Results 1 to 5 of 5
  1. #1
    Join Date
    Jan 2013

    Unanswered: DB2 DOmain trusting issue

    Dear All,

    We have an application using Db2 v5.2 as backend in domain A. Now new domain B in the AD has been created and domain trusting is done. Now my client want to connect to database from domain B. We have created a group in domain B and that has been added into database DBgroups. But users are unable to connect to the database. I can assure there is no issue with domain trusting as some other application are connecting from new domain in sql server.

    Getting error message as "SQL1403N The username and/or password supplied is incorrect" but user and password in the domain B is working fine.We have tested the credentials by login to desktop in domain its fine.

    Please help.My config details are :

    Database manager authentication (AUTHENTICATION) = SERVER
    Cataloging allowed without authority (CATALOG_NOAUTH) = NO
    Trust all clients (TRUST_ALLCLNTS) = YES
    Trusted client authentication (TRUST_CLNTAUTH) = CLIENT

    [i] DB2_GRP_LOOKUP=local
    [g] DB2SYSTEM=********
    [g] DB2INSTDEF=DB2
    [g] DB2ADMINSERVER=*********

  2. #2
    Join Date
    Jun 2003
    Toronto, Canada
    Provided Answers: 1
    Since you have set up server authentication, the DB2 server will try to authenticate users against the domain it's in, which is A. I doubt it will (or can) reach out to domain B for authentication.

    Another issue is that you have DB2_GRP_LOOKUP=local, which means that DB2 will be looking for group membership information on the DB2 server itself, not in the domain, so creating groups in any domain won't do you any good.
    "It does not work" is not a valid problem statement.

  3. #3
    Join Date
    Apr 2012
    Provided Answers: 27
    Are you *really* using DB2 v5.2 on Windows , or is the 5 at typo?

    Depending on your true DB2 server version, you may be able to use LDAP to authenticate.

  4. #4
    Join Date
    Jan 2013
    @n_i: First time I thought like that then , I changed DB2_GRP_LOOKUP=Domain but after changing that one even the users in domain A is not able to connect ,then we revert the option to Local.
    db2mor : Its not a typo error, its very old legacy system. Please let me know if you find the any update.

    Thanks for your help.....

  5. #5
    Join Date
    Apr 2012
    Provided Answers: 27
    I suspect that you are out of luck with that old version.
    Check with the business how much they want to pay for this feature...
    Compare that to the cost of redevelopment...
    no pay no play ...perhaps.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts