Guest_imported
New member
- Jan 1, 1970
- 0
Problem,
when trying a remote client connection to New db2 7.2 install on IBM M-80
box running AIX 4.33, fails with :
SQL1402N Unable to authenticate user due to unexpected system error.
The local connections using the "connect to <db_name>" Works fine, but when
using "connect to <db_name> user <user> using <pwd>" Fails with sql1402N
Explaination:
This error is traced back to the server side since I set up a small test
with the sample database on the default db2 instance, as outlined below:
( environment:
instance name: db2., the box is running NIS so /etc/services has this
entry: db2 50000/tcp,
user attributes:
db2 instance owner: uid=59877(db2) gid=315(db2) groups=70012(paml) THIS IS
ALSO THE FENCED USER
db2admin owner: uid=309(pbml) gid=315(db2) groups=1(staff)
application user: uid=50001(paml) gid=315(db2)
)
as db2 instance user did:
catalog local node <host_alias>
catalog tcpip node <tns_alias> remote <host_alias> server db2
catalog database sample as samplex at node <tns_alias>
db2 terminate
db2stop
db2start
then checked a confimed the following:
> db2 list database directory
System Database Directory
Number of entries in the directory = 3
Database 1 entry:
Database alias = SAMPLEX
Database name = SAMPLE
Node name = ZX81X
Database release level = 9.00
Comment =
Directory entry type = Remote
Catalog node number = -1
Database 2 entry:
Database alias = DWCNTRL
Database name = DWCNTRL
Local database directory = /home/db2
Database release level = 9.00
Comment =
Directory entry type = Indirect
Catalog node number = 0
Database 3 entry:
Database alias = SAMPLE
Database name = SAMPLE
Local database directory = /home/db2
Database release level = 9.00
Comment =
Directory entry type = Indirect
Catalog node number = 0
&
> db2 list node directory
Node Directory
Number of entries in the directory = 2
Node 1 entry:
Node name = ZX81
Comment =
Protocol = LOCAL
Instance name = db2
Node 2 entry:
Node name = ZX81X
Comment =
Protocol = TCPIP
Hostname = zx81
Service name = db2
>db2 get dbm cfg ....
TCP/IP Service name (SVCENAME) = db2
&
Database manager authentication (AUTHENTICATION) = SERVER
Cataloging allowed without authority (CATALOG_NOAUTH) = NO
Trust all clients (TRUST_ALLCLNTS) = YES
Trusted client authentication (TRUST_CLNTAUTH) = CLIENT
Now to Test tcpip connetion ON the db2 SERVER AIX BOX, by logging in with a
local user called paml:
(paml has db2 group as it's primary group)
db2 connect to sample .. goes thru fine !
But
db2 connect to sample user paml uasing <pwd>
gives
SQL1402N Unable to authenticate user due to unexpected system error.
I set the diag level to 4 and the diag_log output is included in the text
file attached.
I have tried following suggested workarounds without any joy:
1) checked the /home/db2/sqllib/security
ls -l /home/db2/sqllib/security
total 208
-r-s--x--x 1 db2 db2 25019 19 Mar 15:40 db2aud
-rw-r--r-- 1 db2 db2 4096 19 Mar 15:40 db2audit.cfg
lrwxrwxrwx 1 root system 36 19 Mar 15:40 db2chkau ->
/usr/lpp/db2_07_01/security/db2chkau
-r-s--x--x 1 root db2 12526 19 Mar 15:40 db2chpw
-r-s--x--x 1 root db2 19972 19 Mar 15:40 db2ckpw
-r-x--s--x 1 db2 db2 33027 19 Mar 15:40 db2flacc
The db2ckpw file is owned by root and has correct perm..
2) checked for curruption on /etc/security/lastlog file by recreating it
with the same perm...
>cd /etc/security
>mv lastlog lastlog.bak
>touch lastlog
>chown root:security lastlog
>chmod 640 lastlog
ls -l lastlog
-rw-r----- 1 root security 1616 21 Mar 12:26 lastlog
3) swap space is also more than sufficient (macho=ine has
4) tried the db2iupdt command to update permissions for db2 instance
5) checked the "/" filsystem, it was Not full
Any help on this would be highly appreciated !
when trying a remote client connection to New db2 7.2 install on IBM M-80
box running AIX 4.33, fails with :
SQL1402N Unable to authenticate user due to unexpected system error.
