Policy Server 12.82 , Unable to connect with databse Oracle 12.2
search cancel

Policy Server 12.82 , Unable to connect with databse Oracle 12.2

book

Article ID: 145793

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction


We're running a Policy Server and this one cannot connect to ODBC User
Directory when we use the following command to test the connection :
  
  ./odbctest -dsn 'mydsn' -table 'mytable'
  -uid siteminder -pwd password -v
  
  the command fails and reports error :
  
  Connecting to mydsn
  SQLConnect: Failed...
  - return code = -1 reported
  2019-08-27 10:52:33 SQL_ERROR SQLState: 0 Native Error: -1 Message:
  [800][ODBC Oracle Wire Protocol driver][Oracle]ORA-12203: unable to connect to destination
  Disconnecting
  - return code = -1 reported
  2019-08-27 10:52:33 SQL_ERROR SQLState: 0 Native Error: 0 Message:
  [DataDirect][ODBC lib] Connection not open

How can we fix that ?

Environment


Policy Server 12.8SP3 on RedHat7;

Cause


From the network traces, we see that the odbctest tool get answer from
the first host to get connection to a second host which rejects the
connection :

tcpdump.pcap :

The command reach the first hop :

  Arrival Time: Nov 25, 2019 12:09:01.746096000 Romance Standard Time
  199 28.331893 10.0.0.2 10.0.0.6 TCP 305 34273 10001 [PSH,
  ACK] Seq=1 Ack=1 Win=29312 Len=251
  (DESCRIPTION=(CONNECT_DATA=(SERVICE_NAME=myservicename)(CID=(PROGRAM=)
   (HOST=myhost2)(USER=smuser)))(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)
    (HOST=myhost1.mydomain.com)(PORT=10001))))

and the ODBC Server request to get to the next hop :

  Arrival Time: Nov 25, 2019 12:09:01.757475000 Romance Standard Time
  201 28.343272 10.0.0.6 10.0.0.2 TCP 150 10001 34273 [PSH,
  ACK] Seq=1 Ack=252 Win=30336 Len=96
  (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost8.mydomain.com)
    (PORT=10003)))

and the command tries twice to connect to the next hop without
success :

  Arrival Time: Nov 25, 2019 12:09:01.769318000 Romance Standard Time
  213 28.355115 10.0.0.2 10.0.0.4 TCP 300 33363 10003 [PSH,
  ACK] Seq=1 Ack=1 Win=29312 Len=246
  (DESCRIPTION=(CONNECT_DATA=(SERVICE_NAME=myservicename)(CID=(PROGRAM=)
   (HOST=myhost2)(USER=smuser)))(ADDRESS_LIST=(ADDRESS=
    (PROTOCOL=TCP)(HOST=myhost8.mydomain.com)(PORT=10003))))

  Arrival Time: Nov 25, 2019 12:09:01.784378000 Romance Standard Time
  217 28.370175 10.0.0.2 10.0.0.4 TCP 300 33363 10003 [PSH,
  ACK] Seq=247 Ack=9 Win=29312 Len=246
  (DESCRIPTION=(CONNECT_DATA=(SERVICE_NAME=myservicename)(CID=(PROGRAM=)
   (HOST=myhost2)(USER=smuser)))(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)
    (HOST=myhost8.mydomain.com)(PORT=10003))))

<<<

Resolution


You have to investigate with your DB team why the DB IP and port
changes as per update from Nov 19th 2019, the ip 10.0.0.6 port 10001
get changed to 10.0.0.4 on port 10003.
Powered by Wolken Software