Page 1 of 2 12 LastLast
Results 1 to 15 of 16
  1. #1
    Join Date
    Sep 2003
    Posts
    84

    Unanswered: problem creating DB user on AIX

    We are running V8.1 on AIX 5.1. We have set up a new user on AIX and this has been given necessary admin privileges on a database. If we log on to the OS using this user and then try connecting to the DB it connects successfully. However if we use the command :-

    connect to db user abc using xyz
    it returns SQL30082N with reason 24.

    Our dbm cfg parameters are as follows :-
    (AUTHENTICATION) = SERVER
    (CATALOG_NOAUTH) = NO
    (TRUST_ALLCLNTS) = YES
    (TRUST_CLNTAUTH) = CLIENT

    However we are able to use the users created by DB2 while creating the instance using the connect to db user abc using xyz.

    Has anyone faced this problem before or may be having an idea ?

  2. #2
    Join Date
    Jul 2003
    Location
    Austin, TX, USA
    Posts
    278

    Profile

    Hi,

    Can you please elaborate where are you trying to connect from. This would help us to understand your problem better.


    What i feel is the reason that you are not able to connect is simply because the user's profile has not been able to execute.

    Please throw more light

    Nitin

  3. #3
    Join Date
    Sep 2003
    Posts
    84

    Re: Profile

    1) The connection works if I issue :-
    connect to database ( after logging on to the server as the user of the database).

    2) The connection does not work if I log on to the server as any other user and issue the command :-
    connect to db user abc using xyz.

    3) The connection does not work if I try using this user to connect to the database.

    What are the steps in setting up the user and giving it access rights ?

    1) Set up an user on the OS from the OS
    2) Give access rights to the user from DB2.

    But these 2 steps does not set up the user for executing the db2profile.Do we need to execute it ?

  4. #4
    Join Date
    Jul 2003
    Location
    Austin, TX, USA
    Posts
    278

    Profile

    Hi,

    Yes you will need to put an entry for db2profile in the user's profile that woud set the environment for the db2user.

    Are you trying something like this

    logged in as user nitin.
    $ su abc (user i wish to connect to db2)
    $ connect to sample user abc using abc ( i assume nitin has 'su' abc so abc is the current alias). In this case probably abc's profile is not being executed hence the issue. Try su -c option.

    Please correct me if my interpretation is wrong

    Nitin.

  5. #5
    Join Date
    Sep 2003
    Posts
    84

    Re: Profile

    I was executing the db2profile manually - however now I have added it into my user's .profile.
    Here's what I am doing :-


    1 Initially I had executed the following command using the instance owner's id:-

    Grant connect on database to user abc

    2. Looging on to AIX as user abc

    3. If I say :- connect to database then it connects to the db with abc authorisation id.

    4. However, if I say :-
    connect to database user abc using abc it returns SQL30082N with RC=24.

    I am completely baffled by this and any help will be useful because this is preventing me from enforcing security on the db.

  6. #6
    Join Date
    Jul 2003
    Location
    Austin, TX, USA
    Posts
    278

    Resetting Password

    Hi Dipanjan

    Indeed the problem is really baffling.

    What I suggest is can you reset the password of the user using the db2 alter user command. Dunno the proper syntax but maybe that could be the solution.

    Secondly try and catalog the node using windows machine and there by from the graphical control center see if the schema in which the user belongs has proper rights to perform operations.

    Probably there could be a missing link there.

    Hope that helps you.

    Nitin.

  7. #7
    Join Date
    Sep 2003
    Posts
    84
    I could not find the db2 ALTER USER command . However, there is an ALTER USER MAPPING command which is associated with federated db.

    Also, I have used the control centre to check the necessary authorities for the user ( remember, it is connecting if I do not give the userid and password - so it is not an authorisation problem).

    I think it has got more to do we the interaction of DB2 with the OS when it validates the password.