The local connections using the "connect to <db_name>" Works fine, but when
using "connect to <db_name> user <user> using <pwd>" Fails with sql1402N
Explaination:
This error is traced back to the server side since I set up a small test
with the sample database on the default db2 instance, as outlined below:
( environment:
instance name: db2., the box is running NIS so /etc/services has this
entry: db2 50000/tcp,
user attributes:
db2 instance owner: uid=59877(db2) gid=315(db2) groups=70012(paml) THIS IS
ALSO THE FENCED USER
db2admin owner: uid=309(pbml) gid=315(db2) groups=1(staff)
application user: uid=50001(paml) gid=315(db2)
)
as db2 instance user did:
catalog local node <host_alias>
catalog tcpip node <tns_alias> remote <host_alias> server db2
catalog database sample as samplex at node <tns_alias>
db2 terminate
db2stop
db2start
then checked a confimed the following:
> db2 list database directory
System Database Directory
Number of entries in the directory = 3
Database 1 entry:
Database alias = SAMPLEX
Database name = SAMPLE
Node name = ZX81X
Database release level = 9.00
Comment =
Directory entry type = Remote
Catalog node number = -1
Database 2 entry:
Database alias = DWCNTRL
Database name = DWCNTRL
Local database directory = /home/db2
Database release level = 9.00
Comment =
Directory entry type = Indirect
Catalog node number = 0
Database 3 entry:
Database alias = SAMPLE
Database name = SAMPLE
Local database directory = /home/db2
Database release level = 9.00
Comment =
Directory entry type = Indirect
Catalog node number = 0
&
> db2 list node directory
Node Directory
Number of entries in the directory = 2
Node 1 entry:
Node name = ZX81
Comment =
Protocol = LOCAL
Instance name = db2
Node 2 entry:
Node name = ZX81X
Comment =
Protocol = TCPIP
Hostname = zx81
Service name = db2
>db2 get dbm cfg ....
TCP/IP Service name (SVCENAME) = db2
&
Database manager authentication (AUTHENTICATION) = SERVER
Cataloging allowed without authority (CATALOG_NOAUTH) = NO
Trust all clients (TRUST_ALLCLNTS) = YES
Trusted client authentication (TRUST_CLNTAUTH) = CLIENT
Now to Test tcpip connetion ON the db2 SERVER AIX BOX, by logging in with a
local user called paml:
(paml has db2 group as it's primary group)
db2 connect to sample .. goes thru fine !
But
db2 connect to sample user paml uasing <pwd>
gives
SQL1402N Unable to authenticate user due to unexpected system error.
I set the diag level to 4 and the diag_log output is included in the text
file attached.
I have tried following suggested workarounds without any joy:
1) checked the /home/db2/sqllib/security
ls -l /home/db2/sqllib/security
total 208
-r-s--x--x 1 db2 db2 25019 19 Mar 15:40 db2aud
-rw-r--r-- 1 db2 db2 4096 19 Mar 15:40 db2audit.cfg
lrwxrwxrwx 1 root system 36 19 Mar 15:40 db2chkau ->
/usr/lpp/db2_07_01/security/db2chkau
-r-s--x--x 1 root db2 12526 19 Mar 15:40 db2chpw
-r-s--x--x 1 root db2 19972 19 Mar 15:40 db2ckpw
-r-x--s--x 1 db2 db2 33027 19 Mar 15:40 db2flacc
The db2ckpw file is owned by root and has correct perm..
2) checked for curruption on /etc/security/lastlog file by recreating it
with the same perm...
>cd /etc/security
>mv lastlog lastlog.bak
>touch lastlog
>chown root:security lastlog
>chmod 640 lastlog
ls -l lastlog
-rw-r----- 1 root security 1616 21 Mar 12:26 lastlog
3) swap space is also more than sufficient (macho=ine has
4) tried the db2iupdt command to update permissions for db2 instance
5) checked the "/" filsystem, it was Not full
Any help on this would be highly appreciated !