Have installed db2 9.1 on windows 2003.

Instance owner = machine \ db2inst
machine \ db2inst part of machine \ DB2ADMNS group

Setup LDAP with cn=db2inst, dc= ....

Setup the LDAP security plugins and db2 update dbm cfg .. for plugins

Ensure plugins loaded, LDAPSecurity.ini file has all right paramters.

Question:

when I run db2start / db2stop with above config, will my local db2inst be responsible for authentication and group privileges ( as it needs to be part of DB2ADMNS group )

or does the LDAP cn=db2inst get authenticated?

I do not see any loggin in diag.log ( DIAGLEVEL and debug has been set ) indicating LDAP being contacted when db2start being run.

When I run db2 create database commands , there is a LDAP related messages in the diag.log.

If I delete db2inst from LDAP and have LDAP security plugins enabled looks like still db2start starts the instance. As if the local db2inst ( and DB2ADMNS ) is all that matters for db2start.