UDB version 8.1.0 with fix pack 3 on AIX 5L
instance name = db2inst1
userid = db2inst1
password = Db2admin


I login in Unix as db2inst1.
db2inst1 > db2 connect to sample user db2inst1 using Db2admin
gives me
SQL30082N Attempt to establish connection failed with security reason "24"
("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001

db2inst1 > db2 connect to sample user db2inst1
and then enter the password Db2admin
gives me
SQL30082N Attempt to establish connection failed with security reason "24"
("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001

But
if I do
db2inst1 > db2 connect to sample
it work fine and i can work with sample database.

It is the same also if i use another unix/db2 userid:
userid = rbs
password = user1adm

I login in Unix as rbs.
rbs > db2 connect to sample user rbs using Rb2admin
gives me
SQL30082N Attempt to establish connection failed with security reason "24"
("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001

rbs > db2 connect to sample user rbs
and then enter the password user1adm
gives me
SQL30082N Attempt to establish connection failed with security reason "24"
("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001

But
if I do
rbs > db2 connect to sample
it work fine and i can work with sample database.

Also if i try with:
rbs > db2 connect to sample user db2inst1 using Db2admin
gives me
SQL30082N Attempt to establish connection failed with security reason "24"
("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001

I have try also with double o single quotes ! but not work.

db2diag.log error:
------------------------------------------------------------
2004-11-28-18.09.23.362240 Instance:db2inst1 Node:000
PID:24366(db2ckpwd 0) TID:1 Appid:none
oper system services sqlo_validate_pwd Probe:115

loginfailed() failed
0x2FF2160C : 0x0000000D ....
------------------------------------------------------------
I have also manually stop and start both, 'db2admin stop/start'
and 'db2stop/db2start'. Both works fine.

what could be the error ?

CONFIGURATION:

The passwords are correct. I can enter on userid db2inst1 or in userid rbs with that password, by telnet or by su - <userid>.
"sample" is the database name.


from get dbm cfg:

---------------------------------------------------------------------
SYSADM group name (SYSADM_GROUP) = DB2GRP1
SYSCTRL group name (SYSCTRL_GROUP) =
SYSMAINT group name (SYSMAINT_GROUP) =

Database manager authentication (AUTHENTICATION) = SERVER
Cataloging allowed without authority (CATALOG_NOAUTH) = NO
Trust all clients (TRUST_ALLCLNTS) = YES
Trusted client authentication (TRUST_CLNTAUTH) = CLIENT
Bypass federated authentication (FED_NOAUTH) = NO

Default database path (DFTDBPATH) = /home/db2inst1
---------------------------------------------------------------------

from get admin configuration command:
---------------------------------------------------------------------
Admin Server Configuration

Authentication Type DAS (AUTHENTICATION) = SERVER_ENCRYPT

DAS Administration Authority Group Name (DASADM_GROUP) = dasadm1

DAS Discovery Mode (DISCOVER) = SEARCH
Name of the DB2 Server System (DB2SYSTEM) = DDMSTEST
---------------------------------------------------------------------

the instance owner is 'db2inst1', passwd: Db2admin
prim.group db2grp1,
group set db2grp1, staff, dasadm1
the das owner is 'dasusr1', passwd: adm1inst
prim.group dasadm1,
group set 'dasadm1', staff, dasadm1

I can run 'db2srat' and 'db2stop' command only by db2inst1 userid.
I can run 'db2admin start' only by root userid.
I can run ' db2admin stop' only by dasusr1 userid.

If i tray to run the command 'db2 get authorizations' by dasusr1 userid
or by db2inst1 userid
(after connect to 'sample' database) i have this:
---------------------------------------------------------------------
from dasusr1 userid:
db2 => connect to sample
db2 => get authorizations

Administrative Authorizations for Current User

Direct SYSADM authority = NO
Direct SYSCTRL authority = NO
Direct SYSMAINT authority = NO
Direct DBADM authority = NO
Direct CREATETAB authority = NO
Direct BINDADD authority = NO
Direct CONNECT authority = NO
Direct CREATE_NOT_FENC authority = NO
Direct IMPLICIT_SCHEMA authority = NO
Direct LOAD authority = NO
Direct QUIESCE_CONNECT authority = NO
Direct CREATE_EXTERNAL_ROUTINE authority = NO

