How to troubleshoot an ORA-28030 error

ORA-28030: Server encountered problems accessing LDAP directory service.
Cause: Unable to access LDAP directory service.
Action: Please contact your system administrator.

There are many reasons for causing this error when you are trying to login to the database with your oracle internet directory (OID) authentication. The error sample is shown as below:

SQL> conn [email protected]
Enter password:
ERROR:
ORA-28030: Server encountered problems accessing LDAP directory service


Warning: You are no longer connected to ORACLE.

Here how I usually troubleshoot this kind of issue. Two examples.

First of all, you need to enable the trace to dump the actual errors in the database:

SQL> alter system set events '28033 trace name context forever, level 9';

Sencond, regenerate the error:

SQL> conn [email protected]
Enter password:
ERROR:
ORA-28030: Server encountered problems accessing LDAP directory service

Third, disable the trace:

SQL> alter system set events '28033 trace name context off';

After checking the trace files, I found errors. This is related to the OID server lnx-ldap DNS configuration. Check /etc/hosts or DNS to make sure the OID server lnx-ldap or the port 3131 is reachable.

KZLD_ERR: failed to open connection to lnx-ldap:3131
KZLD_ERR: 28030
KZLD_ERR: failed from kzldob_open_bind.

Or you may see the error like this, this is because the wallet files were corrupted, you need to recreate the wallet, and make sure the wallet path is defined properly:

kzld_discover received ldaptype: OID
KZLD_ERR: failed to get cred from wallet
KZLD_ERR: Failed to bind to LDAP server. Err=28032
KZLD_ERR: 28032
KZLD is doing LDAP unbind
KZLD_ERR: found err from kzldini.

There are many possibilities to throw out ORA-28030, in this blog I am just simply giving you the hints for identifying the root cause.

Hope it helps!

Discover more about our expertise in the world of Oracle.