ALLOWED LOGON VERSION CLIENT & SERVER Parameter in SQLNET

ALLOWED_LOGON_VERSION_CLIENT & ALLOWED_LOGON_VERSION_SERVER Parameter in SQLNET file of Oracle

ALLOWED_LOGON_VERSION_CLIENT
Set the minimum authentication protocol allowed for clients and when a server is acting as a client, such as connecting over a database link, when connecting to Oracle Database instances.

Note: VERSION refers to the version of the authentication protocol, not the Oracle Database release.

Error Occurred
If the version does not meet or exceed the value defined by this parameter, then
authentication fails and following errors will generated:
ORA-28040: No matching authentication protocol error

Parameter Value:
12a for Oracle Database 12c Release 1 (12.1.0.2) or later (strongest protection)
12 for the critical patch updates CPUOct2012 and later Oracle Database 11g authentication protocols (stronger protection)
11 for Oracle Database 11g authentication protocols (default)
10 for Oracle Database 10g authentication protocols
8 for Oracle8i authentication protocol

Example
If an Oracle Database 12c database hosts a database link to an Oracle Database 10g
database, then the SQLNET.ALLOWED_LOGON_VERSION_CLIENT parameter should be set as
follows in order for the database link connection to proceed:

SQLNET.ALLOWED_LOGON_VERSION_CLIENT=10

ALLOWED_LOGON_VERSION_SERVER Parameter
Set the minimum authentication protocol allowed when connecting to Oracle Database instances with password version.
Check the password version with dba_users table with column password_versions.

Error Occurred
ORA-28040: No matching authentication protocol error
ORA-03134: Connections to this server version are no longer supported error

Note:
If value of parameter is set to 8 it will permits all password versions and allows any combination of the DBA_USERS.PASSWORD_VERSIONS values 10G, 11G, and 12C
A setting of 12a permits only the 12C password version. List of password versions can be seen in DBA_USERS.PASSWORD_VERSIONS.

Example
If the client uses Oracle Database 10g, then the client will receive an ORA-03134: Connections to this server version are no longer supported error message.
To allow the connection, set the SQLNET.ALLOWED_LOGON_VERSION_SERVER value to 8.
Ensure the DBA_USERS.PASSWORD_VERSIONS value for the account contains the value 10G.
It may be necessary to reset the password for that account

SQLNET.ALLOWED_LOGON_VERSION_SERVER values
12a For oracle 12.1.0.2 or later connect to server. Password version is 12c
12 For Oracle 11.2.0.3 or later connect to server. Password version is 11g,12C
11 For Oracle 10g or later connect to server. Password version is 10G, 11G, 12C
10 For Oracle 10g or later connect to server. Password version is 10G, 11G, 12C
9 For Oracle 9i or later connect to server. Password version is 10G, 11G, 12C
8 For Oracle 8i or later connect to server. Password version is 10G, 11G, 12C

Default Value is

SQLNET.ALLOWED_LOGON_VERSION_SERVER=12

It means you can connect with 11.2.0.3 or later version to the Server and Password version belong to 11g or 12c.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.