oracle备份恢复 (530)
- Oracle安装升级 (83)
- Oracle性能优化 (62)
- 专题索引 (5)
- 勒索恢复 (75)
- PostgreSQL (15)
- PostgreSQL恢复 (4)
- SQL Server (27)
- SQL Server恢复 (8)
- TimesTen (7)
- 达梦数据库 (2)
- 生活娱乐 (2)
- 至理名言 (11)
- 虚拟化 (2)
- VMware (2)
- 软件开发 (36)
- Asp.Net (9)
- JavaScript (12)
- PHP (2)
- 小工具 (19)
-
最近发表
- PostgreSQL恢复系列:pg_filedump恢复字典构造
- PostgreSQL 16 源码安装
- ORA-00742 ORA-00312 恢复
- 数据库open成功后报ORA-00353 ORA-00354错误引起的一系列问题(本质ntfs文件系统异常)
- ORA-600 ktsiseginfo1故障
- ORA-00600: internal error code, arguments: [16703], [1403], [4] 原因
- 最近遇到几起ORA-600 16703故障(tab$被清空),请引起重视
- ORA-600 2662快速恢复之Patch scn工具
- TNS-12518: TNS:listener could not hand off client connection
- ora.storage无法启动报ORA-12514故障处理
- 断电引起文件scn异常数据库恢复
- ORA-16188: LOG_ARCHIVE_CONFIG settings inconsistent with previously started instance
- .[hudsonL@cock.li].mkp勒索加密数据库完美恢复
- 模拟带库实现rman远程备份
- 又一例:ORA-600 kclchkblk_4和2662故障
- Oracle误删除数据文件恢复
- Oracle 19C 备库DML重定向—DML Redirection
- ORA-01595/ORA-600 4194处理
- 从ORA-00283 ORA-16433报错开始恢复
- 近期又遇到ORA-600 16703和ORA-702故障
标签归档:ORA-28040
ORA-28040: No matching authentication protocol
电脑上面安装了三个版本的数据库10.2.0.3,11.2.0.1,12.1.0.2版本,使用他们分别尝试连接另外一个12.2.0.3的环境数据库发现只有12.1的版本客户端可以连接到12.2上面,其他版本报ORA-28040错误
分别测试连接,报ORA-28040错误
C:\Users\XIFENFEI>sqlplus sys/oracle@192.168.137.121/orcl12c2 as sysdba SQL*Plus: Release 12.1.0.2.0 Production on 星期三 7月 20 00:03:01 2016 Copyright (c) 1982, 2014, Oracle. All rights reserved. 连接到: Oracle Database 12c Enterprise Edition Release 12.2.0.0.3 - 64bit Production SQL> SQL> C:\Users\XIFENFEI>D:\app\FAL\product\11.2.0\dbhome_1\bin\sqlplus sys/oracle@192.168.137.121/orcl12c2 as sysdba SQL*Plus: Release 11.2.0.1.0 Production on 星期三 7月 20 00:10:33 2016 Copyright (c) 1982, 2010, Oracle. All rights reserved. ERROR: ORA-28040: No matching authentication protocol C:\Users\XIFENFEI>D:\app\product\10.2.0\db_1\bin\sqlplus sys/oracle@192.168.137.121/orcl12c2 as sysdba SQL*Plus: Release 10.2.0.3.0 - Production on 星期三 7月 20 00:09:30 2016 Copyright (c) 1982, 2006, Oracle. All Rights Reserved. ERROR: ORA-28040: 没有匹配的验证协议 请输入用户名:
ORA-28040错误说明
28040, 0000, "No matching authentication protocol" // *Cause: There was no acceptable authentication protocol for // either client or server. // *Action: The administrator should set the values of the // SQLNET.ALLOWED_LOGON_VERSION_SERVER and // SQLNET.ALLOWED_LOGON_VERSION_CLIENT parameters, on both the // client and on the server, to values that match the minimum // version software supported in the system. // This error is also raised when the client is authenticating to // a user account which was created without a verifier suitable for // the client software version. In this situation, that account's // password must be reset, in order for the required verifier to // be generated and allow authentication to proceed successfully.
