ORA-28353: failed to open wallet

ORA-28353: failed to open wallet

Cause: The database was unable to open the security module wallet due to an incorrect wallet path or password It is also possible that a wallet has not been created. Type mkwallet from command line for instructions.

Action: Execute the command again using the correct wallet password or verfying a wallet exists in the specified directory. If necessary, create a new wallet and initialize it.

ORA-28350: cannot encrypt the specified column recorded in CDC synchronized change table

ORA-28350: cannot encrypt the specified column recorded in CDC synchronized change table

Cause: An attempt was made to encrypt a column which is already recorded in CDC synchronized change table.

Action: drop the synchronized change table

ORA-28349: cannot encrypt the specified column recorded in the materialized view log

ORA-28349: cannot encrypt the specified column recorded in the materialized view log

Cause: An attempt was made to encrypt a column which is already recorded in the materialized view log.

Action: drop the materialized view log

ORA-28348: index defined on the specified column cannot be encrypted

ORA-28348: index defined on the specified column cannot be encrypted

Cause: An attempt was made to encrypt a column which is in a functional index, domain index, or join index.

Action: drop the index

ORA-28347: encryption properties mismatch

ORA-28347: encryption properties mismatch

Cause: An attempt was made to issue an ALTER TABLE EXCHANGE PARTITION | SUBPARTITION command, but encryption properties were mismatched.

Action: Make sure encrytion algorithms and columns keys are identical. The corresponding columns must be encrypted on both tables with the same salt and non-salt flavor.

ORA-28346: an encrypted column cannot serve as a partitioning column

ORA-28346: an encrypted column cannot serve as a partitioning column

Cause: An attempt was made to encrypt a partitioning key column or create partitioning index with encrypted columns.

Action: The column must be decrypted.

ORA-28345: cannot downgrade because there exists encrypted column

ORA-28345: cannot downgrade because there exists encrypted column

Cause: An attempt was made to downgrade when there was an encrypted column in the system.

Action: Decrypt these columns before attempting to downgrade.

ORA-28344: fails to decrypt data

ORA-28344: fails to decrypt data

Cause: data or encryption metadata may have been improperly altered or the security module may not have been properly setup

Action: none

ORA-28343: fails to encrypt data

ORA-28343: fails to encrypt data

Cause: data or encryption metadata may have been improperly altered or the security module may not have been properly setup

Action: none

ORA-28342: integrity check fails on column key

ORA-28342: integrity check fails on column key

Cause: Encryption metadata may have been improperly altered.

Action: none

ORA-28341: cannot encrypt constraint column(s) with salt

ORA-28341: cannot encrypt constraint column(s) with salt

Cause: An attempt was made to encrypt constraint columns with salt.

Action: Encrypt the constraint columns without salt.

ORA-28340: a different encryption algorithm has been chosen for the table

ORA-28340: a different encryption algorithm has been chosen for the table

Cause: Existing encrypted columns were associated with a different algorithm.

Action: No need to specify an algorithm, or specify the same one for the existing encrypted columns.

ORA-28339: missing or invalid encryption algorithm

ORA-28339: missing or invalid encryption algorithm

Cause: Encryption algorithm was missing or invalid in the user command.

Action: Must specify a valid algorithm.

ORA-28338: cannot encrypt indexed column(s) with salt

ORA-28338: cannot encrypt indexed column(s) with salt

Cause: An attempt was made to encrypt index column with salt.

Action: Alter the table and specify column encrypting without salt.

ORA-28337: the specified index may not be defined on an encrypted column

ORA-28337: the specified index may not be defined on an encrypted column

Cause: Index column was either a functional, domain, or join index.

Action: none

ORA-28336: cannot encrypt SYS owned objects

ORA-28336: cannot encrypt SYS owned objects

Cause: An attempt was made to encrypt columns in a table owned by SYS.

Action: none

ORA-28335: referenced or referencing FK constraint column cannot be encrypted

ORA-28335: referenced or referencing FK constraint column cannot be encrypted

Cause: encrypted columns were involved in the referential constraint

Action: none

ORA-28334: column is already encrypted

ORA-28334: column is already encrypted

Cause: An attempt was made to encrypt an encrypted column.

Action: none

ORA-28333: column is not encrypted

ORA-28333: column is not encrypted

Cause: An attempt was made to rekey or decrypt an unencrypted column.

Action: none

ORA-28332: cannot have more than one password for the encryption key

ORA-28332: cannot have more than one password for the encryption key

Cause: More than one password was specified in the user command.

Action: none

ORA-28331: encrypted column size too long for its data type

ORA-28331: encrypted column size too long for its data type

Cause: column was encrypted and for VARCHAR2, the length specified was lamp;gt; 3932; for CHAR, the length specified was lamp;gt; 1932; for NVARCHAR2, the length specified was lamp;gt; 1966; for NCHAR, the length specified was lamp;gt; 966;

Action: Reduce the column size.

ORA-28330: encryption is not allowed for this data type

ORA-28330: encryption is not allowed for this data type

Cause: Data type was not supported for column encryption.

Action: none

ORA-28302: User does not exist in the LDAP directory service.

ORA-28302: User does not exist in the LDAP directory service.

Cause: An attempt was made to authenticate with SSL using the user s certificate, but there was no user entry in the LDAP server that matched the user s Distinguished Name.

Action: Add an user entry whose DN matches the user s PKI DN in the LDAP directory.

ORA-28301: Domain Policy hasn t been registered for SSL authentication.

ORA-28301: Domain Policy hasn t been registered for SSL authentication.

Cause: An attempt was made to authenticate with SSL, but the database enterprise domain was not configured for SSL authentication.

Action: Modify orclDBAuthType of the server s enterprise domain entry and assign it ALL or SSL .

ORA-28300: No permission to read user entry in LDAP directory service.

ORA-28300: No permission to read user entry in LDAP directory service.

Cause: ORACLE server does not have read permission on user entries.

Action: Make sure ORACLE server is using right credentials to connect to LDAP directory services. Make sure permissions for LDAP user entries are configured correctly.

ORA-28293: No matched Kerberos Principal found in any user entry

ORA-28293: No matched Kerberos Principal found in any user entry

Cause: Oracle server fails to find the principal in the user search base

Action: Make sure the user search base is correct. Use ESM to configure the enterprise user its Kerberos principal name

ORA-28292: No Domain Policy registered for Kerberos based authentication

ORA-28292: No Domain Policy registered for Kerberos based authentication

Cause: The enterprise domain entry is not configured for Kerberos based global authentication.

Action: Modify orclDBAuthType of the database server s enterprise domain entry and assign it ALL or KRB5

ORA-28291: No Kerberos Principal Value found.

ORA-28291: No Kerberos Principal Value found.

Cause: Oracle server fails to get value of krbPrincipalName attribute

Action: Make sure user entries are correctly provisioned with correct Kerberos principal value

ORA-28290: Multiple entries found for the same Kerberos Principal Name

ORA-28290: Multiple entries found for the same Kerberos Principal Name

Cause: Multiple user entries has been configured with the same krbPrincipalName

Action: Modify enterprise user s entry to assign its Kerberos principal name Make sure the user entries in LDAP are provisioned correctly.

ORA-28280: Multiple entries for ORACLE database password exist.

ORA-28280: Multiple entries for ORACLE database password exist.

Cause: The ORACLE password attribute of a user entry has multiple entries of ORACLE database password.

Action: Make sure ORACLE password attribute has one entry for ORACLE Database password.

ORA-28279: Error reading ldap_directory_access init parameter.

ORA-28279: Error reading ldap_directory_access init parameter.

Cause: ldap_directory_access parameter is not specified corrrectly.

Action: Make sure spfile.ora has ldap_directory_access set correctly. Possible correct values are PASSWORD, SSL and NONE.

ORA-28278: No domain policy registered for password based GLOBAL users.

ORA-28278: No domain policy registered for password based GLOBAL users.

Cause: No policy about password authenticated GLOBAL users has been registered.

Action: Add attribute orclDBAuthTypes to the database server s Enterprise domain.

ORA-28277: LDAP search, while authenticating global user with passwords, failed.

ORA-28277: LDAP search, while authenticating global user with passwords, failed.

Cause: The LDAP search for finding the appropriate user entry and ORACLE password failed.

Action: Make sure LDAP directory service is up and running.

ORA-28276: Invalid ORACLE password attribute.

ORA-28276: Invalid ORACLE password attribute.

Cause: The ORACLE password attribute of a user entry has an invalid format.

Action: Make sure ORACLE password attribute value is RFC-2307 compliant.

ORA-28275: Multiple mappings for user nickname to LDAP distinguished name exist.

ORA-28275: Multiple mappings for user nickname to LDAP distinguished name exist.

Cause: The given user nickname maps to more than one LDAP distinguished name.

Action: Make sure user nickname is unique within the enterprise.

ORA-28274: No ORACLE password attribute corresponding to user nickname exists.

ORA-28274: No ORACLE password attribute corresponding to user nickname exists.

Cause: LDAP user entry corresponding to user nickname does not have a ORACLE password attribute or the attribute is not initialized.

Action: Make sure user entries in LDAP are correctly provisioned with correct ORACLE password attribute values.

ORA-28273: No mapping for user nickname to LDAP distinguished name exists.

ORA-28273: No mapping for user nickname to LDAP distinguished name exists.

Cause: ORACLE server cannot map the given user nickname to LDAP distinguished name.

Action: Make sure user entries in LDAP are correctly provisioned with correct user nickname attribute values.

ORA-28272: Domain policy restricts password based GLOBAL user authentication.

ORA-28272: Domain policy restricts password based GLOBAL user authentication.

Cause: Domain policy does not allow password-authenticated GLOBAL users.

Action: Make sure ORACLE server is using right SSL credentials to connect to LDAP directory services. Make sure orclDBAuthTypes attributes within Oracle enterprise domain object is either set to PWD or ALL.

ORA-28271: No permission to read user entry in LDAP directory service.

ORA-28271: No permission to read user entry in LDAP directory service.

Cause: ORACLE server does not have read permission on user nickname s X.500 user entry.

Action: Make sure ORACLE server is using right SSL credentials to connect to LDAP directory services. Make sure permissions for LDAP user entries are right.

ORA-28270: Malformed user nickname for password authenticated global user.

ORA-28270: Malformed user nickname for password authenticated global user.

Cause: An attempt to login as password-auuthenticated global user with a malformed user nickname.

Action: Make sure the nickname is valid and re-login.

ORA-28268: Exceeded the maximum allowed size for Context information in a session

ORA-28268: Exceeded the maximum allowed size for Context information in a session

Cause: The maximum size specified by the _session_context_size init.ora parameter was exceeded.

Action: Please change the value for _session_context_size in the init.ora file.

ORA-28267: Invalid NameSpace Value

ORA-28267: Invalid NameSpace Value

Cause: Context NameSpace conflicts with reserved key words or a secure Namespace is not allowed for this type of Application Context.

Action: Use a valid namespace.

ORA-28265: NameSpace beginning with sys_ is not allowed

ORA-28265: NameSpace beginning with sys_ is not allowed

Cause: Namespace beginning with sys_ is not allowed.

Action: Use a namespace that does not begin with sys_ .

ORA-28264: Client identifier is too long

ORA-28264: Client identifier is too long

Cause: The length of the client identifier is longer than 64

Action: Set a client identifier whose length is less than 64.

ORA-28263: Insufficient memory in global context pool

ORA-28263: Insufficient memory in global context pool

Cause: Allocations for the global context heap exceeded the value set in init.ora.

Action: Increase the value of global_context_pool_size parameter in init.ora or clear usused global context.

ORA-28262: global_context_pool_size has invalid value.

ORA-28262: global_context_pool_size has invalid value.

Cause: Parameter global_context_pool_size has a value less than the minimum required value (10K).

Action: Please specify a value for the init.ora parameter global_context_pool_size which is atleast 10k.

ORA-28261: CURRENT_USER can not be used in PLSQL Definer s Right procedure.

ORA-28261: CURRENT_USER can not be used in PLSQL Definer s Right procedure.

Cause: An attempt to retrieve CURRENT_USER using SYS_CONTEXT PLSQL interface.

Action: Use a SQL statement to query CURRENT_USER inside a DR procedure.

ORA-28239: no key provided

ORA-28239: no key provided

Cause: A NULL value was passed in as an encryption or decryption key.

Action: Provide a non-NULL value for the key.

ORA-28238: no seed provided

ORA-28238: no seed provided

Cause: A NULL value was passed in as the seed to be used in generating a key.

Action: Provide a non-NULL value for the seed.

ORA-28237: seed length too short

ORA-28237: seed length too short

Cause: The seed specified for the key generation routine must be at least 80 characters.

Action: Specify a longer seed.

ORA-28236: invalid Triple DES mode

ORA-28236: invalid Triple DES mode

Cause: An unknown value was specified for the mode in which triple DES encryption is to run.

Action: Specify a valid value. See the package declaration for a list of valid values.

ORA-28235: algorithm not available

ORA-28235: algorithm not available

Cause: The encryption algorithm desired is not available.

Action: Run the installer to install the needed algorithm in Oracle Advanced Security.

ORA-28234: key length too short

ORA-28234: key length too short

Cause: The key specified is too short for the algorithm. DES requires a key of at least 8 bytes. Triple DES requires a key of least 16 bytes in two-key mode and 24 bytes in three-key mode.

Action: Specify a longer key.

ORA-28233: double encryption not supported

ORA-28233: double encryption not supported

Cause: The obfuscation toolkit does not support the encryption of already-encrypted data.

Action: Do not attempt to encrypt already-encrypted data.

ORA-28232: invalid input length for obfuscation toolkit

ORA-28232: invalid input length for obfuscation toolkit

Cause: Length of data submitted for encryption or decryption is not a multiple of 8 bytes.

Action: Make sure that the length of the data to be encrypted or decrypted is a multiple of 8 bytes.

ORA-28231: no data passed to obfuscation toolkit

ORA-28231: no data passed to obfuscation toolkit

Cause: A NULL value was passed to a function or procedure.

Action: Make sure that the data passed is not empty.

ORA-28221: REPLACE not specified

ORA-28221: REPLACE not specified

Cause: User is changing password but password verification function is turned on and the original password is not specified and the user does not have the alter user system privilege.

Action: Supply the original password.

ORA-28201: Not enough privileges to enable application role string

ORA-28201: Not enough privileges to enable application role string

Cause: An attempt to enable application role outside the scope of the designated package

Action: Enable the role directly or indirectly using the designated package

ORA-28200: IDENTIFIED USING already specified

ORA-28200: IDENTIFIED USING already specified

Cause: The IDENTIFIED USING clause was specified twice.

Action: Use only one IDENTIFIED USING clause.

ORA-28184: global user cannot have proxy permissions managed in the directory

ORA-28184: global user cannot have proxy permissions managed in the directory

Cause: The client name specified was a global user.

Action: Use ALTER USER to change the type of user (from IDENTIFIED GLOBALLY to something else, such as IDENTIFIED BY password or IDENTIFIED EXTERNALLY).