Oracle FAQ Your Portal to the Oracle Knowledge Grid

Home -> Community -> Mailing Lists -> Oracle-L -> RE: Radius/Oracle

RE: Radius/Oracle

From: Marc Giuliani <>
Date: Wed, 13 Jun 2007 12:48:00 -0400
Message-ID: <>

Thank you Debi,

After changing the key about 25 times, and making it shorter than 15 char's (it was 17 char's), and removing the special characters it seems to be working now.

Thanks for your advice.


-----Original Message-----
From: "Debi Lorraine" <> To: <>, <> Date: Wed, 13 Jun 2007 08:17:02 -0700
Subject: RE: Radius/Oracle

Sorry for the late response. Did you ever get this issue resolved? I use radius authentication in some of our databases. It appears you have all the oracle pieces configured correctly. Our radius server is set up and maintained by others. You might try a simpler password and verify that it doesn’t have symbols.

From: [] On Behalf Of Marc Giuliani
Sent: Monday, June 11, 2007 6:54 AM
Subject: Radius/Oracle  

Has anyone had any experience with Radius and Oracle? I am having an issue getting Oracle and Radius to communicate correctly. I have Oracle 10G installed on RHEL Linux 4 ES and also have Radius installed on the same server. Radius is in turn connecting to LDAP and I verified using the radtest and radclient utilities that there is a successful connection and authentication between Radius and LDAP. I have verified using the adapters command that the Radius adapters are installed for Oracle.
I have created a user identified externally and granted connect and resource and when I attempt to connect I get an invalid id/password error...although when using the radius test utilities with the same password it works. I have verified that the remote_os_auth=false and os_authent_prefix= " ". When I attempt an Oracle Sqlplus connection using the id I created the Radius server log has this message:
"WARNING: Unprintable characters in the password. ? Double-check the shared secret on the server and the NAS!"
I have verified the "secret" on the Radius server in the clients.conf matches the data in the radius.key file on the Oracle Server and I used netmgr to create the the sqlnet.ora file and it has:  


/u01/app/oracle/product/10.2.0/RACF2/network/security/radius.key SQLNET.RADIUS_AUTHENTICATION_TIMEOUT = 10 SQLNET.AUTHENTICATION_SERVICES= (BEQ, TCPS, RADIUS, NTS) NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)   Looking at a trace file the lines that stand out are:
[08-JUN-2007 15:55:51:153] nspsend: 00 00 35 4F 52 41 2D 32 |..5ORA-2|
[08-JUN-2007 15:55:51:153] nspsend: 38 30 33 35 3A 20 43 61 |8035:.Ca|
[08-JUN-2007 15:55:51:153] nspsend: 6E 6E 6F 74 20 47 65 74 |nnot.Get|
[08-JUN-2007 15:55:51:153] nspsend: 20 53 65 73 73 69 6F 6E |.Session|
[08-JUN-2007 15:55:51:153] nspsend: 20 4B 65 79 20 66 6F 72 |.Key.for|
[08-JUN-2007 15:55:51:153] nspsend: 20 41 75 74 68 65 6E 74 |.Authent|
[08-JUN-2007 15:55:51:153] nspsend: 69 63 61 74 69 6F 6E 0A |ication.|
Which seems to indicate a problem getting the radius.key value, I think... I have already opened a TAR with Oracle support however after over 3 weeks with out any solutions I thought I would pursue other avenues... Any ideas or suggestions would be greatly appreciated. thx Marc  
Received on Wed Jun 13 2007 - 11:48:00 CDT

Original text of this message