解决方法
在服务端的sqlnet.ora文件中加入上如下信息,然后重启监听
[oracle@ora1221 admin]$ vi sqlnet.ora SQLNET.ALLOWED_LOGON_VERSION_CLIENT=8 SQLNET.ALLOWED_LOGON_VERSION_SERVER=8 [oracle@ora1221 admin]$ lsnrctl stop LSNRCTL for Linux: Version 12.2.0.0.3 - Production on 17-JUN-2016 06:36:13 Copyright (c) 1991, 2016, Oracle. All rights reserved. Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521)) The command completed successfully [oracle@ora1221 admin]$ lsnrctl start LSNRCTL for Linux: Version 12.2.0.0.3 - Production on 17-JUN-2016 06:36:17 Copyright (c) 1991, 2016, Oracle. All rights reserved. Starting /u01/app/oracle/product/12.2.0/db_2/bin/tnslsnr: please wait... TNSLSNR for Linux: Version 12.2.0.0.3 - Production Log messages written to /u01/app/oracle/diag/tnslsnr/ora1221/listener/alert/log.xml Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=ora1221)(PORT=1521))) Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521)) STATUS of the LISTENER ------------------------ Alias LISTENER Version TNSLSNR for Linux: Version 12.2.0.0.3 - Production Start Date 17-JUN-2016 06:36:17 Uptime 0 days 0 hr. 0 min. 0 sec Trace Level off Security ON: Local OS Authentication SNMP OFF Listener Log File /u01/app/oracle/diag/tnslsnr/ora1221/listener/alert/log.xml Listening Endpoints Summary... (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=ora1221)(PORT=1521))) The listener supports no services The command completed successfully
sqlnet中参数说明
SQLNET.ALLOWED_LOGON_VERSION_SERVER 是服务端参数对于jdbc和oci都生效,该参数不是只具体数据库版本,而是指授权协议的版本
SQLNET.ALLOWED_LOGON_VERSION_CLIENT 是指作为客户端连接其他实例的时候生效,也是只授权协议版本,而且该参数只对oci生效,jdbc 需要通过在代码中类似实现
OracleDataSource ods = new OracleDataSource();
ods.setURL(jdbcURL);
ods.setUser("scott");
ods.setPassword("tiger");
Properties props = new Properties();
props.put("oracle.jdbc.allowedLogonVersion", 12);
ods.setConnectionProperties(props);
Connection con = ods.getConnection();
上述两个参数可以填写值
12a for Oracle Database 12c release 12.1.0.2 or later authentication protocols (strongest protection)
12 for the critical patch updates CPUOct2012 and later Oracle Database 11g authentication protocols (recommended)
11 for Oracle Database 11g authentication protocols (default)
10 for Oracle Database 10g authentication protocols
9 for Oracle9i Database authentication protocol
8 for Oracle8i Database authentication protocol
具体描述请见:http://docs.oracle.com/database/121/NETRF/sqlnet.htm#NETRF2010
再次测试连接
C:\Users\XIFENFEI>D:\app\FAL\product\11.2.0\dbhome_1\bin\sqlplus sys/oracle@192.168.137.121/orcl12c2 as sysdba SQL*Plus: Release 11.2.0.1.0 Production on 星期三 7月 20 00:20:21 2016 Copyright (c) 1982, 2010, Oracle. All rights reserved. 连接到: Oracle Database 12c Enterprise Edition Release 12.2.0.0.3 - 64bit Production SQL> exit 从 Oracle Database 12c Enterprise Edition Release 12.2.0.0.3 - 64bit Production 断开 C:\Users\XIFENFEI>D:\app\product\10.2.0\db_1\bin\sqlplus sys/oracle@192.168.137.121/orcl12c2 as sysdba SQL*Plus: Release 10.2.0.3.0 - Production on 星期三 7月 20 00:20:28 2016 Copyright (c) 1982, 2006, Oracle. All Rights Reserved. 连接到: Oracle Database 12c Enterprise Edition Release 12.2.0.0.3 - 64bit Production SQL> C:\Users\XIFENFEI>sqlplus sys/oracle@192.168.137.121/orcl12c2 as sysdba SQL*Plus: Release 12.1.0.2.0 Production on 星期三 7月 20 00:20:55 2016 Copyright (c) 1982, 2014, Oracle. All rights reserved. 连接到: Oracle Database 12c Enterprise Edition Release 12.2.0.0.3 - 64bit Production
该问题在jdbc中也表现明显,建议参考Starting With Oracle JDBC Drivers (文档 ID 401934.1)和Client / Server Interoperability Support Matrix for Different Oracle Versions (文档 ID 207303.1)选择完全兼容性的客户端和jdbc版本,另外可以关注相关文章:
ORA-28040 and SQLNET.ALLOWED_LOGON_VERSION_CLIENT for JDBC Thin Clients (文档 ID 2000339.1)
ORA-28040 Using JDBC Connection to 12c Database (文档 ID 2111118.1)
JDBC Version 10.2.0.4 Produces ORA-28040 Connecting To Oracle 12c (12.1.0.2) Database (文档 ID 2023160.1)
ORA-28040 and SQLNET.ALLOWED_LOGON_VERSION_CLIENT for JDBC Thin Clients (文档 ID 2000339.1)