Indirect SYSADM authority = YES
Indirect SYSCTRL authority = NO
Indirect SYSMAINT authority = NO
Indirect DBADM authority = NO
Indirect CREATETAB authority = YES
Indirect BINDADD authority = YES
Indirect CONNECT authority = YES
Indirect CREATE_NOT_FENC authority = NO
Indirect IMPLICIT_SCHEMA authority = YES
Indirect LOAD authority = NO
Indirect QUIESCE_CONNECT authority = NO
Indirect CREATE_EXTERNAL_ROUTINE authority = NO

from db2inst1 userid:
db2 => connect to sample
db2 => get authorizations

Administrative Authorizations for Current User

Direct SYSADM authority = NO
Direct SYSCTRL authority = NO
Direct SYSMAINT authority = NO
Direct DBADM authority = YES
Direct CREATETAB authority = YES
Direct BINDADD authority = YES
Direct CONNECT authority = YES
Direct CREATE_NOT_FENC authority = YES
Direct IMPLICIT_SCHEMA authority = YES
Direct LOAD authority = YES
Direct QUIESCE_CONNECT authority = YES
Direct CREATE_EXTERNAL_ROUTINE authority = YES

Indirect SYSADM authority = YES
Indirect SYSCTRL authority = NO
Indirect SYSMAINT authority = NO
Indirect DBADM authority = NO
Indirect CREATETAB authority = YES
Indirect BINDADD authority = YES
Indirect CONNECT authority = YES
Indirect CREATE_NOT_FENC authority = NO
Indirect IMPLICIT_SCHEMA authority = YES
Indirect LOAD authority = NO
Indirect QUIESCE_CONNECT authority = NO
Indirect CREATE_EXTERNAL_ROUTINE authority = NO
---------------------------------------------------------------------


I have try also to grant the direct connect permission to userid rbs,
but without result.

from rbs userid:
db2 => connect to sample
db2 => get authorizations

Administrative Authorizations for Current User

Direct SYSADM authority = NO
Direct SYSCTRL authority = NO
Direct SYSMAINT authority = NO
Direct DBADM authority = NO
Direct CREATETAB authority = NO
Direct BINDADD authority = NO
Direct CONNECT authority = YES
Direct CREATE_NOT_FENC authority = NO
Direct IMPLICIT_SCHEMA authority = NO
Direct LOAD authority = NO
Direct QUIESCE_CONNECT authority = NO
Direct CREATE_EXTERNAL_ROUTINE authority = NO

Indirect SYSADM authority = YES
Indirect SYSCTRL authority = NO
Indirect SYSMAINT authority = NO
Indirect DBADM authority = NO
Indirect CREATETAB authority = YES
Indirect BINDADD authority = YES
Indirect CONNECT authority = YES
Indirect CREATE_NOT_FENC authority = NO
Indirect IMPLICIT_SCHEMA authority = YES
Indirect LOAD authority = NO
Indirect QUIESCE_CONNECT authority = NO
Indirect CREATE_EXTERNAL_ROUTINE authority = NO

hi.

You seem to have run into a funny issue.

Can u please set this for your db2inst1 user.

Direct CONNECT authority = YES

Please also post the db cfg.

You can also try setting the Authentication to SERVER and retry.

Please post your comments/observatios and probably that can give us some direction for a solution

Thanks

hi.

I have set this for my db2inst1 user.

Direct CONNECT authority = YES

$ db2 get authorizations

Administrative Authorizations for Current User

....
Direct CONNECT authority = YES
......
Indirect CONNECT authority = YES
......

Please also post the db cfg.


Database Configuration for Database

Database configuration release level = 0x0a00
Database release level = 0x0a00

Database territory = US
Database code page = 819
Database code set = ISO8859-1
Database country/region code = 1

Dynamic SQL Query management (DYN_QUERY_MGMT) = DISABLE

Discovery support for this database (DISCOVER_DB) = ENABLE

Default query optimization class (DFT_QUERYOPT) = 5
Degree of parallelism (DFT_DEGREE) = 1
Continue upon arithmetic exceptions (DFT_SQLMATHWARN) = NO
Default refresh age (DFT_REFRESH_AGE) = 0
Number of frequent values retained (NUM_FREQVALUES) = 10
Number of quantiles retained (NUM_QUANTILES) = 20

Backup pending = NO

Database is consistent = YES
Rollforward pending = NO
Restore pending = NO

Multi-page file allocation enabled = NO

Log retain for recovery status = NO
User exit for logging status = NO

............

TSM management class (TSM_MGMTCLASS) =
TSM node name (TSM_NODENAME) =
TSM owner (TSM_OWNER) =
TSM password (TSM_PASSWORD) =

You can also try setting the Authentication to SERVER and retry.



Admin Server Configuration

Authentication Type DAS (AUTHENTICATION) = SERVER_ENCRYPT

DAS Administration Authority Group Name (DASADM_GROUP) = dasadm1

DAS Discovery Mode (DISCOVER) = SEARCH
Name of the DB2 Server System (DB2SYSTEM) = DDMSTEST

Java Development Kit Installation Path DAS (JDK_PATH) = /usr/java14
Java Development Kit Installation Path DAS (JDK_64_PATH) =

DAS Code Page (DAS_CODEPAGE) = 0
DAS Territory (DAS_TERRITORY) = 0

Location of Contact List (CONTACT_HOST) =
Execute Expired Tasks (EXEC_EXP_TASK) = NO
Scheduler Mode (SCHED_ENABLE) = ON
SMTP Server (SMTP_SERVER) = ddmstest
Tools Catalog Database (TOOLSCAT_DB) = TOOLSDB
Tools Catalog Database Instance (TOOLSCAT_INST) = db2inst1
Tools Catalog Database Schema (TOOLSCAT_SCHEMA) = SYSTOOLS
Scheduler User ID =


Database Manager Configuration

Node type = Enterprise Server Edition with local and remote clients

Database manager configuration release level = 0x0a00

CPU speed (millisec/instruction) (CPUSPEED) = 1.228095e-06
Communications bandwidth (MB/sec) (COMM_BANDWIDTH) = 1.000000e+02

Max number of concurrently active databases (NUMDB) = 8
Data Links support (DATALINKS) = NO
Federated Database System Support (FEDERATED) = NO
Transaction processor monitor name (TP_MON_NAME) =

Default charge-back account (DFT_ACCOUNT_STR) =

Java Development Kit installation path (JDK_PATH) = /usr/java131

Diagnostic error capture level (DIAGLEVEL) = 3
Notify Level (NOTIFYLEVEL) = 3
Diagnostic data directory path (DIAGPATH) = /home/db2inst1/sqllib/db2dump

Default database monitor switches
Buffer pool (DFT_MON_BUFPOOL) = OFF
Lock (DFT_MON_LOCK) = OFF
Sort (DFT_MON_SORT) = OFF
Statement (DFT_MON_STMT) = OFF
Table (DFT_MON_TABLE) = OFF
Timestamp (DFT_MON_TIMESTAMP) = ON
Unit of work (DFT_MON_UOW) = OFF
Monitor health of instance and databases (HEALTH_MON) = OFF

SYSADM group name (SYSADM_GROUP) = DB2GRP1
SYSCTRL group name (SYSCTRL_GROUP) =
SYSMAINT group name (SYSMAINT_GROUP) =

Database manager authentication (AUTHENTICATION) = SERVER
Cataloging allowed without authority (CATALOG_NOAUTH) = NO
Trust all clients (TRUST_ALLCLNTS) = YES
Trusted client authentication (TRUST_CLNTAUTH) = CLIENT
Bypass federated authentication (FED_NOAUTH) = NO

Default database path (DFTDBPATH) = /home/db2inst1

Database monitor heap size (4KB) (MON_HEAP_SZ) = 90
Java Virtual Machine heap size (4KB) (JAVA_HEAP_SZ) = 2048
Audit buffer size (4KB) (AUDIT_BUF_SZ) = 0
Size of instance shared memory (4KB) (INSTANCE_MEMORY) = AUTOMATIC
Backup buffer default size (4KB) (BACKBUFSZ) = 1024
Restore buffer default size (4KB) (RESTBUFSZ) = 1024

Sort heap threshold (4KB) (SHEAPTHRES) = 20000

Directory cache support (DIR_CACHE) = YES

Application support layer heap size (4KB) (ASLHEAPSZ) = 15
Max requester I/O block size (bytes) (RQRIOBLK) = 32767
Query heap size (4KB) (QUERY_HEAP_SZ) = 1000
DRDA services heap size (4KB) (DRDA_HEAP_SZ) = 128

Workload impact by throttled utilities(UTIL_IMPACT_LIM) = 100

Priority of agents (AGENTPRI) = SYSTEM
Max number of existing agents (MAXAGENTS) = 400
Agent pool size (NUM_POOLAGENTS) = 200(calculated)
Initial number of agents in pool (NUM_INITAGENTS) = 0
Max number of coordinating agents (MAX_COORDAGENTS) = (MAXAGENTS - NUM_INITAGENTS)
Max no. of concurrent coordinating agents (MAXCAGENTS) = MAX_COORDAGENTS
Max number of client connections (MAX_CONNECTIONS) = MAX_COORDAGENTS

........

......and retry.

$ whoami
db2inst1
$ db2 connect to rbst_ux user db2inst1 using db2admin
SQL30082N Attempt to establish connection failed with security reason "24"
("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001

$ db2 connect to rbst_ux

Database Connection Information

Database server = DB2/6000 8.1.3
SQL authorization ID = DB2INST1
Local database alias = RBST_UX

THE PROBLEM IS THE SAME !!!

Thanks