01-14-08, 14:43 #1Registered User
- Join Date
- Sep 2003
Unanswered: sysadm_group and active directory
We just set up a v8 DB2 Workgroup server 8.3 Windows. We want to give an active directory group (CAT) system admin in db2 with no log on rights to the box.
we have an active directory group called "CAT". CAT's members are
install_GROUP is another active directory group that is in the administrators group. this contains the installation id's. this group contains:
the DAS and DB2 instance run with db2_service as the "log on as". Our SQL people pointed us in that direction...to use active directory, you can't run your processes with a local account.
i ran :
db2 set dbm cfg sysadm_group CAT
logged on as me_tech which is a local administrator (in group install_group) which is a group in CAT which is the sysadm_group.
I cannot connect to the tables in the database (no authority).
If I add me_tech to the CAT group, everything works fine.
I take it that DB2 doesn't work with active directory within active directory?
(in my case, I can't add my install_group to the CAT group?)
Can you have more than one group in SYSADM_GROUP??
01-14-08, 15:54 #2:-)
Provided Answers: 1
- Join Date
- Jun 2003
- Toronto, Canada
I don't think DB2 supports nested groups on Windows---
"It does not work" is not a valid problem statement.