Oracle 10g R2 on Linux with Kerberos 5
- From: Maimon Oded <oded.maimon@xxxxxxxxx>
- To: oracle-l@xxxxxxxxxxxxx
- Date: Tue, 8 Nov 2005 14:51:30 +0200
Hi all,
I'm getting desperate..
I've a working KDC on linux (RH3-U5), i can authenticate to my other linux
machines with it, i can run rsh,telnet with that KDC.
so the kdc is working.
i'm trying to configure oracle 10gR2 (also on linux) with it, but i guss
i'm missing something very important.
the OS kinit command is working, oracle okinit command is not working, i'm
getting:
*[oracle@lxoid1 admin]$ okinit*
*Kerberos Utilities for Linux: Version 10.2.0.1.0 - Production on
08-NOV-2005 15:31:34*
*Copyright (c) 1996, 2004 Oracle. All rights reserved.*
*Password for **oracle@xxxxxxxxx* <oracle@xxxxxxxxx>*:
okinit: Password incorrect
okinit: Decrypt integrity check failed
*
my sqlnet.ora:
*NAMES.DIRECTORY_PATH= (TNSNAMES)
SQLNET.AUTHENTICATION_SERVICES = (KERBEROS5)
SQLNET.KERBEROS5_KEYTAB = /etc/krbora10g.keytab
SQLNET.KERBEROS5_CONF = /etc/krb5.conf
SQLNET.KERBEROS5_CONF_MIT = TRUE
SQLNET.AUTHENTICATION_KERBEROS5_SERVICE = ora10g
TRACE_LEVEL_CLIENT = SUPPORT
TRACE_LEVEL_SERVER = SUPPORT
TRACE_DIRECTORY_CLIENT = /tmp/clnt
TRACE_DIRECTORY_SERVER = /tmp/srv*
the owner of /etc/krbora10g.keytab is oracle:dba.
running kinit, and then running "sqlplus /@mydb" return:
*SQL*Plus: Release 10.2.0.1.0 - Production on Tue Nov 8 15:46:02 2005*
*Copyright (c) 1982, 2005, Oracle. All rights reserved.*
*ERROR:
ORA-12638: Credential retrieval failed
*
pleaaaaasssssseee, HELP!
Oded.
Other related posts:
