Results 1 to 4 of 4

Thread: LDAP in db2

  1. #1
    Join Date
    Jul 2008
    Posts
    131

    Question Unanswered: LDAP in db2

    hi,
    m using db2 v8.1 ESE on windows.
    my company implements LDAP. so when i add users in any group on my local machine(db2 server), db2 dont recognize these users.
    I only know that we need to set some parameters for this to implement.
    plz let me know all those parameters we need to set in the profile registry so that i can give proper privileges to my users.

  2. #2
    Join Date
    Sep 2003
    Posts
    78
    Is it because you are running the DB2 services under a local account (DB2ADMIN)? We found that DB2 doesn't mix local and LDAP authentication.
    If the id that the services are running under is local (DB2ADMIN), then all authentication is local and LDAP doesn't work.

    Set up a LDAP "service" id (this doesn't have to be an id you can log in with). Put this ID in the same "users" and "groups" that DB2ADMIN is in. Go into the Registry and make sure that the service ID has the same rights that DB2ADMIN has (create a token object, run as a service, ect). Go into the services and change the DB2 services from running under db2admin to the new service ID, start and stop, should work.

  3. #3
    Join Date
    Jul 2008
    Posts
    131
    hi,
    i have got another solution, n that's working and more simpler to implement...
    u only need to set some profile registry variables...
    simply run the following commands...
    db2set db2_enable_ldap=yes
    db2set db2ldaphost=host_name

    if only this much setting is not working for you, then set these two parameters also...
    db2set db2_grp_lookup=local
    db2set db2_num_ckpw_daemons=0

    if anyone know what the above two parameters means, then plz let me know also....

  4. #4
    Join Date
    Sep 2003
    Posts
    78
    i believe i like your solution better myself.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •