Preparing a Db2® database for the User Management Services

Edit online
Draft comment:
This topic only applies to BAW, and is located in the BAW repository. Last updated on 2025-01-20 10:38
 Containers: 
Create dB2 databases for UMS single sign-on and teams options, and optional failover servers.

Procedure

  1. Create the UMS SSO option database.
    For example, you can create a database named UMSDB by running the following command: 
    db2 create database UMSDB automatic storage yes using codeset UTF-8 territory US pagesize 32768
  2. Optional: Create a separate database for the UMS Teams option if you do not want it to share the UMS SSO oauth database. For example, named UMSTSDB.
  3. Optional: Create one or more failover servers for the UMS database(s).
    To cover the possibility that the primary server is unavailable during the initial connection attempt, you can configure a list of failover servers, as described in Configuring client reroute for applications that use DB2® databases.
  4. Make a note of the datasource information that you will need later to add to the datasource_configuration section of the custom resource: 
    datasource_configuration:
  dc_ums_datasource: # credentials are read from ums_configuration.admin_secret_name
    # oauth database config
    dc_ums_oauth_type: db2
    dc_ums_oauth_host: host_name
    dc_ums_oauth_port: 50000
    dc_ums_oauth_name: UMSDB
    dc_ums_oauth_schema: OAuth_DB_Schema
    dc_ums_oauth_driverfiles: db2jcc4.jar, db2jcc_license_cu.jar
    dc_ums_oauth_alternate_hosts: "server1.db2.example.com, server2.db2.example.com"
    dc_ums_oauth_alternate_ports: "50443, 51443"
    dc_ums_oauth_ssl: true
    # teamserver database config
    dc_ums_teamserver_type: db2
    dc_ums_teamserver_host: host_name
    dc_ums_teamserver_port: 50000
    dc_ums_teamserver_name: UMSTSDB
    dc_ums_teamserver_driverfiles: db2jcc4.jar, db2jcc_license_cu.jar
    dc_ums_teamserver_alternate_hosts: "server1.db2.example.com, server2.db2.example.com"
    dc_ums_teamserver_alternate_ports: "50443, 51443"
    dc_ums_teamserver_ssl: true
    Important:

    If you do not have a separate teams database, UMSTSDB, specify identical values for the dc_ums_teamserver_ parameters as for the dc_ums_oauth_ ones.

    If you have multiple failover servers, for example,
    • server1.db2.company.com on port 50443
    • server2.db2.company.com on port 51443
    You will specify them as comma-separated lists, for example:
        dc_ums_oauth_alternate_hosts: "server1.db2.example.com, server2.db2.example.com"
    dc_ums_oauth_alternate_ports: "50443, 51443"
    ...
    dc_ums_teamserver_alternate_hosts: "server1.db2.example.com, server2.db2.example.com"
    dc_ums_teamserver_alternate_ports: "50443, 51443"