m using db2 v8.1 ESE on windows.
my company implements LDAP. so when i add users in any group on my local machine(db2 server), db2 dont recognize these users.
I only know that we need to set some parameters for this to implement.
plz let me know all those parameters we need to set in the profile registry so that i can give proper privileges to my users.
Is it because you are running the DB2 services under a local account (DB2ADMIN)? We found that DB2 doesn't mix local and LDAP authentication.
If the id that the services are running under is local (DB2ADMIN), then all authentication is local and LDAP doesn't work.
Set up a LDAP "service" id (this doesn't have to be an id you can log in with). Put this ID in the same "users" and "groups" that DB2ADMIN is in. Go into the Registry and make sure that the service ID has the same rights that DB2ADMIN has (create a token object, run as a service, ect). Go into the services and change the DB2 services from running under db2admin to the new service ID, start and stop, should work.
i have got another solution, n that's working and more simpler to implement...
u only need to set some profile registry variables...
simply run the following commands...
if only this much setting is not working for you, then set these two parameters also...
if anyone know what the above two parameters means, then plz let me know also....