Topic
  • 7 replies
  • Latest Post - ‏2013-09-10T14:22:27Z by 9RYQ_Kiran_mk
SystemAdmin
SystemAdmin
17917 Posts

Pinned topic SQL30082N Attempt to establish connection failed with security reason "24"

‏2003-11-04T17:45:35Z |
I have a DB2 Version 8 WSE installed on my W2K box.

NT Domain users are not able to connect to attach as I always get the error:
SQL30082N Attempt to establish connection failed with security reason
"24"
("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001

This is the user I log on to the machie as, and even when I issue the
command

db2 connect to sample

I get the same error.

Local users work find and I have set up the following

[e] DB2PATH=C:\usr\sqllib
[e] DB2DOMAINLIST=oem.com <== this is the domain
[i] DB2SATELLITEID=FRUSCONI-AUS-41
[i] DB2ACCOUNTNAME=FRUSCONI-AUS-41\db2admin
[i] DB2INSTOWNER=FRUSCONI-AUS-41
[i] DB2PORTRANGE=60000:60003
[i] DB2INSTPROF=C:\USR\SQLLIB
[i] DB2COMM=TCPIP
[g] DB2_DOCCDPATH=C:\usr\sqllib\
[g] DB2_GRP_LOOKUP=DOMAIN <== was trying this ( the user
belongs to the SYSADM group too!)
[g] DB2SYSTEM=FRUSCONI-AUS-41
[g] DB2PATH=C:\usr\sqllib
[g] DB2INSTDEF=DB2
[g] DB2ADMINSERVER=DB2DAS00

Am I missing something? I also saw that the instance owner should have the
following: Windows Rights
- Act as part of the operating system
- Create token object
- Increase quotas
- log on as a service
- replace a process level token

These have all been granted and rebooted the machine?!

Have I missed something?

  • SystemAdmin
    SystemAdmin
    17917 Posts

    Re: SQL30082N Attempt to establish connection failed with security reason "24"

    ‏2003-11-07T20:50:47Z  
    Frank,

    Is the DB2 server a member of the domain? You may want to simply try OEM
    instead of oem.com in your domain list. Is FRUSCONI-AUS-41 the domain
    controller, or just a server that is a member of the domain? If it is not
    the domain controller, then create the db2admin account on the domain vs.
    the db2 server.

    Did you catalog the DB w/authentication server on the clients? On the
    instance, what are the authentication settings? (Authentication,
    Trust_Allclnts, Trust_Clntauth)

    David Sarge
    DB2 Certified Administrator
    Oracle Certified DBA
    State of Georgia, Department of Revenue

    "Frank" <frusconi@bmc.com> wrote in message
    news:bo8oo4$4d5m$1@news.boulder.ibm.com...
    > I have a DB2 Version 8 WSE installed on my W2K box.
    >
    > NT Domain users are not able to connect to attach as I always get the
    error:
    > SQL30082N Attempt to establish connection failed with security reason
    > "24"
    > ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001
    >
    > This is the user I log on to the machie as, and even when I issue the
    > command
    >
    > db2 connect to sample
    >
    > I get the same error.
    >
    > Local users work find and I have set up the following
    >
    > [e] DB2PATH=C:\usr\sqllib
    > [e] DB2DOMAINLIST=oem.com <== this is the
    domain
    > [i] DB2SATELLITEID=FRUSCONI-AUS-41
    > [i] DB2ACCOUNTNAME=FRUSCONI-AUS-41\db2admin
    > [i] DB2INSTOWNER=FRUSCONI-AUS-41
    > [i] DB2PORTRANGE=60000:60003
    > [i] DB2INSTPROF=C:\USR\SQLLIB
    > [i] DB2COMM=TCPIP
    > [g] DB2_DOCCDPATH=C:\usr\sqllib\
    > [g] DB2_GRP_LOOKUP=DOMAIN <== was trying this ( the
    user
    > belongs to the SYSADM group too!)
    > [g] DB2SYSTEM=FRUSCONI-AUS-41
    > [g] DB2PATH=C:\usr\sqllib
    > [g] DB2INSTDEF=DB2
    > [g] DB2ADMINSERVER=DB2DAS00
    >
    > Am I missing something? I also saw that the instance owner should have
    the
    > following: Windows Rights
    > - Act as part of the operating system
    > - Create token object
    > - Increase quotas
    > - log on as a service
    > - replace a process level token
    >
    > These have all been granted and rebooted the machine?!
    >
    > Have I missed something?
    >
    >

  • SystemAdmin
    SystemAdmin
    17917 Posts

    Re: SQL30082N Attempt to establish connection failed with security reason "24"

    ‏2003-11-13T15:10:48Z  
    Frank,

    Is the DB2 server a member of the domain? You may want to simply try OEM
    instead of oem.com in your domain list. Is FRUSCONI-AUS-41 the domain
    controller, or just a server that is a member of the domain? If it is not
    the domain controller, then create the db2admin account on the domain vs.
    the db2 server.

    Did you catalog the DB w/authentication server on the clients? On the
    instance, what are the authentication settings? (Authentication,
    Trust_Allclnts, Trust_Clntauth)

    David Sarge
    DB2 Certified Administrator
    Oracle Certified DBA
    State of Georgia, Department of Revenue

    "Frank" <frusconi@bmc.com> wrote in message
    news:bo8oo4$4d5m$1@news.boulder.ibm.com...
    > I have a DB2 Version 8 WSE installed on my W2K box.
    >
    > NT Domain users are not able to connect to attach as I always get the
    error:
    > SQL30082N Attempt to establish connection failed with security reason
    > "24"
    > ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001
    >
    > This is the user I log on to the machie as, and even when I issue the
    > command
    >
    > db2 connect to sample
    >
    > I get the same error.
    >
    > Local users work find and I have set up the following
    >
    > [e] DB2PATH=C:\usr\sqllib
    > [e] DB2DOMAINLIST=oem.com <== this is the
    domain
    > [i] DB2SATELLITEID=FRUSCONI-AUS-41
    > [i] DB2ACCOUNTNAME=FRUSCONI-AUS-41\db2admin
    > [i] DB2INSTOWNER=FRUSCONI-AUS-41
    > [i] DB2PORTRANGE=60000:60003
    > [i] DB2INSTPROF=C:\USR\SQLLIB
    > [i] DB2COMM=TCPIP
    > [g] DB2_DOCCDPATH=C:\usr\sqllib\
    > [g] DB2_GRP_LOOKUP=DOMAIN <== was trying this ( the
    user
    > belongs to the SYSADM group too!)
    > [g] DB2SYSTEM=FRUSCONI-AUS-41
    > [g] DB2PATH=C:\usr\sqllib
    > [g] DB2INSTDEF=DB2
    > [g] DB2ADMINSERVER=DB2DAS00
    >
    > Am I missing something? I also saw that the instance owner should have
    the
    > following: Windows Rights
    > - Act as part of the operating system
    > - Create token object
    > - Increase quotas
    > - log on as a service
    > - replace a process level token
    >
    > These have all been granted and rebooted the machine?!
    >
    > Have I missed something?
    >
    >

    David,

    Thanks for the reply.

    I don't have a problem with the "db2admin" account as it is an account on
    the server. The database server is not a domain controller, just a server
    in the domain.

    The problem comes when I try to connect with a user that is a member of the
    domain, but not defined on the server itself. It just seems that DB2 (or
    maybe NT) is not able to authenticate a domain user. I do not have domain
    rights to add users, but I would like for other users on the network to
    access the databases, without having to create an ID locally for each of
    them.

    The authentication setting on the server are below.

    Database manager authentication (AUTHENTICATION) = SERVER
    Cataloging allowed without authority (CATALOG_NOAUTH) = YES
    Trust all clients (TRUST_ALLCLNTS) = YES
    Trusted client authentication (TRUST_CLNTAUTH) = CLIENT
    Bypass federated authentication (FED_NOAUTH) = NO

    "David Sarge" <etpcorp@yahoo.com> wrote in message
    news:boh0je$48ic$1@news.boulder.ibm.com...
    > Frank,
    >
    > Is the DB2 server a member of the domain? You may want to simply try
    OEM
    > instead of oem.com in your domain list. Is FRUSCONI-AUS-41 the domain
    > controller, or just a server that is a member of the domain? If it is not
    > the domain controller, then create the db2admin account on the domain vs.
    > the db2 server.
    >
    > Did you catalog the DB w/authentication server on the clients? On the
    > instance, what are the authentication settings? (Authentication,
    > Trust_Allclnts, Trust_Clntauth)
    >
    > David Sarge
    > DB2 Certified Administrator
    > Oracle Certified DBA
    > State of Georgia, Department of Revenue
    >
    > "Frank" <frusconi@bmc.com> wrote in message
    > news:bo8oo4$4d5m$1@news.boulder.ibm.com...
    > > I have a DB2 Version 8 WSE installed on my W2K box.
    > >
    > > NT Domain users are not able to connect to attach as I always get the
    > error:
    > > SQL30082N Attempt to establish connection failed with security
    reason
    > > "24"
    > > ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001
    > >
    > > This is the user I log on to the machie as, and even when I issue the
    > > command
    > >
    > > db2 connect to sample
    > >
    > > I get the same error.
    > >
    > > Local users work find and I have set up the following
    > >
    > > [e] DB2PATH=C:\usr\sqllib
    > > [e] DB2DOMAINLIST=oem.com <== this is the
    > domain
    > > [i] DB2SATELLITEID=FRUSCONI-AUS-41
    > > [i] DB2ACCOUNTNAME=FRUSCONI-AUS-41\db2admin
    > > [i] DB2INSTOWNER=FRUSCONI-AUS-41
    > > [i] DB2PORTRANGE=60000:60003
    > > [i] DB2INSTPROF=C:\USR\SQLLIB
    > > [i] DB2COMM=TCPIP
    > > [g] DB2_DOCCDPATH=C:\usr\sqllib\
    > > [g] DB2_GRP_LOOKUP=DOMAIN <== was trying this ( the
    > user
    > > belongs to the SYSADM group too!)
    > > [g] DB2SYSTEM=FRUSCONI-AUS-41
    > > [g] DB2PATH=C:\usr\sqllib
    > > [g] DB2INSTDEF=DB2
    > > [g] DB2ADMINSERVER=DB2DAS00
    > >
    > > Am I missing something? I also saw that the instance owner should have
    > the
    > > following: Windows Rights
    > > - Act as part of the operating system
    > > - Create token object
    > > - Increase quotas
    > > - log on as a service
    > > - replace a process level token
    > >
    > > These have all been granted and rebooted the machine?!
    > >
    > > Have I missed something?
    > >
    > >
    >
    >

  • SystemAdmin
    SystemAdmin
    17917 Posts

    Re: SQL30082N Attempt to establish connection failed with security reason "24"

    ‏2003-11-14T01:22:25Z  
    David,

    Thanks for the reply.

    I don't have a problem with the "db2admin" account as it is an account on
    the server. The database server is not a domain controller, just a server
    in the domain.

    The problem comes when I try to connect with a user that is a member of the
    domain, but not defined on the server itself. It just seems that DB2 (or
    maybe NT) is not able to authenticate a domain user. I do not have domain
    rights to add users, but I would like for other users on the network to
    access the databases, without having to create an ID locally for each of
    them.

    The authentication setting on the server are below.

    Database manager authentication (AUTHENTICATION) = SERVER
    Cataloging allowed without authority (CATALOG_NOAUTH) = YES
    Trust all clients (TRUST_ALLCLNTS) = YES
    Trusted client authentication (TRUST_CLNTAUTH) = CLIENT
    Bypass federated authentication (FED_NOAUTH) = NO

