Websphere security on WIN2k

[eyager]

Hey all,

I'm having a hard time finding any information on how to do security settings using the active directory on a win2k server. Anyone have anything that could help? advice, a good link.....anything. I've been searching and i'm finding nothin'

-M

 

[HubertWagner]

This are my DB2 installation notes - they might apply in your situation as well:
Active Directory:
For PC's which are member of a domain (Active Directory) the Domain Security Policy has to be modified.
Run dsa.msc from command prompt or from Start / Run and right click your domain and select Properties; goto tab "Group Policy" and edit the Default Domain Policy.

The DB2 account needs following user rights:
Act as part of the operating system
Create a token object
Debug programs
Increase quotas
Login as service
Replace process level token

The account also needs to be a member of the Administrators group and needs to have "full control" access to the C drive.

After modifying the Domain Security Policy run "secedit /refreshpolicy machine_policy /enforce" from the command prompt.

When assigning user rights for the db2 account (default: "db2admin&quot make sure you check the "Effective Settings" and not the Local Settings in the Security Policy.