SYSIBM.LUNAMES columns

The SYSIBM.LUNAMES table is used only for outbound requests that use SNA protocols.

Begin general-use programming interface information.
LUNAME CHAR(8)
The LUNAME of the remote system. A blank value identifies a default row that serves requests from any system that is not specifically listed elsewhere in the column.
SECURITY_OUT (CHAR 1)
Indicates the security option that is used when local Db2 SQL applications connect to any remote server that is associated with the corresponding LUNAME.
A
The letter A signifies the security option of already verified, and it is the default. With A, outbound connection requests contain an authorization ID and no authentication token. The value that is used for an outbound request is either the Db2 user's authorization ID or a translated ID, depending on the value in the USERNAMES column.
R
The letter R signifies the RACF® PassTicket security option. Outbound connection requests contain a user ID and a RACF PassTicket. The LUNAME column is used as the RACF PassTicket application name.

The value that is used for an outbound request is either the Db2 user's authorization ID or a translated ID, depending on the value in the USERNAMES column. The translated ID is used to build the RACF PassTicket. Do not specify R for CONNECT statements with a USER parameter.

P
The letter P signifies the password security option. Outbound connection requests contain an authorization ID and a password. The password is obtained from RACF if ENCRYPTPSWDS=Y, or from SYSIBM.USERNAMES if ENCRYPTPSWDS=N. If you get the password from SYSIBM.USERNAMES, the USERNAMES column of SYSIBM.LUNAMES must contain B or O. The value that is used for an outbound request is the translated ID.
Important: Start of changeUse of the RACF KDFAES encryption algorithm for a VTAM (SNA) connection is not supported when SECURITY_OUT=P and ENCRYPTPSWDS=Y.End of change
ENCRYPTPSWDS CHAR(1)
Indicates whether passwords received from and sent to the corresponding LUNAME are encrypted. This column only applies to Db2 for z/OS® and Db2 for z/OS partners when passwords are used as authentication tokens.
Y
Yes, passwords are encrypted. For outbound requests, the encrypted password is extracted from RACF and sent to the server. For inbound requests, the password is treated as encrypted.
N
No, passwords are not encrypted. This is the default; any character but Y is treated as N.

Recommendation: When you connect to a Db2 for z/OS partner that is at Version 5 or a subsequent release, use RACF PassTickets (SECURITY_OUT='R') instead of encrypting passwords.

USERNAMES CHAR(1)
Indicates whether an ID accompanying a remote attachment request, which is received from or sent to the corresponding LUNAME, is subject to translation and come from checking. When you specify I, O, or B, use the SYSIBM.USERNAMES table to perform the translation.
I
An inbound ID is subject to translation.
O
An outbound ID, sent to the corresponding LUNAME, is subject to translation.
B
Both inbound and outbound IDs are subject to translation.
blank
No IDs are translated.
End general-use programming interface information.