db2.user.zone_enabled

This configuration parameter specifies whether to constrain the DB2 agent authentication to zone enabled Active Directory users only. By default, the DB2 agent authenticates all Active Directory users even if the Active Directory user is not in the zone. To constrain the authentication to zone enabled Active Directory users only, add the following parameter to the /etc/centrifydc/centrifydc.conf file:

db2.user.zone_enabled.db2_instance_name: true

In this parameter, db2_instance_name is the name of the DB2 instance (for example, db2inst1).

After you add this parameter, restart the DB2 instance to pick up the new setting.