Results 1 to 3 of 3
  1. #1
    Join Date
    Dec 2002
    Posts
    3

    Question Unanswered: authentication issues

    Hello All,

    I have an open issue with IBM, however, I was wondering if anyone else has run into this problem. We have two domains one being an nt domain and one windows 2000 domain. No matter what we do, DB2 tries to authenticate to the windows nt domain.

    The original problem started when first all of the users were migrated from our old domain to our new domain (with sid history). In addition all of the local domain groups were setup in the new domain and the users were made part of these groups. This made them look exactly like they do in the old domain. The users in the old domain were inactivated. (at this point everything continued to work fine). When security was cleaning up and removing the local domain groups from the old domain is when the problem started. What happened was is the users were getting a -551 error when they tried to do anything with the tables. Security corrected the problem by creating all of the local domain groups in the old domain and attaching the appropriate users to them.

    Let me review our environment. First all of our client databases are cataloged with client authentication. The dbm configs at the server level are also set to client authentication.

    Has anyone else run into this situation?

  2. #2
    Join Date
    Aug 2001
    Location
    UK
    Posts
    4,650

    Re: authentication issues

    bdnoble, Wondering whether you have any information regarding this to share with the forum

    Thanks

    Sathyaram

    Originally posted by bdnoble
    Hello All,

    I have an open issue with IBM, however, I was wondering if anyone else has run into this problem. We have two domains one being an nt domain and one windows 2000 domain. No matter what we do, DB2 tries to authenticate to the windows nt domain.

    The original problem started when first all of the users were migrated from our old domain to our new domain (with sid history). In addition all of the local domain groups were setup in the new domain and the users were made part of these groups. This made them look exactly like they do in the old domain. The users in the old domain were inactivated. (at this point everything continued to work fine). When security was cleaning up and removing the local domain groups from the old domain is when the problem started. What happened was is the users were getting a -551 error when they tried to do anything with the tables. Security corrected the problem by creating all of the local domain groups in the old domain and attaching the appropriate users to them.

    Let me review our environment. First all of our client databases are cataloged with client authentication. The dbm configs at the server level are also set to client authentication.

    Has anyone else run into this situation?

  3. #3
    Join Date
    Dec 2002
    Posts
    3

    Unhappy

    Nothing yet.. IBM has enlisted the help of microsoft. I need to get back to them and do some testing. I'll keep you posted.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •