Just to follow up on how we worked around the problem.
At first we decided to just let our developers use the db2admin ID,
but our Network Administrators did not like the idea of db2admin
having administrator authority on the developers desktops. We still
install the db2admin user and use it to start up the DB2 services.
Then we create a new ID (i.e. dbdev) which is not an administrator on
the desktop. Then just the Network Administrators get to know the
password for db2admin. Then we create a local group (i.e. ADMGRP) on
the computer and add the ID, dbdev, to the group. Then we configure
any db2 instances and the admin instance to use SYSADM_GROUP=ADMGRP.
Then the developer connects to the database using the dbdev ID and has
the admin rights needed in DB2 but they do not have admin rights on
the computer.
klh
kl*******@kcc.usda.gov (klh) wrote in message news:<40**************************@posting.google. com>...
Our network staff has decided to implement a new user id structure of
the form "fred.smith".
We're running DB2 PE 7.1 FP7 on Windows XP.
Now any commands issued in a command window receive an SQL0567N error
saying that "fred.smith" is not a valid authorization id.
We do have a db2admin user id on each Windows XP computer and tried
starting the DB2 service with that ID, but that didn't help. We have
also tried attaching to the DB2 instance using the db2admin ID, which
is successful, but any subsequent commands issued throw the
"fred.smith" is not a valid auth id error.
My question is - Do we have to have our network staff change back to a
user id structure that does not include a ".", or is there something
else we can do? It seems that this decision was made way up the
corporate chain where they don't use DB2 PE.
Thanks in advance for your responses,
klh
