473,397 Members | 1,974 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > db2 database > questions > how to use pam authentication in db2 udb?

Join Bytes to post your question to a community of 473,397 software developers and data experts.

how to use pam authentication in db2 udb?

As far as I know db2 uses the OS for authentication of users.

We are using the pam_ldap modul for OS authentication but it seems db2
is not working correctly with this config:

I've done a db2 trace of a "connect to database" and found a
interesting line:

320114 | | | | | | | | | | | | | sqlexSlsSystemAuthenticate entry
320115 | | | | | | | | | | | | | | sqlexValidatePassword entry
320116 | | | | | | | | | | | | | | | osplugin_validatePassword
entry
320117 | | | | | | | | | | | | | | | | osplugin_validate_password
entry
320118 | | | | | | | | | | | | | | | | | sqlockpw_int2 entry
320119 | | | | | | | | | | | | | | | | | | sqlockpw_daemon_check
entry
320120 | | | | | | | | | | | | | | | | | | | sqlowqueInternal
entry
320121 | | | | | | | | | | | | | | | | | | | sqlowqueInternal
exit
320122 | | | | | | | | | | | | | | | | | | | sqloEDUWait entry
320148 | | | | | | | | | | | | | | | | | | | sqloEDUWait exit
320149 | | | | | | | | | | | | | | | | | | sqlockpw_daemon_check
exit
320150 | | | | | | | | | | | | | | | | | sqlockpw_int2 exit [rc =
0x800F0065 = -2146500507 = SQLO_BAD_PSW]
320151 | | | | | | | | | | | | | | | | | secLogMessage entry
320152 | | | | | | | | | | | | | | | | | secLogMessage data
[probe 10]

0x800F0065:
=========
ZRC value to map: 0x800F0065 (-2146500507)
V7 Equivalent ZRC value: 0xFFFF8665 (-31131)

ZRC class :
SQL Error, User Error,... (Class Index: 0)
Component:
SQLO ; oper system services (Component Index: 15)
Reason Code:
101 (0x0065)

Identifer:
SQLO_BAD_PSW
Identifer (without component):
SQLZ_RC_BADPSW

Description:
Password does not belong with specified user id

When I'm doing a "su -" to the specified user with the specified
password everything works fine.

So how can I get DB2 to work with the pam authentication?

Apr 27 '07 #1
4 4959
rpri122 wrote:
As far as I know db2 uses the OS for authentication of users.
DB2 uses security plugins for authentication purposes. The default security
plugin uses the underlying operating system. I'm not sure if DB2 already
provides a security plugin for PAM authentication. If not, you could write
your own (or find an already written one somewhere).

--
Knut Stolze
DB2 z/OS Utilities Development
IBM Germany
Apr 29 '07 #2
Knut Stolze wrote:
rpri122 wrote:
>As far as I know db2 uses the OS for authentication of users.

DB2 uses security plugins for authentication purposes. The default
security plugin uses the underlying operating system. I'm not sure
if DB2 already provides a security plugin for PAM authentication. If
not, you could write your own (or find an already written one
somewhere).
It seems there is one from Quest Software:
http://rc.vintela.com/topics/db2_sys-auth/

Haven't used it myself, so YMMV.

HTH

--
Jeroen
Apr 30 '07 #3
The Boss wrote:
Knut Stolze wrote:
>rpri122 wrote:
>>As far as I know db2 uses the OS for authentication of users.

DB2 uses security plugins for authentication purposes. The default
security plugin uses the underlying operating system. I'm not sure
if DB2 already provides a security plugin for PAM authentication. If
not, you could write your own (or find an already written one
somewhere).

It seems there is one from Quest Software:
http://rc.vintela.com/topics/db2_sys-auth/

Haven't used it myself, so YMMV.

HTH
2 related links to the Quest forum (both very recent threads):
http://vintela.inside.quest.com/thre...?threadID=2408
(AIX-problem with sys-auth plugin, but seems to have tips on installation
settings relevant for other platforms as well)

http://vintela.inside.quest.com/thre...?threadID=2665
(using sys-auth plugin for DAS authentication)

--
Jeroen
Apr 30 '07 #4
Thx for the links to the quest exit.

I'll have a look on this plugin.

May 2 '07 #5
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
HTTP - basic authentication example.
by: Michael Foord | last post by:
#!/usr/bin/python -u # 15-09-04 # v1.0.0 # auth_example.py # A simple script manually demonstrating basic authentication. # Copyright Michael Foord # Free to use, modify and relicense. #...
Python
8
Windows authentication
by: Bob Everland | last post by:
I have an application that is ISAPI and the only way to secure it is through NT permissions. I need to have a way to login to windows authentication so that when I get to the ISAPI application no...
ASP / Active Server Pages
6
Secure and Unsecure Web Directories using Forms Authentication
by: Billy Jacobs | last post by:
I have a website which has both secure and non-secure pages. I want to uses forms authentication. How do I accomplish this? Originally I had my web.config file in the root with Forms...
.NET Framework
9
Integrated Authentication.
by: Tom B | last post by:
In my web.config file I've specified Windows for the authentication, in IIS I've set it to Integrated Authentication. But my SQL connection is still showing Anonymous. Is there somewhere else I...
ASP.NET
0
ASP.NET Forms Authentication Best Practices
by: Anonieko Ramos | last post by:
ASP.NET Forms Authentication Best Practices Dr. Dobb's Journal February 2004 Protecting user information is critical By Douglas Reilly Douglas is the author of Designing Microsoft ASP.NET...
ASP.NET
4
Intranet and Integrated Windows Authentication
by: Andrew | last post by:
Hey all, I would like to preface my question by stating I am still learning ASP.net and while I am confident in the basics and foundation, the more advanced stuff is still a challenge. Ok....
ASP.NET
0
Web Service Authentication problem
by: Albertas | last post by:
What I'm doing wrong that I can't make my authentication to work. Here is the situation: I'm hosting a Web Service from a Windows forms application, using .NET Framework 3.0 WCF. And I want to...
.NET Framework
18
Sun Java System Directory Server Authentication
by: troywalker | last post by:
I am new to LDAP and Directory Services, and I have a project that requires me to authenticate users against a Sun Java System Directory Server in order to access the application. I have found...
C# / C Sharp
2
client authentication
by: Frank Swarbrick | last post by:
I am trying to understand "client authentication" works. My environment is DB2/UDB LUW 8.2 on zSeries SLES9 as the database server and DB2 for VSE 7.4 as the client. We currently have DB2/LUW set...
DB2 Database
5
Forms Authentication vs MembershipProvider
by: Rory Becker | last post by:
Having now created a Custom MembershipProvider that seems to work correctly with my Logon and ChangePassword controls, I am, as they say, a happy bunny. The next stange is to move on to the...
ASP.NET
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!