    "David Sarge" <etpcorp@yahoo.com> wrote in message
    news:boh0je$48ic$1@news.boulder.ibm.com...
    > Frank,
    >
    > Is the DB2 server a member of the domain? You may want to simply try
    OEM
    > instead of oem.com in your domain list. Is FRUSCONI-AUS-41 the domain
    > controller, or just a server that is a member of the domain? If it is not
    > the domain controller, then create the db2admin account on the domain vs.
    > the db2 server.
    >
    > Did you catalog the DB w/authentication server on the clients? On the
    > instance, what are the authentication settings? (Authentication,
    > Trust_Allclnts, Trust_Clntauth)
    >
    > David Sarge
    > DB2 Certified Administrator
    > Oracle Certified DBA
    > State of Georgia, Department of Revenue
    >
    > "Frank" <frusconi@bmc.com> wrote in message
    > news:bo8oo4$4d5m$1@news.boulder.ibm.com...
    > > I have a DB2 Version 8 WSE installed on my W2K box.
    > >
    > > NT Domain users are not able to connect to attach as I always get the
    > error:
    > > SQL30082N Attempt to establish connection failed with security
    reason
    > > "24"
    > > ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001
    > >
    > > This is the user I log on to the machie as, and even when I issue the
    > > command
    > >
    > > db2 connect to sample
    > >
    > > I get the same error.
    > >
    > > Local users work find and I have set up the following
    > >
    > > [e] DB2PATH=C:\usr\sqllib
    > > [e] DB2DOMAINLIST=oem.com <== this is the
    > domain
    > > [i] DB2SATELLITEID=FRUSCONI-AUS-41
    > > [i] DB2ACCOUNTNAME=FRUSCONI-AUS-41\db2admin
    > > [i] DB2INSTOWNER=FRUSCONI-AUS-41
    > > [i] DB2PORTRANGE=60000:60003
    > > [i] DB2INSTPROF=C:\USR\SQLLIB
    > > [i] DB2COMM=TCPIP
    > > [g] DB2_DOCCDPATH=C:\usr\sqllib\
    > > [g] DB2_GRP_LOOKUP=DOMAIN <== was trying this ( the
    > user
    > > belongs to the SYSADM group too!)
    > > [g] DB2SYSTEM=FRUSCONI-AUS-41
    > > [g] DB2PATH=C:\usr\sqllib
    > > [g] DB2INSTDEF=DB2
    > > [g] DB2ADMINSERVER=DB2DAS00
    > >
    > > Am I missing something? I also saw that the instance owner should have
    > the
    > > following: Windows Rights
    > > - Act as part of the operating system
    > > - Create token object
    > > - Increase quotas
    > > - log on as a service
    > > - replace a process level token
    > >
    > > These have all been granted and rebooted the machine?!
    > >
    > > Have I missed something?
    > >
    > >
    >
    >

    Have you tried

    db2set DB2_GRP_LOOKUP=domain ?
    DB2_GRP_LOOKUP Windows NT Default=null
    Values: LOCAL, DOMAIN

    This variable is used to tell DB2 where to validate user accounts and perform
    group member lookup. Set the variable to LOCAL to force DB2 to always enumerate
    groups and validate user accounts on the DB2 server. Set the variable to DOMAIN
    to force DB2 to always enumerate groups and validate user accounts on the
    Windows NT domain to which the user account belongs.

    Larry Edelstein

    Frank wrote:

    > David,
    >
    > Thanks for the reply.
    >
    > I don't have a problem with the "db2admin" account as it is an account on
    > the server. The database server is not a domain controller, just a server
    > in the domain.
    >
    > The problem comes when I try to connect with a user that is a member of the
    > domain, but not defined on the server itself. It just seems that DB2 (or
    > maybe NT) is not able to authenticate a domain user. I do not have domain
    > rights to add users, but I would like for other users on the network to
    > access the databases, without having to create an ID locally for each of
    > them.
    >
    > The authentication setting on the server are below.
    >
    > Database manager authentication (AUTHENTICATION) = SERVER
    > Cataloging allowed without authority (CATALOG_NOAUTH) = YES
    > Trust all clients (TRUST_ALLCLNTS) = YES
    > Trusted client authentication (TRUST_CLNTAUTH) = CLIENT
    > Bypass federated authentication (FED_NOAUTH) = NO
    >
    > "David Sarge" <etpcorp@yahoo.com> wrote in message
    > news:boh0je$48ic$1@news.boulder.ibm.com...
    > > Frank,
    > >
    > > Is the DB2 server a member of the domain? You may want to simply try
    > OEM
    > > instead of oem.com in your domain list. Is FRUSCONI-AUS-41 the domain
    > > controller, or just a server that is a member of the domain? If it is not
    > > the domain controller, then create the db2admin account on the domain vs.
    > > the db2 server.
    > >
    > > Did you catalog the DB w/authentication server on the clients? On the
    > > instance, what are the authentication settings? (Authentication,
    > > Trust_Allclnts, Trust_Clntauth)
    > >
    > > David Sarge
    > > DB2 Certified Administrator
    > > Oracle Certified DBA
    > > State of Georgia, Department of Revenue
    > >
    > > "Frank" <frusconi@bmc.com> wrote in message
    > > news:bo8oo4$4d5m$1@news.boulder.ibm.com...
    > > > I have a DB2 Version 8 WSE installed on my W2K box.
    > > >
    > > > NT Domain users are not able to connect to attach as I always get the
    > > error:
    > > > SQL30082N Attempt to establish connection failed with security
    > reason
    > > > "24"
    > > > ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001
    > > >
    > > > This is the user I log on to the machie as, and even when I issue the
    > > > command
    > > >
    > > > db2 connect to sample
    > > >
    > > > I get the same error.
    > > >
    > > > Local users work find and I have set up the following
    > > >
    > > > [e] DB2PATH=C:\usr\sqllib
    > > > [e] DB2DOMAINLIST=oem.com <== this is the
    > > domain
    > > > [i] DB2SATELLITEID=FRUSCONI-AUS-41
    > > > [i] DB2ACCOUNTNAME=FRUSCONI-AUS-41\db2admin
    > > > [i] DB2INSTOWNER=FRUSCONI-AUS-41
    > > > [i] DB2PORTRANGE=60000:60003
    > > > [i] DB2INSTPROF=C:\USR\SQLLIB
    > > > [i] DB2COMM=TCPIP
    > > > [g] DB2_DOCCDPATH=C:\usr\sqllib\
    > > > [g] DB2_GRP_LOOKUP=DOMAIN <== was trying this ( the
    > > user
    > > > belongs to the SYSADM group too!)
    > > > [g] DB2SYSTEM=FRUSCONI-AUS-41
    > > > [g] DB2PATH=C:\usr\sqllib
    > > > [g] DB2INSTDEF=DB2
    > > > [g] DB2ADMINSERVER=DB2DAS00
    > > >
    > > > Am I missing something? I also saw that the instance owner should have
    > > the
    > > > following: Windows Rights
    > > > - Act as part of the operating system
    > > > - Create token object
    > > > - Increase quotas
    > > > - log on as a service
    > > > - replace a process level token
    > > >
    > > > These have all been granted and rebooted the machine?!
    > > >
    > > > Have I missed something?
    > > >
    > > >
    > >
    > >
  • SystemAdmin
    SystemAdmin
    17917 Posts

    Re: SQL30082N Attempt to establish connection failed with security reason "24"

    ‏2003-11-14T14:25:10Z  
    Have you tried

    db2set DB2_GRP_LOOKUP=domain ?
    DB2_GRP_LOOKUP Windows NT Default=null
    Values: LOCAL, DOMAIN

    This variable is used to tell DB2 where to validate user accounts and perform
    group member lookup. Set the variable to LOCAL to force DB2 to always enumerate
    groups and validate user accounts on the DB2 server. Set the variable to DOMAIN
    to force DB2 to always enumerate groups and validate user accounts on the
    Windows NT domain to which the user account belongs.

    Larry Edelstein

    Frank wrote:

    > David,
    >
    > Thanks for the reply.
    >
    > I don't have a problem with the "db2admin" account as it is an account on
    > the server. The database server is not a domain controller, just a server
    > in the domain.
    >
    > The problem comes when I try to connect with a user that is a member of the
    > domain, but not defined on the server itself. It just seems that DB2 (or
    > maybe NT) is not able to authenticate a domain user. I do not have domain
    > rights to add users, but I would like for other users on the network to
    > access the databases, without having to create an ID locally for each of
    > them.
    >
    > The authentication setting on the server are below.
    >
    > Database manager authentication (AUTHENTICATION) = SERVER
    > Cataloging allowed without authority (CATALOG_NOAUTH) = YES
    > Trust all clients (TRUST_ALLCLNTS) = YES
    > Trusted client authentication (TRUST_CLNTAUTH) = CLIENT
    > Bypass federated authentication (FED_NOAUTH) = NO
    >
    > "David Sarge" <etpcorp@yahoo.com> wrote in message
    > news:boh0je$48ic$1@news.boulder.ibm.com...
    > > Frank,
    > >
    > > Is the DB2 server a member of the domain? You may want to simply try
    > OEM
    > > instead of oem.com in your domain list. Is FRUSCONI-AUS-41 the domain
    > > controller, or just a server that is a member of the domain? If it is not
    > > the domain controller, then create the db2admin account on the domain vs.
    > > the db2 server.
    > >
    > > Did you catalog the DB w/authentication server on the clients? On the
    > > instance, what are the authentication settings? (Authentication,
    > > Trust_Allclnts, Trust_Clntauth)
    > >
    > > David Sarge
    > > DB2 Certified Administrator
    > > Oracle Certified DBA
    > > State of Georgia, Department of Revenue
    > >
    > > "Frank" <frusconi@bmc.com> wrote in message
    > > news:bo8oo4$4d5m$1@news.boulder.ibm.com...
    > > > I have a DB2 Version 8 WSE installed on my W2K box.
    > > >
    > > > NT Domain users are not able to connect to attach as I always get the
    > > error:
    > > > SQL30082N Attempt to establish connection failed with security
    > reason
    > > > "24"
    > > > ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001
    > > >
    > > > This is the user I log on to the machie as, and even when I issue the
    > > > command
    > > >
    > > > db2 connect to sample
    > > >
    > > > I get the same error.
    > > >
    > > > Local users work find and I have set up the following
    > > >
    > > > [e] DB2PATH=C:\usr\sqllib
    > > > [e] DB2DOMAINLIST=oem.com <== this is the
    > > domain
    > > > [i] DB2SATELLITEID=FRUSCONI-AUS-41
    > > > [i] DB2ACCOUNTNAME=FRUSCONI-AUS-41\db2admin
    > > > [i] DB2INSTOWNER=FRUSCONI-AUS-41
    > > > [i] DB2PORTRANGE=60000:60003
    > > > [i] DB2INSTPROF=C:\USR\SQLLIB
    > > > [i] DB2COMM=TCPIP
    > > > [g] DB2_DOCCDPATH=C:\usr\sqllib\
    > > > [g] DB2_GRP_LOOKUP=DOMAIN <== was trying this ( the
    > > user
    > > > belongs to the SYSADM group too!)
    > > > [g] DB2SYSTEM=FRUSCONI-AUS-41
    > > > [g] DB2PATH=C:\usr\sqllib
    > > > [g] DB2INSTDEF=DB2
    > > > [g] DB2ADMINSERVER=DB2DAS00
    > > >
    > > > Am I missing something? I also saw that the instance owner should have
    > > the
    > > > following: Windows Rights
    > > > - Act as part of the operating system
    > > > - Create token object
    > > > - Increase quotas
    > > > - log on as a service
    > > > - replace a process level token
    > > >
    > > > These have all been granted and rebooted the machine?!
    > > >
    > > > Have I missed something?
    > > >
    > > >
    > >
    > >
    Larry,

    Yes, thanks I have that set ... tried both values, even have the domain user
    added to the local SYSADM group.

    $ db2set -all
    [e] DB2PATH=C:\usr\sqllib
    [e] DB2DOMAINLIST=OEM
    [i] DB2SATELLITEID=FRUSCONI-AUS-41
    [i] DB2ACCOUNTNAME=FRUSCONI-AUS-41\db2admin
    [i] DB2INSTOWNER=FRUSCONI-AUS-41
    [i] DB2PORTRANGE=60000:60003
    [i] DB2INSTPROF=C:\USR\SQLLIB
    [i] DB2COMM=TCPIP
    [g] DB2_DOCCDPATH=C:\usr\sqllib\
    [g] DB2_GRP_LOOKUP=DOMAIN
    [g] DB2SYSTEM=FRUSCONI-AUS-41
    [g] DB2PATH=C:\usr\sqllib
    [g] DB2INSTDEF=DB2
    [g] DB2ADMINSERVER=DB2DAS00

    "Larry" <nospam@nospam.com> wrote in message
    news:3FB42E51.58B19615@nospam.com...
    > Have you tried
    >
    > db2set DB2_GRP_LOOKUP=domain ?
    >
    >
    > DB2_GRP_LOOKUP Windows NT Default=null
    > Values: LOCAL, DOMAIN
    >
    > This variable is used to tell DB2 where to validate user accounts and
    perform
    > group member lookup. Set the variable to LOCAL to force DB2 to always
    enumerate
    > groups and validate user accounts on the DB2 server. Set the variable to
    DOMAIN
    > to force DB2 to always enumerate groups and validate user accounts on the
    > Windows NT domain to which the user account belongs.
    >
    > Larry Edelstein
    >
    > Frank wrote:
    >
    > > David,
    > >
    > > Thanks for the reply.
    > >
    > > I don't have a problem with the "db2admin" account as it is an account
    on
    > > the server. The database server is not a domain controller, just a
    server
    > > in the domain.
    > >
    > > The problem comes when I try to connect with a user that is a member of
    the
    > > domain, but not defined on the server itself. It just seems that DB2
    (or
    > > maybe NT) is not able to authenticate a domain user. I do not have
    domain
    > > rights to add users, but I would like for other users on the network to
    > > access the databases, without having to create an ID locally for each of
    > > them.
    > >
    > > The authentication setting on the server are below.
    > >
    > > Database manager authentication (AUTHENTICATION) = SERVER
    > > Cataloging allowed without authority (CATALOG_NOAUTH) = YES
    > > Trust all clients (TRUST_ALLCLNTS) = YES
    > > Trusted client authentication (TRUST_CLNTAUTH) = CLIENT
    > > Bypass federated authentication (FED_NOAUTH) = NO
    > >
    > > "David Sarge" <etpcorp@yahoo.com> wrote in message
    > > news:boh0je$48ic$1@news.boulder.ibm.com...
    > > > Frank,
    > > >
    > > > Is the DB2 server a member of the domain? You may want to simply
    try
    > > OEM
    > > > instead of oem.com in your domain list. Is FRUSCONI-AUS-41 the domain
    > > > controller, or just a server that is a member of the domain? If it is
    not
    > > > the domain controller, then create the db2admin account on the domain
    vs.
    > > > the db2 server.
    > > >
    > > > Did you catalog the DB w/authentication server on the clients? On the
    > > > instance, what are the authentication settings? (Authentication,
    > > > Trust_Allclnts, Trust_Clntauth)
    > > >
    > > > David Sarge
    > > > DB2 Certified Administrator
    > > > Oracle Certified DBA
    > > > State of Georgia, Department of Revenue
    > > >
    > > > "Frank" <frusconi@bmc.com> wrote in message
    > > > news:bo8oo4$4d5m$1@news.boulder.ibm.com...
    > > > > I have a DB2 Version 8 WSE installed on my W2K box.
    > > > >
    > > > > NT Domain users are not able to connect to attach as I always get
    the
    > > > error:
    > > > > SQL30082N Attempt to establish connection failed with security
    > > reason
    > > > > "24"
    > > > > ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001
    > > > >
    > > > > This is the user I log on to the machie as, and even when I issue
    the
    > > > > command
    > > > >
    > > > > db2 connect to sample
    > > > >
    > > > > I get the same error.
    > > > >
    > > > > Local users work find and I have set up the following
    > > > >
    > > > > [e] DB2PATH=C:\usr\sqllib
    > > > > [e] DB2DOMAINLIST=oem.com <== this is the
    > > > domain
    > > > > [i] DB2SATELLITEID=FRUSCONI-AUS-41
    > > > > [i] DB2ACCOUNTNAME=FRUSCONI-AUS-41\db2admin
    > > > > [i] DB2INSTOWNER=FRUSCONI-AUS-41
    > > > > [i] DB2PORTRANGE=60000:60003
    > > > > [i] DB2INSTPROF=C:\USR\SQLLIB
    > > > > [i] DB2COMM=TCPIP
    > > > > [g] DB2_DOCCDPATH=C:\usr\sqllib\
    > > > > [g] DB2_GRP_LOOKUP=DOMAIN <== was trying this (
    the
    > > > user
    > > > > belongs to the SYSADM group too!)
    > > > > [g] DB2SYSTEM=FRUSCONI-AUS-41
    > > > > [g] DB2PATH=C:\usr\sqllib
    > > > > [g] DB2INSTDEF=DB2
    > > > > [g] DB2ADMINSERVER=DB2DAS00
    > > > >
    > > > > Am I missing something? I also saw that the instance owner should
    have
    > > > the
    > > > > following: Windows Rights
    > > > > - Act as part of the operating system
    > > > > - Create token object
    > > > > - Increase quotas
    > > > > - log on as a service
    > > > > - replace a process level token
    > > > >
    > > > > These have all been granted and rebooted the machine?!
    > > > >
    > > > > Have I missed something?
    > > > >
    > > > >
    > > >
    > > >
    >

  • SystemAdmin
    SystemAdmin
    17917 Posts

    Re: SQL30082N Attempt to establish connection failed with security reason "24"

    ‏2003-11-18T21:43:31Z  
    Larry,

    Yes, thanks I have that set ... tried both values, even have the domain user
    added to the local SYSADM group.

    $ db2set -all
    [e] DB2PATH=C:\usr\sqllib
    [e] DB2DOMAINLIST=OEM
    [i] DB2SATELLITEID=FRUSCONI-AUS-41
    [i] DB2ACCOUNTNAME=FRUSCONI-AUS-41\db2admin
    [i] DB2INSTOWNER=FRUSCONI-AUS-41
    [i] DB2PORTRANGE=60000:60003
    [i] DB2INSTPROF=C:\USR\SQLLIB
    [i] DB2COMM=TCPIP
    [g] DB2_DOCCDPATH=C:\usr\sqllib\
    [g] DB2_GRP_LOOKUP=DOMAIN
    [g] DB2SYSTEM=FRUSCONI-AUS-41
    [g] DB2PATH=C:\usr\sqllib
    [g] DB2INSTDEF=DB2
    [g] DB2ADMINSERVER=DB2DAS00

    "Larry" <nospam@nospam.com> wrote in message
    news:3FB42E51.58B19615@nospam.com...
    > Have you tried
    >
    > db2set DB2_GRP_LOOKUP=domain ?
    >
    >
    > DB2_GRP_LOOKUP Windows NT Default=null
    > Values: LOCAL, DOMAIN
    >
    > This variable is used to tell DB2 where to validate user accounts and
    perform
    > group member lookup. Set the variable to LOCAL to force DB2 to always
    enumerate
    > groups and validate user accounts on the DB2 server. Set the variable to
    DOMAIN
    > to force DB2 to always enumerate groups and validate user accounts on the
    > Windows NT domain to which the user account belongs.
    >
    > Larry Edelstein
    >
    > Frank wrote:
    >
    > > David,
    > >
    > > Thanks for the reply.
    > >
    > > I don't have a problem with the "db2admin" account as it is an account
    on
    > > the server. The database server is not a domain controller, just a
    server
    > > in the domain.
    > >
    > > The problem comes when I try to connect with a user that is a member of
    the
    > > domain, but not defined on the server itself. It just seems that DB2
    (or
    > > maybe NT) is not able to authenticate a domain user. I do not have
    domain
    > > rights to add users, but I would like for other users on the network to
    > > access the databases, without having to create an ID locally for each of
    > > them.
    > >
    > > The authentication setting on the server are below.
    > >
    > > Database manager authentication (AUTHENTICATION) = SERVER
    > > Cataloging allowed without authority (CATALOG_NOAUTH) = YES
    > > Trust all clients (TRUST_ALLCLNTS) = YES
    > > Trusted client authentication (TRUST_CLNTAUTH) = CLIENT
    > > Bypass federated authentication (FED_NOAUTH) = NO
    > >
    > > "David Sarge" <etpcorp@yahoo.com> wrote in message
    > > news:boh0je$48ic$1@news.boulder.ibm.com...
    > > > Frank,
    > > >
    > > > Is the DB2 server a member of the domain? You may want to simply
    try
    > > OEM
    > > > instead of oem.com in your domain list. Is FRUSCONI-AUS-41 the domain
    > > > controller, or just a server that is a member of the domain? If it is
    not
    > > > the domain controller, then create the db2admin account on the domain
    vs.
    > > > the db2 server.
    > > >
    > > > Did you catalog the DB w/authentication server on the clients? On the
    > > > instance, what are the authentication settings? (Authentication,
    > > > Trust_Allclnts, Trust_Clntauth)
    > > >
    > > > David Sarge
    > > > DB2 Certified Administrator
    > > > Oracle Certified DBA
    > > > State of Georgia, Department of Revenue
    > > >
    > > > "Frank" <frusconi@bmc.com> wrote in message
    > > > news:bo8oo4$4d5m$1@news.boulder.ibm.com...
    > > > > I have a DB2 Version 8 WSE installed on my W2K box.
    > > > >
    > > > > NT Domain users are not able to connect to attach as I always get
    the
    > > > error:
    > > > > SQL30082N Attempt to establish connection failed with security
    > > reason
    > > > > "24"
    > > > > ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001
    > > > >
    > > > > This is the user I log on to the machie as, and even when I issue
    the
    > > > > command
    > > > >
    > > > > db2 connect to sample
    > > > >
    > > > > I get the same error.
    > > > >
    > > > > Local users work find and I have set up the following
    > > > >
    > > > > [e] DB2PATH=C:\usr\sqllib
    > > > > [e] DB2DOMAINLIST=oem.com <== this is the
    > > > domain
    > > > > [i] DB2SATELLITEID=FRUSCONI-AUS-41
    > > > > [i] DB2ACCOUNTNAME=FRUSCONI-AUS-41\db2admin
    > > > > [i] DB2INSTOWNER=FRUSCONI-AUS-41
    > > > > [i] DB2PORTRANGE=60000:60003
    > > > > [i] DB2INSTPROF=C:\USR\SQLLIB
    > > > > [i] DB2COMM=TCPIP
    > > > > [g] DB2_DOCCDPATH=C:\usr\sqllib\
    > > > > [g] DB2_GRP_LOOKUP=DOMAIN <== was trying this (
    the
    > > > user
    > > > > belongs to the SYSADM group too!)
    > > > > [g] DB2SYSTEM=FRUSCONI-AUS-41
    > > > > [g] DB2PATH=C:\usr\sqllib
    > > > > [g] DB2INSTDEF=DB2
    > > > > [g] DB2ADMINSERVER=DB2DAS00
    > > > >
    > > > > Am I missing something? I also saw that the instance owner should
    have
    > > > the
    > > > > following: Windows Rights
    > > > > - Act as part of the operating system
    > > > > - Create token object
    > > > > - Increase quotas
    > > > > - log on as a service
    > > > > - replace a process level token
    > > > >
    > > > > These have all been granted and rebooted the machine?!
    > > > >
    > > > > Have I missed something?
    > > > >
    > > > >
    > > >
    > > >
    >

    Frank,

    Did you catalog the database w/Authentication server?

    CATALOG DB SAMPLE AT NODE hostname AUTHENTICATION SERVER

    Not clear if you are still having the problem. Are you auditing logon
    attempts on your domain and on the local server? If not, turn that on, and
    see what pops up in the windows event log.

