Expand all | Collapse all


  • 1.  Authenfication

    Posted Thu February 18, 2021 09:02 AM
    Hi to All

    on onconfig :

    i want to use two different authentification methods  for the same server : OS USER and INTERNAL USER, is is possible ?

    DBSERVERNAME db_serv        (OS USER)

    on sqlhosts

    db_serv onsoctcp  host_ip host_port_1
    db_net   onsoctcp  host_ip host_port_2

    thanks :)

    John Smith

  • 2.  RE: Authenfication

    Posted Thu February 18, 2021 09:15 AM

    You can have PAM on one port and no PAM on the other


    Outside of that I'm not aware of any other options but I've never really looked. 


    But I suspect you do something within sysdbopen to block internal users from db_serv – again never tried





  • 3.  RE: Authenfication

    Posted Thu February 18, 2021 09:30 AM
    Thank you Paul

    John Smith

  • 4.  RE: Authenfication

    Posted Thu February 18, 2021 09:28 AM
    As it stands, any default port would do both, internal and OS user authentication.
    Should OS auth be done through PAM, so on an Informix port configured to use PAM, no internal users could connect on that port.

    (One could argue why not allowing internal auth on a PAM port, esp. if that's configured to do simple OS auth only, but that's not implemented as of now.)

    So, to your question: you'd not even need those two separate ports - but could of course do it this way.
    What would not be possible, I think, is restricting such port to either only OS auth or only internal auth.

    Andreas Legner

  • 5.  RE: Authenfication

    Posted Thu February 18, 2021 10:10 AM
    Edited by John Smith Thu February 18, 2021 10:13 AM
    still thinking about auth. methods, i think i was going the wrong way :(

    In fact i'm looking for a method where i can hide the user password, on a client server, similar to oracle wallet

    i know i can go on LDAP authentifaction (with MS Active directory for example) so no password need , just interacting with LDAP Server

    but i m also looking another  "informix way :)"

    John Smith