DB2 Security Plugins Problem with activation...

DB_N00b · #1 (**permalink**) 02-03-12, 04:35

Hello friends,

I am trying to synchronise my AIX machine with a Microsoft Active Diretory.
At first of all I edited my ~/sqllib/cfg/IBMLDAPSecurity.ini with the necessary things it needs to have, then I configured my DBM CFG with this parameters;

update dbm cfg using srvcon_pw_plugin IBMLDAPauthserver;
update dbm cfg using clnt_pw_plugin IBMLDAPauthclient;
update dbm cfg using group_plugin IBMLDAPgroups;

after that, the IBM Information Center says to restart the Instance but there comes this error up:

db2stop
SQL1093N The user is not logged on. SQLSTATE=51017

db2start
SQL1093N The user is not logged on. SQLSTATE=51017

Does anyone have experience with this?

sathyaram_s · #2 (**permalink**) 02-07-12, 22:13

Have you checked db2diag.log file?

You may have some pointers there.

DB_N00b · #3 (**permalink**) 02-08-12, 04:20

Hmm yes, I checked it but it doesnt say much ...

2012-01-30-08.54.06.923572+060 I134185A500 LEVEL: Error
PID : 1810514 TID : 1 PROC : db2flacc
INSTANCE: db2inst6 NODE : 000
EDUID : 1
FUNCTION: DB2 UDB, bsu security, sqlexLogPluginMessage, probe:20
DATA #1 : String with size, 213 bytes
LDAP WhoAmI: can't determine LDAP user associated with
OS user 'db2inst6': LDAP error while searching for AuthID.
Userid attribute='uid' AuthID attribute='uid'
user objectClass='SVCaixLDAPReader' user base DN=''

2012-01-30-08.54.06.923733+060 E134686A690 LEVEL: Severe
PID : 1810514 TID : 1 PROC : db2flacc
INSTANCE: db2inst6 NODE : 000
EDUID : 1
FUNCTION: DB2 UDB, bsu security, sqlexGetDefaultLoginContext, probe:150
MESSAGE : ADM13001E Plug-in "IBMLDAPauthclient" received error code
"-1" from the DB2 security plug-in API "db2secGetDefaultLoginContext"
with the error message "LDAP WhoAmI: can't determine LDAP user
associated with OS user 'db2inst6': LDAP error while searching for
AuthID. Userid
attribute='uid' AuthID attribute='uid' user
objectClass='SVCaixLDAPReader' user base DN=''".