Results 1 to 3 of 3
  1. #1
    Join Date
    Sep 2006
    Posts
    105

    Unanswered: Not able to connect to db

    Hi All,

    We are using db2 v8.1 and Fixpak 11 and oslevel as Aix 5.2.0 server. In that we added one user to the already existing group say...db2grp at the oslevel.Now the user is able to logon to the server but not able to connect to the database eventhough the group..here db2grp is having connectauth privilege. He is getting error like

    SQL30082N Attempt to establish connection failed with security reason "24"
    ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001

    Any help...


    Many Thanks
    Meena.s

  2. #2
    Join Date
    Jan 2003
    Posts
    4,292
    Provided Answers: 5
    Looking up the error code:

    LCAD_KOC-->? sql30082


    SQL30082N Attempt to establish connection failed with security
    reason "<reason-code>" ("<reason-string>").

    Explanation:

    The attempt to connect to the remote database server was rejected
    due to invalid or incorrect security information. The cause of
    the security error is described by the <reason-code> and
    corresponding <reason-string> value.

    The following is a list of reason codes and corresponding reason
    strings:


    0 (NOT SPECIFIED) The specific security error is not
    specified.

    1 (PASSWORD EXPIRED) The password specified in the request has
    expired.

    2 (PASSWORD INVALID) The password specified in the request is
    not valid.

    3 (PASSWORD MISSING) The request did not include a password.

    4 (PROTOCOL VIOLATION) The request violated security
    protocols.

    5 (USERID MISSING) The request did not include a userid.

    6 (USERID INVALID) The userid specified in the request is not
    valid.

    7 (USERID REVOKED) The userid specified in the request has been
    revoked.

    8 (GROUP INVALID) The group specified in the request is not
    valid.

    9 (USERID REVOKED IN GROUP) The userid specified in the request
    has been revoked in the group.

    10 (USERID NOT IN GROUP) The userid specified in the request is
    not in the group.

    11 (USERID NOT AUTHORIZED AT REMOTE LU) The userid specified in
    the request is not authorized at the remote Logical Unit.

    12 (USERID NOT AUTHORIZED FROM LOCAL LU) The userid specified in
    the request is not authorized at the remote Logical Unit when
    coming from the local Logical Unit.

    13 (USERID NOT AUTHORIZED TO TP) The userid specified in the
    request is not authorized to access the Transaction Program.

    14 (INSTALLATION EXIT FAILED) The installation exit failed.

    15 (PROCESSING FAILURE) Security processing at the server
    failed.

    16 (NEW PASSWORD INVALID) the password specified on a change
    password request did not meet the server's requirements.

    17 (UNSUPPORTED FUNCTION) the security mechanism specified by
    the client is invalid for this server. Some typical examples:

    o The client sent a new password value to a server that does
    not support the change password function.

    o The client sent SERVER_ENCRYPT authentication information to
    a server that does not support password encryption.

    o The client sent a userid (but no password) to a server that
    does not support authentication by userid only.

    o The client has not specified an authentication type, and the
    server has not responded with a supported type. This may
    include the server returning multiple types from which the
    client is unable to choose.



    18 (NAMED PIPE ACCESS DENIED) The named pipe is inaccessible due
    to a security violation.

    19 (USERID DISABLED or RESTRICTED) The userid has been disabled,
    or the userid has been restricted from accessing the operating
    environment at this time.

    20 (MUTUAL AUTHENTICATION FAILED) The server being contacted
    failed to pass a mutual authentication check. The server is
    either an imposter, or the ticket sent back was damaged.

    21 (RESOURCE TEMPORARILY UNAVAILABLE) Security processing at the
    server was terminated because a resource was temporarily
    unavailable. For example, on AIX, no user licenses may have been
    available.

    24 (USERNAME AND/OR PASSWORD INVALID) The username specified,
    password specified, or both, are invalid.

    25 (Connection disallowed) The connection is disallowed by the
    security plugin.

    26 (Server security plugin error) Security plugin encountered an
    unexpected error on the database server.

    27 (Server security plugin error) Invalid server credential.

    28 (Server security plugin error) Server credential expired on
    the database server.

    29 (Server security plugin error) Security plugin received an
    invalid security token on the database server.

    30 (Client security plugin error) Required API is missing in the
    client security plugin.

    31 (Client security plugin error) Wrong client security plugin
    type.

    32 (Client security plugin error) No matching GSS-API security
    plugin is available on the client for connection to the
    database.

    33 (Client security plugin error) Unable to load the client
    security plugin.

    34 (Client security plugin error) Invalid client plugin name.

    35 (Client security plugin error) The version of the APIs
    reported by the client security plugin is not compatible with
    DB2

    36 (Client security plugin error) Client security plugin
    encountered an unexpected error.

    37 (Client security plugin error) Client security plugin
    encountered an invalid principal name.

    38 (Client security plugin error) Invalid client credential.

    39 (Client security plugin error) Client security plugin
    received an expired credential.

    40 (Client security plugin error) Client security plugin
    received an invalid security token.

    User Response:

    Ensure that the proper userid and/or password is supplied.

    The userid may be disabled, the userid may be restricted to
    accessing specific workstations, or the userid may be restricted
    to certain hours of operation.

    For reason code 17, retry the command with a supported
    authentication type.

    For reason code 20, make sure the authentication mechanism for
    the server is started, and retry.

    For reason code 26, 33, and 36, check the administration
    notification log file on the client and on the server for more
    information. Fix the problem identified by the error message text
    in the administration notification log.

    For reason code 27, verify that the server credential is provided
    during security plugin initialization and that it is in a format
    recognized by the security plugin. As the credential will be
    used to accept contexts, it must be an ACCEPT or BOTH
    credential.

    For reason code 28, renew the server's credential and then
    resubmit the statement. If renewing alters the credential handle,
    then a db2stop and db2start will be necessary.

    For reason code 29 and 40, resubmit the statement. If the problem
    still exists, then verify that the partner security plugin is
    generating a valid security token.

    For reason code 30, check the administration notification log
    file for the name of the required missing API. Add the missing
    API to the security plugin.

    For reason code 31, specify the right type of security plugin in
    the appropriate database manager configuration parameter. For
    example, do not specify a userid-password based security plugin
    for the SRVCON_GSSPLUGIN_LIST database manager configuration
    parameter.

    For reason code 32, install the matching security plugin that the
    database server used on the client. Ensure that the indicated
    security plugin is located in the client-plugin directory.

    For reason code 34, specify a valid security plugin name. The
    name should not contain any directory path information.

    For reason code 35, ensure that the security plugin is using a
    supported version of the APIs and that it is reporting a correct
    version number.

    For reason code 37, check the administration notification log
    file for the principal name. Make sure the prinicpal name is in a
    format that is recognized by the security plugin.

    For reason code 38, verify that the client credential (generated
    by db2secGenerateInitialCred or provided as an inbound delegated
    credential) is in a format recognized by the security plugin. As
    the credential will be used to initate contexts, it must be an
    INITIATE or BOTH credential.

    For reason code 39, the user issuing the statement must obtain
    the appropriate credentials (or re-obtain their initial
    credentials) and then resubmit the statement.

    sqlcode : -30082

    sqlstate : 08001

    Reason 24 states that the username and or password is invalid. Please check them.

    Andy

  3. #3
    Join Date
    Sep 2006
    Posts
    105
    Thanks Andy...But we have reset the password tried again faced the same problem. So removed the id from the oslevel and added the same again and now it is working fine.


    Many Thanks
    Meena.s

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •