DB2 Linux authentication fails

Question

I have DB2 Express-C v10.5 instance configured to authenticate against LDAP. The LDAP sever is going to be shutdown and I should configure the same DB2 instance to use Linux authentication.

I copied users from the LDAP  server to a local Linux host running DB2. Then I did shutdown the LDAP server. After that I changed DB2 authentication settings db2 update dbm cfg using SRVCON_PW_PLUGIN IBMOSauthserver (used to be IBMLDAPauthserver before) and restarted DB2.

Applications access the database with the username db2smth (name changed due to privacy reasons). I can connect to a database with db2 connect to dbname user db2inst1 using '********' but connecting to the same database as db2smth fails:

db2 => connect to dbname user db2smth using '********'
SQL30082N Security processing failed with reason "24" ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001

su - db2smth and su - db2inst1 works fine which means that Linux authentication works fine.

How can I diagnose what's wrong with the authentication?

Answer 1

(Since the question was resurrected, I guess I'll add my 2 cents.)

I would verify, if the username conforms to the DB2 naming rules. Since you used authentication plugin previously, I suspect you could ignore those naming rules. Now that you created the user on the server directly, you need to follow them. Here's the link to the rules:

https://www.ibm.com/docs/en/db2/10.5?topic=rules-general-naming

I would specificaly check this one:

For Linux and UNIX system, characters for user names and group names must be lowercase.

I was bitten by it in the past. From what I remember the error messages don't point out this problem directly. The message could have been the one you are getting.

Answer 2

a simple answer - user db2smth need the 'connect' privilege -- you can try :

1. db2 connect to dbname user db2inst1
2. GRANT CONNECT ON DATABASE TO USER db2smth

See also: How do I grant all privileges to local db2admin with DB2 9.7 on Windows?