    David

    "Frank" <frusconi@bmc.com> wrote in message
    news:bp2ok7$75n8$1@news.boulder.ibm.com...
    > Larry,
    >
    > Yes, thanks I have that set ... tried both values, even have the domain
    user
    > added to the local SYSADM group.
    >
    > $ db2set -all
    > [e] DB2PATH=C:\usr\sqllib
    > [e] DB2DOMAINLIST=OEM
    > [i] DB2SATELLITEID=FRUSCONI-AUS-41
    > [i] DB2ACCOUNTNAME=FRUSCONI-AUS-41\db2admin
    > [i] DB2INSTOWNER=FRUSCONI-AUS-41
    > [i] DB2PORTRANGE=60000:60003
    > [i] DB2INSTPROF=C:\USR\SQLLIB
    > [i] DB2COMM=TCPIP
    > [g] DB2_DOCCDPATH=C:\usr\sqllib\
    > [g] DB2_GRP_LOOKUP=DOMAIN
    > [g] DB2SYSTEM=FRUSCONI-AUS-41
    > [g] DB2PATH=C:\usr\sqllib
    > [g] DB2INSTDEF=DB2
    > [g] DB2ADMINSERVER=DB2DAS00
    >
    > "Larry" <nospam@nospam.com> wrote in message
    > news:3FB42E51.58B19615@nospam.com...
    > > Have you tried
    > >
    > > db2set DB2_GRP_LOOKUP=domain ?
    > >
    > >
    > > DB2_GRP_LOOKUP Windows NT Default=null
    > > Values: LOCAL, DOMAIN
    > >
    > > This variable is used to tell DB2 where to validate user accounts and
    > perform
    > > group member lookup. Set the variable to LOCAL to force DB2 to always
    > enumerate
    > > groups and validate user accounts on the DB2 server. Set the variable to
    > DOMAIN
    > > to force DB2 to always enumerate groups and validate user accounts on
    the
    > > Windows NT domain to which the user account belongs.
    > >
    > > Larry Edelstein
    > >
    > > Frank wrote:
    > >
    > > > David,
    > > >
    > > > Thanks for the reply.
    > > >
    > > > I don't have a problem with the "db2admin" account as it is an account
    > on
    > > > the server. The database server is not a domain controller, just a
    > server
    > > > in the domain.
    > > >
    > > > The problem comes when I try to connect with a user that is a member
    of
    > the
    > > > domain, but not defined on the server itself. It just seems that DB2
    > (or
    > > > maybe NT) is not able to authenticate a domain user. I do not have
    > domain
    > > > rights to add users, but I would like for other users on the network
    to
    > > > access the databases, without having to create an ID locally for each
    of
    > > > them.
    > > >
    > > > The authentication setting on the server are below.
    > > >
    > > > Database manager authentication (AUTHENTICATION) = SERVER
    > > > Cataloging allowed without authority (CATALOG_NOAUTH) = YES
    > > > Trust all clients (TRUST_ALLCLNTS) = YES
    > > > Trusted client authentication (TRUST_CLNTAUTH) = CLIENT
    > > > Bypass federated authentication (FED_NOAUTH) = NO
    > > >
    > > > "David Sarge" <etpcorp@yahoo.com> wrote in message
    > > > news:boh0je$48ic$1@news.boulder.ibm.com...
    > > > > Frank,
    > > > >
    > > > > Is the DB2 server a member of the domain? You may want to simply
    > try
    > > > OEM
    > > > > instead of oem.com in your domain list. Is FRUSCONI-AUS-41 the
    domain
    > > > > controller, or just a server that is a member of the domain? If it
    is
    > not
    > > > > the domain controller, then create the db2admin account on the
    domain
    > vs.
    > > > > the db2 server.
    > > > >
    > > > > Did you catalog the DB w/authentication server on the clients? On
    the
    > > > > instance, what are the authentication settings? (Authentication,
    > > > > Trust_Allclnts, Trust_Clntauth)
    > > > >
    > > > > David Sarge
    > > > > DB2 Certified Administrator
    > > > > Oracle Certified DBA
    > > > > State of Georgia, Department of Revenue
    > > > >
    > > > > "Frank" <frusconi@bmc.com> wrote in message
    > > > > news:bo8oo4$4d5m$1@news.boulder.ibm.com...
    > > > > > I have a DB2 Version 8 WSE installed on my W2K box.
    > > > > >
    > > > > > NT Domain users are not able to connect to attach as I always get
    > the
    > > > > error:
    > > > > > SQL30082N Attempt to establish connection failed with
    security
    > > > reason
    > > > > > "24"
    > > > > > ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001
    > > > > >
    > > > > > This is the user I log on to the machie as, and even when I issue
    > the
    > > > > > command
    > > > > >
    > > > > > db2 connect to sample
    > > > > >
    > > > > > I get the same error.
    > > > > >
    > > > > > Local users work find and I have set up the following
    > > > > >
    > > > > > [e] DB2PATH=C:\usr\sqllib
    > > > > > [e] DB2DOMAINLIST=oem.com <== this is
    the
    > > > > domain
    > > > > > [i] DB2SATELLITEID=FRUSCONI-AUS-41
    > > > > > [i] DB2ACCOUNTNAME=FRUSCONI-AUS-41\db2admin
    > > > > > [i] DB2INSTOWNER=FRUSCONI-AUS-41
    > > > > > [i] DB2PORTRANGE=60000:60003
    > > > > > [i] DB2INSTPROF=C:\USR\SQLLIB
    > > > > > [i] DB2COMM=TCPIP
    > > > > > [g] DB2_DOCCDPATH=C:\usr\sqllib\
    > > > > > [g] DB2_GRP_LOOKUP=DOMAIN <== was trying this (
    > the
    > > > > user
    > > > > > belongs to the SYSADM group too!)
    > > > > > [g] DB2SYSTEM=FRUSCONI-AUS-41
    > > > > > [g] DB2PATH=C:\usr\sqllib
    > > > > > [g] DB2INSTDEF=DB2
    > > > > > [g] DB2ADMINSERVER=DB2DAS00
    > > > > >
    > > > > > Am I missing something? I also saw that the instance owner
    should
    > have
    > > > > the
    > > > > > following: Windows Rights
    > > > > > - Act as part of the operating system
    > > > > > - Create token object
    > > > > > - Increase quotas
    > > > > > - log on as a service
    > > > > > - replace a process level token
    > > > > >
    > > > > > These have all been granted and rebooted the machine?!
    > > > > >
    > > > > > Have I missed something?
    > > > > >
    > > > > >
    > > > >
    > > > >
    > >
    >
    >

  • amccarl
    amccarl
    73 Posts

    Re: SQL30082N Attempt to establish connection failed with security reason "24"

    ‏2013-09-05T17:00:39Z  

    Error SQL30082N Reason Code 19 or 24 is discussed in technical article 1409496, http://www.ibm.com/support/docview.wss?uid=swg21409496

     
  • 9RYQ_Kiran_mk
    9RYQ_Kiran_mk
    78 Posts

    Re: SQL30082N Attempt to establish connection failed with security reason "24"

    ‏2013-09-10T14:22:27Z  
    Frank,

    Did you catalog the database w/Authentication server?

    CATALOG DB SAMPLE AT NODE hostname AUTHENTICATION SERVER

    Not clear if you are still having the problem. Are you auditing logon
    attempts on your domain and on the local server? If not, turn that on, and
    see what pops up in the windows event log.

