SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-27-2008, 06:06 AM
| ||||
| ||||
 DB2 v8 used LDAP User Id/Password on Connect I have DB2 V8.2 loaded on a Redhat Enterprise Linux version 3 (RHEL 3) box. RHEL is configured to talk to LDAP for authenticaton besides the local passwd file. I can verify this by executing an su to a User Id that exists in LDAP and not in the local /etc/passwd file. Also verified that the connection to LDAP is working by ssh into the box. The problem I have is when I try to connect to a local DB2 Database using a User Id and Password in LDAP, I get the following error: SQL30082N Attempt to establish connection failed with security reason "24" ("USERNAME AND/OR PASSWORD INVALID") SQLSTATE=08001 The connection works if I connect to the databas using a local User ID and Password on the box, but does not work if I use an LDAP User Id and Password. I know RHEL3 is talking to LDAP because I can su, ssh, etc to userids that are in LDAP. How do I configure DB2 to work with User Ids and Passwords in LDAP? It appears that it is only using the local /etc/passwd file. I have checked the various /etc/pamd.d files and they appear correct. Thanks for any help.      |
|
02-27-2008, 06:06 AM
| |||
| |||
| Re: DB2 v8 used LDAP User Id/Password on Connect Terry Miller wrote: > I have DB2 V8.2 loaded on a Redhat Enterprise Linux version 3 (RHEL 3) box. > RHEL is configured to talk to LDAP for authenticaton besides the local > passwd file. I can verify this by executing an su to a User Id that exists > in LDAP and not in the local /etc/passwd file. Also verified that the > connection to LDAP is working by ssh into the box. > > The problem I have is when I try to connect to a local DB2 Database using a > User Id and Password in LDAP, I get the following error: > SQL30082N Attempt to establish connection failed with security reason > "24" ("USERNAME AND/OR PASSWORD INVALID") SQLSTATE=08001 > > The connection works if I connect to the databas using a local User ID and > Password on the box, but does not work if I use an LDAP User Id and > Password. I know RHEL3 is talking to LDAP because I can su, ssh, etc to > userids that are in LDAP. > > How do I configure DB2 to work with User Ids and Passwords in LDAP? > It appears that it is only using the local /etc/passwd file. > > I have checked the various /etc/pamd.d files and they appear correct. > > Thanks for any help. > In order to get LDAP support in DB2 UDB you must be on at least 8.2 and you must code a PIM exit. See http://www-128.ibm.com/developerwork.../dm-0512chong/ Larry Edelstein |
|
02-27-2008, 06:07 AM
| |||
| |||
| Re: DB2 v8 used LDAP User Id/Password on Connect Larry wrote: > Terry Miller wrote: > >> I have DB2 V8.2 loaded on a Redhat Enterprise Linux version 3 (RHEL 3) >> box. RHEL is configured to talk to LDAP for authenticaton besides the >> local >> passwd file. I can verify this by executing an su to a User Id that >> exists >> in LDAP and not in the local /etc/passwd file. Also verified that the >> connection to LDAP is working by ssh into the box. >> >> The problem I have is when I try to connect to a local DB2 Database using >> a User Id and Password in LDAP, I get the following error: >> SQL30082N Attempt to establish connection failed with security reason >> "24" ("USERNAME AND/OR PASSWORD INVALID") SQLSTATE=08001 >> >> The connection works if I connect to the databas using a local User ID >> and Password on the box, but does not work if I use an LDAP User Id and >> Password. I know RHEL3 is talking to LDAP because I can su, ssh, etc to >> userids that are in LDAP. >> >> How do I configure DB2 to work with User Ids and Passwords in LDAP? >> It appears that it is only using the local /etc/passwd file. >> >> I have checked the various /etc/pamd.d files and they appear correct. >> >> Thanks for any help. >> > In order to get LDAP support in DB2 UDB you must be on at least 8.2 and > you must code a PIM exit. See > > http://www-128.ibm.com/developerwork.../dm-0512chong/ > > Larry Edelstein Thanks for the reponse, I have one more question. I am running DB2 V8.2.3. Even though the underlying operating system is configured and talking to LDAP, DB2 still requires that I could a plug-in module to authenticate against LDAP? I assumed since the OS was configured and talking to LDAP and DB2 uses the underlying OS for authentication that it would work. Terry |
|
02-27-2008, 06:07 AM
| |||
| |||
| Re: DB2 v8 used LDAP User Id/Password on Connect Terry Miller wrote: > Larry wrote: > > >>Terry Miller wrote: >> >> >>>I have DB2 V8.2 loaded on a Redhat Enterprise Linux version 3 (RHEL 3) >>>box. RHEL is configured to talk to LDAP for authenticaton besides the >>>local >>>passwd file. I can verify this by executing an su to a User Id that >>>exists >>>in LDAP and not in the local /etc/passwd file. Also verified that the >>>connection to LDAP is working by ssh into the box. >>> >>>The problem I have is when I try to connect to a local DB2 Database using >>>a User Id and Password in LDAP, I get the following error: >>>SQL30082N Attempt to establish connection failed with security reason >>>"24" ("USERNAME AND/OR PASSWORD INVALID") SQLSTATE=08001 >>> >>>The connection works if I connect to the databas using a local User ID >>>and Password on the box, but does not work if I use an LDAP User Id and >>>Password. I know RHEL3 is talking to LDAP because I can su, ssh, etc to >>>userids that are in LDAP. >>> >>>How do I configure DB2 to work with User Ids and Passwords in LDAP? >>>It appears that it is only using the local /etc/passwd file. >>> >>>I have checked the various /etc/pamd.d files and they appear correct. >>> >>>Thanks for any help. >>> >> >>In order to get LDAP support in DB2 UDB you must be on at least 8.2 and >>you must code a PIM exit. See >> >> > > http://www-128.ibm.com/developerwork.../dm-0512chong/ > >>Larry Edelstein > > > Thanks for the reponse, I have one more question. > > I am running DB2 V8.2.3. Even though the underlying operating system is > configured and talking to LDAP, DB2 still requires that I could a plug-in > module to authenticate against LDAP? > > I assumed since the OS was configured and talking to LDAP and DB2 uses the > underlying OS for authentication that it would work. > > Terry Terry, perhaps someone from the lab can comment on this. I could be wrong, but in the case where the os is using LDAP, DB2 is probably looking for user/group/pw information in etc/group, etc/passwd. How would DB2 know to go to an LDAP directory instead ... unless you somehow "instructed" it to do so by changing it's authentication mechanism ... and the way one does this is by using the userexit. These are my assumptions so I'd be interested in someone correcting me if I am wrong. Larry Edelstein |
|
02-27-2008, 06:09 AM
| ||||
| ||||
| Re: DB2 v8 used LDAP User Id/Password on Connect Terry Miller wrote: > I am running DB2 V8.2.3. Even though the underlying operating system is > configured and talking to LDAP, DB2 still requires that I could a plug-in > module to authenticate against LDAP? > > I assumed since the OS was configured and talking to LDAP and DB2 uses the > underlying OS for authentication that it would work. You configured the system to allow LDAP authentication via PAM. Most of the normal system utilities (e.g., passwd) have all been made PAM-aware on Linux distributions. However, DB2 in not PAM-aware out of the box (presumably it uses the "old" getpwXXX functions), thus you have to use a custom plug-in to make DB2 use PAM. FYI, I think that there is an open-source PAM plugin for DB2 available on the net. |
 |
« IBM JDBC driver behaves differently on Linux than on Solaris
|
Which SQL's are executing and what are they waiting on? »
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 02:40 AM.
