Authentication Guide for IBM DB2

In DB2, user and group authentication is performed by a facility that is external to the DB2 database management system, such as the operating system, a domain controller, or a Kerberos security system. It is accomplished using dynamically loadable libraries called security plug-ins.

The default IBM DB2 username/password plug-in authenticates users only in an NIS domain or in the /etc/passwd password file. If another security plug-in has not been explicitly configured, the user credentials provided in the connection request are authenticated by the security facility on the DB2 Universal Database (UDB) server. That is, the default plug-in sends the user ID and password to the operating system for validation.


Authentication and Authorization in DB2

Install and Configure the Server

Set up the GSSAPI DB2 Client

Test the Installation

Uninstall DB2 Plug-ins

Adopt a Service Account

Next Step: