Results 1 to 5 of 5
  1. #1
    Join Date
    Aug 2008
    Location
    Toronto, Canada
    Posts
    2,367

    Unanswered: password for instance owner

    Do you use expiring or non-expiring password for the instance owner? Single-partitioned instances.

  2. #2
    Join Date
    May 2003
    Location
    USA
    Posts
    5,737
    Non-expiring, unless you are suicidal.
    M. A. Feldman
    IBM Certified DBA on DB2 for Linux, UNIX, and Windows
    IBM Certified DBA on DB2 for z/OS and OS/390

  3. #3
    Join Date
    Aug 2008
    Location
    Toronto, Canada
    Posts
    2,367
    As per their security standards, a user id that has SYSADM, SYSMAINT or SYSCTRL can't have a non-expiring password. So, we might have to change them all to expire. This is a headache to remember to change the password on all servers and there are quite a few.

    What happens if the instance's password get expired and we forget to change it on time? As far as I know, the instance will continue to run but any application that's using the instance id to connect to the db will get an error. Also, "sudo su - 'instance'" will fail and prompt to change the password? Will anything else be affected?

  4. #4
    Join Date
    Jun 2003
    Location
    Toronto, Canada
    Posts
    5,516
    Provided Answers: 1
    su, when run by root, does not care if the password is expired or even if the account is locked.

  5. #5
    Join Date
    Aug 2008
    Location
    Toronto, Canada
    Posts
    2,367
    We sudo from our personal id's. I'm not too worried about not being able to su to the instance owner, I'm more concerned about anything else that could be impacted if the instance's password get expired.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •