I wish to connect to an Oracle database using LDAP for connection string lookup. LDAP/OID is already setup, and manually using the connection string retrieved from LDAP works. However, the automatic LDAP lookup of the connection string from an oracle client (sqlplus) does not! According to google, the files sqlnet.ora and ldap.ora need to be setup to inform the oracle client that we wish to use LDAP lookup. This is done and values are correct as far as I can tell:
export ORACLE_HOME=/etc/oracle
$ORACLE_HOME/network/admin/sqlnet.ora
NAMES.DIRECTORY_PATH = (LDAP)
$ORACLE_HOME/ldap/admin/ldap.ora
DIRECTORY_SERVERS = (<host>:<port>)
DEFAULT_ADMIN_CONTEXT = "cn=OracleContext,dc=example,dc=com"
DIRECTORY_SERVER_TYPE = OID
However, when I attempt to connect, I'm still met with
$ sqlplus64 'user/password@identifier'
ERROR
ORA-12154: TNS:could not resolve the connect identifier specified
Further, by straceing the sqlplus client, it can be seen that both files (sqlnet.ora, ldap.ora) are at least being opened:
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
open("/usr/lib/oracle/12.1/client64/lib/libsqlplus.so", O_RDONLY|O_CLOEXEC) = 3
open("/usr/lib/oracle/12.1/client64/lib/libclntsh.so.12.1", O_RDONLY|O_CLOEXEC) = 3
open("/usr/lib/oracle/12.1/client64/lib/libclntshcore.so.12.1", O_RDONLY|O_CLOEXEC) = 3
open("/usr/lib/oracle/12.1/client64/lib/libnnz12.so", O_RDONLY|O_CLOEXEC) = 3
open("/lib/x86_64-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
open("/lib/x86_64-linux-gnu/libm.so.6", O_RDONLY|O_CLOEXEC) = 3
open("/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
open("/lib/x86_64-linux-gnu/libnsl.so.1", O_RDONLY|O_CLOEXEC) = 3
open("/lib/x86_64-linux-gnu/librt.so.1", O_RDONLY|O_CLOEXEC) = 3
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
open("/usr/lib/oracle/12.1/client64/lib/libons.so", O_RDONLY|O_CLOEXEC) = 3
open("/lib/x86_64-linux-gnu/libaio.so.1", O_RDONLY|O_CLOEXEC) = 3
open("/usr/lib/oracle/12.1/client64/lib/libsqlplusic.so", O_RDONLY|O_CLOEXEC) = 3
open("/usr/lib/oracle/12.1/client64/lib/libociei.so", O_RDONLY|O_CLOEXEC) = 3
open("/etc/oracle/network/admin/oraaccess.xml", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/oracle/network/admin/oraaccess.xml", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/oracle/network/admin/sqlnet.ora", O_RDONLY) = 3
open("/etc/orabasetab", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/oracle/install/orabasetab", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
open("/lib/x86_64-linux-gnu/libnss_compat.so.2", O_RDONLY|O_CLOEXEC) = 3
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
open("/lib/x86_64-linux-gnu/libnss_nis.so.2", O_RDONLY|O_CLOEXEC) = 3
open("/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
open("/proc/self/fd/", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 3
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 4
open("/etc/oracle/network/admin/sqlnet.ora", O_RDONLY) = 4
open("/usr/lib64/libnuma.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/usr/lib64/libnuma.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/proc/sys/kernel/shmmax", O_RDONLY) = 4
open("/proc/meminfo", O_RDONLY) = 4
open("/proc/sys/kernel/shmmax", O_RDONLY) = 4
open("/usr/lib64/libnuma.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/usr/lib64/libnuma.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/etc/localtime", O_RDONLY|O_CLOEXEC) = 4
open("/etc/hostid", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 4
open("/etc/host.conf", O_RDONLY|O_CLOEXEC) = 4
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 4
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 4
open("/etc/oracle/ldap/admin/fips.ora", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/dev/urandom", O_RDONLY) = 4
open("/dev/urandom", O_RDONLY) = 5
open("entropy", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/oracle/ldap/admin/ldap.ora", O_RDONLY) = 6
open("/etc/oracle/ldap/admin/ldap.ora", O_RDONLY) = 6
open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 6
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 6
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 6
open("/lib/x86_64-linux-gnu/libnss_mdns4_minimal.so.2", O_RDONLY|O_CLOEXEC) = 6
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 6
open("/lib/x86_64-linux-gnu/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = 6
open("/lib/x86_64-linux-gnu/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 6
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 6
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 6
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 6
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 6
strace: Process 30041 detached
Please let me know what I'm missing? I'm an Oracle newbie so rookie advice may be helpful!
The client is an ubuntu 16.04 server with the oracle instant client installed:
oracle-instantclient12.1-devel: 12.1.0.1.0-2
oracle-instantclient12.1-basic: 12.1.0.1.0-2
oracle-instantclient12.1-sqlplus: 12.1.0.1.0-2
oracle-instantclient12.1-odbc: 12.1.0.1.0-2
Best Answer
you also need to setup the TNS_ADMIN variable to point to the folder where your files are.
example :
(it might point somewhere else by default,or depending on your environment variables, perhaps at a place with empty files). also, check your files permissions, your client need to be able to read these files (644).
and you also need to ensure that you are using the right SID for your database. do you have the NAMES.DEFAULT_DOMAIN variable setup in your sqlnet.ora file ? try appending .world to your SID in your command, such as :
and/or add this line in your sqlnet.ora too :
also, you need to check a couple of other things, is your database "registered" correctly in OID ? (it's usually done with dbca)
another thing : when you browse to OID, what do you see under "cn=OracleContext,dc=example,dc=com" ? you should have an entry with your database sid (cn=DB_SID,cn=OracleContext,dc=example,dc=com). in this entry (if it exists), you should have an "orclnetdescstring" containing your database information (host, port & SID, the real tns in fact), is this information correct ? your problem probably comes from there (wrong description string in the database entry you are trying to contact, or database not registered correctly in OID) ..
there are numerous of other checks that you need to do, let me know if the above fix your problems, ty