  8. #8
    Join Date
    Dec 2003
    Location
    Duesseldorf - Germany - Europe - Earth - Galaxy
    Posts
    18

    Re: Profile

    Originally posted by Dipanjan
    2. Looging on to AIX as user abc
    I believe you're su-ing from root, so you've not entered any password...?

    4. However, if I say :-
    connect to database user abc using abc it returns SQL30082N with RC=24.
    Accordign to messages and codes there's no RC=24 in DB2 up tu 7.2, but that's not neccessarily true. In DB2 UDB 8 there is une, and it says:

    24 (USERNAME AND/OR PASSWORD
    INVALID)
    The username specified, password
    specified, or both, are invalid.
    User Response: Ensure that the proper userid
    and/or password is supplied.


    Did you verify the true logon with Username and Password in AIX?

    Possibly there's a damage in AIX's password database. Duplicate entries in /etc/security/passwd typically cause faults where you can reset the password w/o problem but no one can login.

    Regards,
    Volker.

    Regards,
    Volker.

  9. #9
    Join Date
    Sep 2003
    Posts
    84
    as I have mentioned in my origianl message that I can log on to the OS using the same user and pwd. Even, I can connect to the db if I say connect to db ( after I log on to the OS using this user ).

    However, only when I say connect to db user abc using pwd , it does not work.

  10. #10
    Join Date
    Apr 2003
    Posts
    191
    Hi,

    so you are saying that, from the command line,

    userabc$ db2 connect to db dbabc

    works, but

    db2inst1$ db2 connect to db dbabc user userabc

    does not, even after providing the correct password?

    In that case, I would cross check and connect through a client workstation and if that fails as well open a pmr with IBM support.

    Johann

    Originally posted by Dipanjan
    as I have mentioned in my origianl message that I can log on to the OS using the same user and pwd. Even, I can connect to the db if I say connect to db ( after I log on to the OS using this user ).

    However, only when I say connect to db user abc using pwd , it does not work.

  11. #11
    Join Date
    Sep 2003
    Posts
    84
    Johann,

    That's correct . I have tried using this user from client workstations to connect to the db and it returns SQL30082N.

  12. #12
    Join Date
    Apr 2003
    Posts
    191
    Hi,

    sorry to insist, but I guess you have tried this approach on the server as well, and if failed there as well?

    This is important to spot the problem.

    Johann

    Originally posted by Dipanjan
    Johann,

    That's correct . I have tried using this user from client workstations to connect to the db and it returns SQL30082N.

  13. #13
    Join Date
    Sep 2003
    Posts
    84
    Johann,

    no problem.

    As to the reply of your question - yes.

    I have tried using the user from both the server and the client.
    Its a bit strange that when I log on to the OS using this user ( on the server) and then issue only the connect command ( without the user and pwd ) it connects to the db which leads me to think that something (??) is wrong when DB2 goes to the OS for validating the user and pwd.

  14. #14
    Join Date
    Jul 2003
    Location
    Austin, TX, USA
    Posts
    278

    Password

    Hi,

    I hope that the OS password and the db password for the user is the same.

    Remember unlike oracle db2 needs both the passowrds to be the same.

    Else it's better you log a service request with IBM.

    Thks

    Nitin.
    HTH

    Nitin

    Ask the experienced rather than the learned

  15. #15
    Join Date
    Apr 2003
    Posts
    191
    Hi Dipanjan,

    connect from the command line tries to connect to the instance's default database, so that is OK.

    Regarding your problem, I would file a PMR with IBM support.

    Johann

    Originally posted by Dipanjan
    Johann,

    no problem.

    As to the reply of your question - yes.

    I have tried using the user from both the server and the client.
    Its a bit strange that when I log on to the OS using this user ( on the server) and then issue only the connect command ( without the user and pwd ) it connects to the db which leads me to think that something (??) is wrong when DB2 goes to the OS for validating the user and pwd.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •