Authminder fails to start due to a possible DataDirect error to Oracle Database
search cancel

Authminder fails to start due to a possible DataDirect error to Oracle Database

book

Article ID: 136787

calendar_today

Updated On:

Products

CA Advanced Authentication - Strong Authentication (AuthMinder / WebFort) CA Strong Authentication CA Rapid App Security CA Risk Authentication CA Advanced Authentication

Issue/Introduction

Connectivity to Oracle Databse may fail with such footprints in the arctowebfortstartup.log and the Authminder service does not come up. 

Thu Aug 01 16:40:33.896 2019 WARNING: pid 11396 tid 11396: 2: 0: ArDBConnection::connect: Connection to database [arcotdsn_lw]. user [ARCOTUSER] failed. Error detail [SQL State:08S01, Native Code: FFFFFFFC, ODBC code: [AA][ODBC Oracle Wire Protocol driver][Oracle]Connection Dead.SQL State:HYT00, Native Code: 0, ODBC code: [AA][ODBC Oracle Wire Protocol driver]Timeout expired.SQL State:HY000, Native Code: FFFFFFFA, ODBC code: [AA][ODBC Oracle Wire Protocol driver][Oracle]Network Operation Timed Out.] 

Environment

Release : 9.x

Component : RiskMinder(Arcot RiskFort)  AuthMinder(Arcot WebFort)

Cause

The cause is a progress DataDirect issue OR a Oracle configuration  / connectivity / permissions issue and requires a DataDirect ticket to be filed by Broadcom. In general, DataDirect  will come back with an advise for collecting ODBC traces that can shed light on the underlying issue.   This document will also capture the ODBC.ini settings that once set allow one to generate the ODBC traces.. 


In this case the issue was that the Oracle DB user that was trying to connect to the Oracle database and failed to connect due to permissions issue. 


Error like such was reported in the ODBC traces. 


ORA-20001: Login Denied Not allowed to login from host <HOSTNAME>  and os user <UserName> 


Resolution


Step 1. Turn the ODBC traces like such by updating the ODBC.ini section starting with "[ODBC]"

[ODBC]

Trace=1

TraceFile=<desired location of the trace>/odbctrace.out


EnablePacketLogging=1

PacketLoggingMode=1

PacketLoggingFlush=1

PacketLoggingFilePrefix=/tmp/pkt


Step 2: Share the ODBC traces (odbctrace.out) with Broadcom.


Step 3. Analyze the ODBC traces to find if this a DataDirect Driver issue or a Oracle DB configuration. Analysis will give the clue as to what went wrong as in this simple example case the traces showed a footprint like such leading to a DBA issue (to grant permission to the said user). In other cases DataDirect will provide a fix for the issue if the issue points to DataDirect driver issue. 


ORA-20001: Login Denied Not allowed to login from host <HOSTNAME>  and os user <UserName> 

Additional Information

DataDirect is a vendor to Broadcom for Oracle Database drivers that used by CA Strong and  Risk Authetication.