Db2 (On Premises and Cloud)

Expand all | Collapse all

Problem with DB2 Linux authentication

  • 1.  Problem with DB2 Linux authentication

    Posted Mon June 21, 2021 01:49 PM

    Hi,

    I have DB2 Express-C v10.5 instance configured to authenticate against LDAP. The LDAP sever is going to be shutdown and I should configure the same DB2 instance to use Linux authentication.

    I copied users from the LDAP  server to a local Linux host running DB2. Then I did shutdown the LDAP server. After that I changed DB2 authentication settings db2 update dbm cfg using SRVCON_PW_PLUGIN IBMOSauthserver (used to be IBMLDAPauthserver before) and restarted DB2.

    Applications access the database with the username db2smth (name changed due to privacy reasons).
    I can connect to a database with db2 connect to dbname user db2inst1 using '********' but connecting to the same database as db2smth fails:

    db2 => connect to dbname user db2smth using '********'
    
    SQL30082N Security processing failed with reason "24" ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001

    su - db2smth and su - db2inst1 works fine which means that Linux authentication works fine for both the users without LDAP.

    How can I diagnose what's wrong with the authentication?

    Best regards,

    Harri



    ------------------------------
    Harri T.
    ------------------------------


  • 2.  RE: Problem with DB2 Linux authentication

    Posted Tue June 22, 2021 03:28 AM
    Hi Harri,
    I don't know if I'm misreading your post but it looks like you should simply be using AUTHENTICATION SERVER and leaving the SRVCON* parameters to default?

    ------------------------------
    Colin Chapman
    ------------------------------



  • 3.  RE: Problem with DB2 Linux authentication

    Posted Tue June 22, 2021 12:32 PM
    Hello Harri,

    I suppose that for LDAP connection You set also parameter
    db2set DB2AUTH = OSAUTHDB

    Please check it and verify login after You unset the OSAUTHDB value and restart instance.
    Details on parameter You can find here:
    https://www.ibm.com/docs/en/db2/10.5?topic=variables-miscellaneous

    Best

    Luke

    ------------------------------
    Lukasz Czech
    ------------------------------



  • 4.  RE: Problem with DB2 Linux authentication

    Posted Tue June 22, 2021 12:32 PM

    Hi,

    can't see my previous answer.

    Please unset variable and restart instance:
    db2set DB2AUTH=OSAUTHDB

    Details:

    https://www.ibm.com/docs/en/db2/11.1?topic=variables-miscellaneous

    in 99% You had it set to use LDAP.

    Best

    Luke



    ------------------------------
    Lukasz Czech
    ------------------------------