    David

    "Frank" <frusconi@bmc.com> wrote in message
    news:bp2ok7$75n8$1@news.boulder.ibm.com...
    > Larry,
    >
    > Yes, thanks I have that set ... tried both values, even have the domain
    user
    > added to the local SYSADM group.
    >
    > $ db2set -all
    > [e] DB2PATH=C:\usr\sqllib
    > [e] DB2DOMAINLIST=OEM
    > [i] DB2SATELLITEID=FRUSCONI-AUS-41
    > [i] DB2ACCOUNTNAME=FRUSCONI-AUS-41\db2admin
    > [i] DB2INSTOWNER=FRUSCONI-AUS-41
    > [i] DB2PORTRANGE=60000:60003
    > [i] DB2INSTPROF=C:\USR\SQLLIB
    > [i] DB2COMM=TCPIP
    > [g] DB2_DOCCDPATH=C:\usr\sqllib\
    > [g] DB2_GRP_LOOKUP=DOMAIN
    > [g] DB2SYSTEM=FRUSCONI-AUS-41
    > [g] DB2PATH=C:\usr\sqllib
    > [g] DB2INSTDEF=DB2
    > [g] DB2ADMINSERVER=DB2DAS00
    >
    > "Larry" <nospam@nospam.com> wrote in message
    > news:3FB42E51.58B19615@nospam.com...
    > > Have you tried
    > >
    > > db2set DB2_GRP_LOOKUP=domain ?
    > >
    > >
    > > DB2_GRP_LOOKUP Windows NT Default=null
    > > Values: LOCAL, DOMAIN
    > >
    > > This variable is used to tell DB2 where to validate user accounts and
    > perform
    > > group member lookup. Set the variable to LOCAL to force DB2 to always
    > enumerate
    > > groups and validate user accounts on the DB2 server. Set the variable to
    > DOMAIN
    > > to force DB2 to always enumerate groups and validate user accounts on
    the
    > > Windows NT domain to which the user account belongs.
    > >
    > > Larry Edelstein
    > >
    > > Frank wrote:
    > >
    > > > David,
    > > >
    > > > Thanks for the reply.
    > > >
    > > > I don't have a problem with the "db2admin" account as it is an account
    > on
    > > > the server. The database server is not a domain controller, just a
    > server
    > > > in the domain.
    > > >
    > > > The problem comes when I try to connect with a user that is a member
    of
    > the
    > > > domain, but not defined on the server itself. It just seems that DB2
    > (or
    > > > maybe NT) is not able to authenticate a domain user. I do not have
    > domain
    > > > rights to add users, but I would like for other users on the network
    to
    > > > access the databases, without having to create an ID locally for each
    of
    > > > them.
    > > >
    > > > The authentication setting on the server are below.
    > > >
    > > > Database manager authentication (AUTHENTICATION) = SERVER
    > > > Cataloging allowed without authority (CATALOG_NOAUTH) = YES
    > > > Trust all clients (TRUST_ALLCLNTS) = YES
    > > > Trusted client authentication (TRUST_CLNTAUTH) = CLIENT
    > > > Bypass federated authentication (FED_NOAUTH) = NO
    > > >
    > > > "David Sarge" <etpcorp@yahoo.com> wrote in message
    > > > news:boh0je$48ic$1@news.boulder.ibm.com...
    > > > > Frank,
    > > > >
    > > > > Is the DB2 server a member of the domain? You may want to simply
    > try
    > > > OEM
    > > > > instead of oem.com in your domain list. Is FRUSCONI-AUS-41 the
    domain
    > > > > controller, or just a server that is a member of the domain? If it
    is
    > not
    > > > > the domain controller, then create the db2admin account on the
    domain
    > vs.
    > > > > the db2 server.
    > > > >
    > > > > Did you catalog the DB w/authentication server on the clients? On
    the
    > > > > instance, what are the authentication settings? (Authentication,
    > > > > Trust_Allclnts, Trust_Clntauth)
    > > > >
    > > > > David Sarge
    > > > > DB2 Certified Administrator
    > > > > Oracle Certified DBA
    > > > > State of Georgia, Department of Revenue
    > > > >
    > > > > "Frank" <frusconi@bmc.com> wrote in message
    > > > > news:bo8oo4$4d5m$1@news.boulder.ibm.com...
    > > > > > I have a DB2 Version 8 WSE installed on my W2K box.
    > > > > >
    > > > > > NT Domain users are not able to connect to attach as I always get
    > the
    > > > > error:
    > > > > > SQL30082N Attempt to establish connection failed with
    security
    > > > reason
    > > > > > "24"
    > > > > > ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001
    > > > > >
    > > > > > This is the user I log on to the machie as, and even when I issue
    > the
    > > > > > command
    > > > > >
    > > > > > db2 connect to sample
    > > > > >
    > > > > > I get the same error.
    > > > > >
    > > > > > Local users work find and I have set up the following
    > > > > >
    > > > > > [e] DB2PATH=C:\usr\sqllib
    > > > > > [e] DB2DOMAINLIST=oem.com <== this is
    the
    > > > > domain
    > > > > > [i] DB2SATELLITEID=FRUSCONI-AUS-41
    > > > > > [i] DB2ACCOUNTNAME=FRUSCONI-AUS-41\db2admin
    > > > > > [i] DB2INSTOWNER=FRUSCONI-AUS-41
    > > > > > [i] DB2PORTRANGE=60000:60003
    > > > > > [i] DB2INSTPROF=C:\USR\SQLLIB
    > > > > > [i] DB2COMM=TCPIP
    > > > > > [g] DB2_DOCCDPATH=C:\usr\sqllib\
    > > > > > [g] DB2_GRP_LOOKUP=DOMAIN <== was trying this (
    > the
    > > > > user
    > > > > > belongs to the SYSADM group too!)
    > > > > > [g] DB2SYSTEM=FRUSCONI-AUS-41
    > > > > > [g] DB2PATH=C:\usr\sqllib
    > > > > > [g] DB2INSTDEF=DB2
    > > > > > [g] DB2ADMINSERVER=DB2DAS00
    > > > > >
    > > > > > Am I missing something? I also saw that the instance owner
    should
    > have
    > > > > the
    > > > > > following: Windows Rights
    > > > > > - Act as part of the operating system
    > > > > > - Create token object
    > > > > > - Increase quotas
    > > > > > - log on as a service
    > > > > > - replace a process level token
    > > > > >
    > > > > > These have all been granted and rebooted the machine?!
    > > > > >
    > > > > > Have I missed something?
    > > > > >
    > > > > >
    > > > >
    > > > >
    > >
    >
    >

    Did you try db2 "connect to dbname user domain\username"

    Best Regards,

    Kiran.M.K.