使用plsql Developer連接時,發現報ora-28040 No matching authentication protocol
select username, account_status, default_tablespace, created, password_versions from dba_users;
password_versions表示當前用戶是口令的認證方式。
[oracle@test ~]$ oerr ora 28040
28040, 0000, "No matching authentication protocol" //沒有匹配的驗證協議
// *Cause: There was no acceptable authentication protocol for
// either client or server.
// *Action: The administrator should set the values of the
// SQLNET.ALLOWED_LOGON_VERSION_SERVER and
// SQLNET.ALLOWED_LOGON_VERSION_CLIENT parameters, on both the
// client and on the server, to values that match the minimum
// version software supported in the system.
// This error is also raised when the client is authenticating to
// a user account which was created without a verifier suitable for
// the client software version. In this situation, that account's
// password must be reset, in order for the required verifier to
// be generated and allow authentication to proceed successfully.
可以看出從12C開始 SQLNET.ALLOWED_LOGON_VERSION參數已被廢棄
MOS文檔中顯示,在默認情況下Oracle12.2對客戶端版本有限制的,我們客戶端版本是11g以下的
因此需要在$ORACLE_HOME/network/admin/sqlnet.ora文件中寫以下兩行
SQLNET.ALLOWED_LOGON_VERSION_SERVER=10
SQLNET.ALLOWED_LOGON_VERSION_CLIENT=10
注:如果客戶端存在8i和9i版本的,建議數字寫成最低版本數字,否則依然后出現部分客戶端無法連接的情況
修改完sqlnet.ora,再次連接oracle,會報用戶密碼錯誤,此時必須要修改用戶密碼,password_versions字段才會出現10G的值。
ORA-01017: invalid username/password; logon denied
SQL>alter user test identified by "test_123";
User altered.
此時再次登陸就可以成功進入了。
再次查看下該用戶信息
select username, account_status, default_tablespace, created, password_versions from dba_users where username='TEST';
