问题描述:最近在一套oracle 19.12数据库的sqlnet.ora文件中看到以下参数,
SQLNET.ALLOWED_LOGON_VERSION_SERVER=8 SQLNET.ALLOWED_LOGON_VERSION_CLIENT=8
当时不知道具体含义,所以就有此篇文章厘清该参数的作用,注意该sqlnet.ora文件是在oracle用户下的ORACLE_HOME/network/admin目录下,
以下环境介绍,
数据库:oracle 19.12
系统:oel 7.9
环境:rac(2节点)+dg
查询Mos,发现文章Doc ID 1957995.1有做相应介绍,
异常现象:
Following an upgrade to the version 12c database,
the following errors are thrown when attempting to connect from remoteclients:
ORA-28040: No matching authentication protocol
exception
异常原因:
This issue is caused by the default setting for allowed logon version in the 12 database. Note that the SQLNET.ALLOWED_LOGON_VERSION parameter has been deprecated in 12c. That parameter has been replaced by these:
SQLNET.ALLOWED_LOGON_VERSION_SERVER=n SQLNET.ALLOWED_LOGON_VERSION_CLIENT=n
解决方案:
Set these parameters at the lowest version level that is required in your environment. For example: All clients at version 10 or higher would require this setting:
SQLNET.ALLOWED_LOGON_VERSION_SERVER=10
SQLNET.ALLOWED_LOGON_VERSION_CLIENT=10
Note that SQLNET.ALLOWED_LOGON_VERSION_CLIENT would be necessary on the server when the database is 'acting' as a client. Such as the case of a database link. There is no need to restart either the listener or the database after this change. See additional notes below.
重要提示:
1、The sqlnet.ora file that is referenced by the database is located in RDBMS_HOME/network/admin. This is by default. It will not read the sqlnet.ora file in GRID_HOME/network/admin unless TNS_ADMIN is explicitly set to point there.
2、While the version 12 documentation shows settings for this parameter as low as 8, this does not override the rules of Interoperability or Certification. See the following: Note 207303.1 Client / Server Interoperability Support Matrix for Different Oracle Versions. In other words, setting the SQLNET.ALLOWED_LOGON_VERSION_SERVER parameter to 8, 9 or 10 does not mean that version of client is going to be fully supported by Oracle Support.
3、Occasionally, we find it is necessary to restart the cluster in a RAC environment. This is atypical but may be necessary. Check the ENV at srvctl and confirm if $TNS_ADMIN is set.
相关文章:
Mos:Doc ID 402193.1
参考网址:https://blog.csdn.net/killvoon/article/details/51699945