 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
| HomeDiscussion Groups Database Servers DB2InformixIngresMS SQLOraclePervasive.SQLPostgreSQLProgressSybaseDesktop Databases FileMakerFoxProMS AccessParadoxGeneral General DB TopicsDatabase TheoryRelated Topics Java Development.NET DevelopmentVB DevelopmentMore Topics ... |
Database Forum / DB2 Topics / May 2007how to use pam authentication in db2 udb?
As far as I know db2 uses the OS for authentication of users. We are using the pam_ldap modul for OS authentication but it seems db2 is not working correctly with this config: I've done a db2 trace of a "connect to database" and found a interesting line: 320114 | | | | | | | | | | | | | sqlexSlsSystemAuthenticate entry 320115 | | | | | | | | | | | | | | sqlexValidatePassword entry 320116 | | | | | | | | | | | | | | | osplugin_validatePassword entry 320117 | | | | | | | | | | | | | | | | osplugin_validate_password entry 320118 | | | | | | | | | | | | | | | | | sqlockpw_int2 entry 320119 | | | | | | | | | | | | | | | | | | sqlockpw_daemon_check entry 320120 | | | | | | | | | | | | | | | | | | | sqlowqueInternal entry 320121 | | | | | | | | | | | | | | | | | | | sqlowqueInternal exit 320122 | | | | | | | | | | | | | | | | | | | sqloEDUWait entry 320148 | | | | | | | | | | | | | | | | | | | sqloEDUWait exit 320149 | | | | | | | | | | | | | | | | | | sqlockpw_daemon_check exit 320150 | | | | | | | | | | | | | | | | | sqlockpw_int2 exit [rc = 0x800F0065 = -2146500507 = SQLO_BAD_PSW] 320151 | | | | | | | | | | | | | | | | | secLogMessage entry 320152 | | | | | | | | | | | | | | | | | secLogMessage data [probe 10] 0x800F0065: ========= ZRC value to map: 0x800F0065 (-2146500507) V7 Equivalent ZRC value: 0xFFFF8665 (-31131) ZRC class : SQL Error, User Error,... (Class Index: 0) Component: SQLO ; oper system services (Component Index: 15) Reason Code: 101 (0x0065) Identifer: SQLO_BAD_PSW Identifer (without component): SQLZ_RC_BADPSW Description: Password does not belong with specified user id When I'm doing a "su -" to the specified user with the specified password everything works fine. So how can I get DB2 to work with the pam authentication? > As far as I know db2 uses the OS for authentication of users. DB2 uses security plugins for authentication purposes. The default security plugin uses the underlying operating system. I'm not sure if DB2 already provides a security plugin for PAM authentication. If not, you could write your own (or find an already written one somewhere).  SignatureKnut Stolze DB2 z/OS Utilities Development IBM Germany >> As far as I know db2 uses the OS for authentication of users. > [quoted text clipped - 3 lines] > not, you could write your own (or find an already written one > somewhere). It seems there is one from Quest Software: http://rc.vintela.com/topics/db2_sys-auth/ Haven't used it myself, so YMMV. HTH SignatureJeroen >>> As far as I know db2 uses the OS for authentication of users. >> [quoted text clipped - 10 lines] > > HTH 2 related links to the Quest forum (both very recent threads): http://vintela.inside.quest.com/thread.jspa?threadID=2408 (AIX-problem with sys-auth plugin, but seems to have tips on installation settings relevant for other platforms as well) http://vintela.inside.quest.com/thread.jspa?threadID=2665 (using sys-auth plugin for DAS authentication) SignatureJeroen Thx for the links to the quest exit. I'll have a look on this plugin. |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2009 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.