Creating required users for a Db2 server installation in a partitioned database environment (Linux)

Three users and groups are required to operate Db2 databases in partitioned database environments on Linux® operating systems.

Before you begin

  • You must have root user authority to create users and groups.
  • If you manage users and groups with security software, additional steps might be required when defining Db2 users and groups.

About this task

The user and group names used in the following instructions are documented in the following table. You can specify your own user and group names if they adhere to your system naming rules and Db2 naming rules.

If you are planning to use the Db2 Setup wizard to install your Db2 database product, the Db2 Setup wizard will create these users for you.

Table 1. Required users and groups
Required user User name Group name
Instance owner db2inst1 db2iadm1
Fenced user db2fenc1 db2fadm1
Db2 administration server user dasusr1 dasadm1

If the Db2 administration server user is an existing user, this user must exist on all the participating computers before the installation. If you use the Db2 Setup wizard to create a new user for the Db2 administration server on the instance-owning computer, then the new user is also created (if necessary) during the response file installations on the participating computers. If the user already exists on the participating computers, the user must have the same primary group.


The user names you create must conform to both your operating system's naming rules, and those of the Db2 database system.


To create all three of these users, perform the following steps:

  1. Log on to the primary computer.
  2. Create a group for the instance owner (for example, db2iadm1), the group that will run UDFs or stored procedures (for example, db2fadm1), and the group that will own the Db2 administration server (for example, dasadm1) by entering the following commands:
    groupadd -g 999 db2iadm1
    groupadd -g 998 db2fadm1
    groupadd -g 997 dasadm1
    Ensure that the specific numbers you are using do not currently exist on any of the machines.
  3. Create a user that belongs to each group that you created in the previous step using the following commands. The home directory for each user will be the Db2 home directory that you previously created and shared (db2home).
    useradd -u 1004 -g db2iadm1 -m -d /db2home/db2inst1 db2inst1
    useradd -u 1003 -g db2fadm1 -m -d /db2home/db2fenc1 db2fenc1
    useradd -u 1002 -g dasadm1 -m -d /home/dasusr1 dasusr1
  4. Set an initial password for each user that you created by entering the following commands:
    passwd db2inst1
    passwd db2fenc1
    passwd dasusr1
  5. Log out.
  6. Log on to the primary computer as each user that you created (db2inst1, db2fenc1, and dasusr1). You might be prompted to change each user's password because this is the first time that these users have logged onto the system.
  7. Log out.
  8. Create the exact same user and group accounts on each computer that will participate in your partitioned database environment.