Unanswered: How to turn off LDAP authentication and turn on operating system authencitaion again?
on test computer on DB2 Enterprise v9.5 for Linux I have installed DB2 with default db2inst1 user. Installation went ok. I created database and everything is working well.
Then I have turned on authentication to Tivoli Directory server (LDAP server) instead of operating system authentication set as default.
Db2inst1 user can connect to database but it is not a instance owner anymore. I have rebooted Linux (Windows habit) and when connecting to database I got error: "SQL1032N No start database manager command was issued. SQLSTATE=57019". OK, database manager is not up. With user db2inst1 I executed: db2start command but got error: SQL1092N "DB2INST1" does not have the authority to perform the requested command.
So I was instance owner, but now I am not an instance owner anymore. But dbm cfg settings SYSADM_GROUP is set to user group DB2IADM1 and db2inst1 user in LDAP is added to db2iadm1 LDAP user group. On Linux db2inst1 user is also added to db2iadm1 user group in file /etc/group, but this Linux user group settings is not valid because LDAP is used to authenticate.
Any idea how to turn off LDAP authentication? Because I am not an instance owner anymore I can't execute "db2set DB2_ENABLE_LDAP=NO".
I have solved the problem. I did the following:
I have corrupted /myinstance/sqllib/cfg/IBMLDAPSecurity.ini file which is Tivoli client file. I have commented lines where LDAP group is specified in ini file and DB2 was returning errors but let me be an instance owner again.
Then I have set dbm cfg GROUP_PLUGIN to NULL thanks to Stolze tip.
Then I have set dbm cfg SRVCON_PW_PLUGIN to NULL.
And db2set to DB2_ENABLE_LDAP=NO
Then I have restarted the instance and now Linux is authenticating users again.
Now first of all I have to make a backup of database...