In a recent deployment which was on AWS EC2 VMs (this point is key to this post and it is not using AWS RDS) following error was observed when testing the ADG_ACCOUNT_INFO_TRACKING works as expected, by using a wrong password and trying to login from a standby instance and to see if it locks after FAILED_LOGIN_ATTEMPTS number of login failures.
sqlplus locktest/locktest321@testro SQL*Plus: Release 19.0.0.0.0 - Production on Tue Jan 26 13:59:45 2021 Version 19.10.0.0.0 Copyright (c) 1982, 2020, Oracle. All rights reserved. ERROR: ORA-12754: Feature 'ADG Statement Redirection' is disabled due to missing capability 'Runtime Environment'. ORA-01017: invalid username/password; logon deniedError is strange as ADG statement redirection wasn't being used. This feature was introduced in 19.1 and controlled by ADG_REDIRECT_DML. Secondly the due to the error ADG_ACCOUNT_INFO_TRACKING wasn't working as expected and one could have unlimited number of login failures.
The two parameters in concern had the following values.
adg_account_info_tracking string GLOBAL adg_redirect_dml boolean FALSESetting adg_redirect_dml to true didn't make any difference either.
Further investigations showed that dml redirecation is not avaiable on "Authorized Cloud Environments". This is mentioned in the license documentation. But nowhere on it says anything about ADG_ACCOUNT_INFO_TRACKING.
Priror to testing on AWS EC2 a similar setup was created and operational in Azure (using Azure VM). If ADG_ACCOUNT_INFO_TRACKING is also not supported in authorized cloud environment similar to dml redirection then it should fail on Azure VM setup as well.
It seems that ADG_ACCOUNT_INFO_TRACKING is using DML redirection behind the scene to update the failed login atttempt count in the primary. However, use of this is flagged as "missing capability" only when databases are craeted on AWS EC2 VMs and not on Azure VM even though license doc says dml redirection is not supported on authorized cloud environments. It seems issue is localized only to AWS EC2.
SR raised and Oracle has created internal bug 32838564 - SETTING ADG_ACCOUNT_INFO_TRACKING=GLOBAL RESULTS IN ORA-12754 IN AWS DG ENVIRONMENT and investigating.
Update 07 July 2022
Oracle confirmed that ADG_ACCOUNT_INFO_TRACKING is using dml redirection behind the scene. Since dml redirection is not allowed on cloud environment the ADG_ACCOUNT_INFO_TRACKING also fails. Bug 32838564 was closed as not a bug based on above explanation.