Question- Access tracker Alert says : TNS:listener does not currently know of service requested in connect descriptor . What are the troubleshooting steps for communication with the Oracle DB?
Environment Information- All Clearpass versions after 6.1 and Oracle database edition 11g
Symptoms- Authentication against Oracle db fails with the following alert on the Access Tracker
[Local User Repository] - localhost: User not found.
JBU_Oracle - 210.125.239.206: HY000 [unixODBC][Oracle][ODBC][Ora]ORA-12514: TNS:listener does not currently know of service requested in connect descriptor
Cannot select appropriate authentication method
Cause- Wrong SERVICE_NAME of Oracle DB was used as the Database name which results in the failure
Resolution- You have to configure the service name for the database and specify that as a connection parameter in the "Database Name" field
Answer- Check for the list of service names on the Oracle server using :
lsnrctl status
Ensure the service name which is used as the Database Name should match. If the service name does not exist, we will see the following error in Access Tracker Alerts :
TNS:listener does not currently know of service requested in connect descriptor
Port used by default for Oracle communication is 1521(TCP). Ensure the port is allowed across the firewall if any.
Finally if you are trying to perform an EAP-PEAP against the Oracle server ensure password is stored in cleartext or NT/LM hash format.
A screenshot for the connection details is shown below for reference :
