Run Optim™ High Performance Unload with the
--credentials command-line option to define, edit or remove user credentials
that are used for running Optim High Performance Unload when special
authorizations are required.
About this task
Any Optim High Performance Unload task, except tasks that
are running in stand-alone mode, performs an authentication check before starting. By default,
the authentication information is derived from the credentials that are used to start the
shell session. When Optim High Performance Unload needs specific
credentials that are different from the credentials that are used to start the session, you
can define these credentials by running Optim High Performance Unload with the --credentials command-line option. For example, when performing
an automatic migration task, it is mandatory to create credentials of local type relative to
the target environment of this migration.The credentials are created by a given user and
only apply to tasks performed by it. The credentials are stored in the
db2hpu.creds configuration file located in a directory specific to
this user:
- on UNIX™ and Linux™ systems, its location is a directory called .db2hpu,
this directory being in the associated user account home directory.
- on Windows™ systems, its location is a directory
called db2hpu, this directory location being determined from the
concatenation of the values set for the HOMEDRIVE and HOMEPATH environment variables
related to the user concerned.
This configuration file and the directory where it is located must already exist
before creating credentials for the first time.
Procedure
-
If the db2hpu.creds configuration file and its directory do not
already exist, a manual creation is necessary before starting the procedure.
-
Run Optim High Performance Unload with the
--credentials command-line option.
You can specify one of the following credentials types: local, remote, tsm, keystore,
cloudant, couchdb, mongodb, warehouse, swift, postgresql, aws_s3 and azure. For more information on the
--credentials command-line option, see
Command-line options.
For example: db2hpu --credentials local
-
Type 1 to specify that you want to create new credentials when
prompted.
-
Type Y to specify that you want to create a new section.
-
For IBM®
Tivoli® Storage Manager credentials only, specify
if the new section will have the default name,
local_tsm.
This default section is used by Optim High Performance Unload to establish sessions on the IBM
Tivoli Storage Manager server by using the IBM
Tivoli Storage Manager client on the local
machine. You need to define a default section if you run Optim High Performance Unload without using the TSMNODE option of the
USING BACKUP clause in the configuration file.
-
Specify a section name.
The section name depends on the credentials type:
- remote
- Specify the remote Db2® node name that is
cataloged locally if using a Db2 client, or specify the data source name if using IBM Data Server Driver.
- local
- Specify the local Db2 instance user
name.
- tsm
- If you are not using the default
local_tsm value, specify the IBM
Tivoli Storage Manager client name, even
when the client is on a remote machine. You can use a remote IBM
Tivoli Storage Manager client if you
specify the TSMNODE option in the USING BACKUP clause of the Optim High Performance Unload configuration file.
- keystore
- Specify the name of the Db2 instance
associated to the keystore file to be accessed. This name will be used as a radix
for the associated section created into the Optim High Performance Unload credentials file. The exact
section name will be constituted by the name entered, and the
_keystore suffix after it.
- cloudant
- Specify the alias of the Cloudant destination. It must correspond to the alias
value which one would set to the 'alias' parameter into the destinations
configuration file, within its associated section for Cloudant.
- couchdb
- Specify the alias of the CouchDB destination. It must correspond to the alias
value which one would set to the 'alias' parameter into the destinations
configuration file, within its associated section for CouchDB.
- mongodb
- Specify the alias of the MongoDB destination. It must correspond to the alias
value which one would set to the 'alias' parameter into the destinations
configuration file, within its associated section for MongoDB.
- warehouse
- Specify the alias of the Db2 Warehouse
destination. It must correspond to the alias value which one would set to the
'alias' parameter into the destinations configuration file, within its associated
section for Db2 Warehouse.
- swift
- Specify the alias of the Swift destination. It must correspond to the alias value
which one would set to the 'alias' parameter into the destinations configuration
file, within its associated section for Swift.
- postgresql
- Specify the alias of the PostgreSQL destination. It must correspond to the alias value which one would set to the 'alias' parameter into the destinations configuration file, within its associated section for PostgreSQL.
- aws_s3
- Specify the alias of the Amazon S3 or S3 compatible destination. It must correspond to the alias value which one would set to the ‘alias’ parameter into the destinations configuration file, within its associated section for S3.
- azure
- Specify the alias for the Azure destination. It must correspond to the alias value which one would set to the ‘alias’ parameter into the destinations configuration file, within its associated section for Azure.
- ibm_cos
- Specify the alias for the IBM Cloud Object Storage destination. It must correspond to the alias value which one would set to the 'alias' parameter into the destinations configuration file, within its associated section for IBM Cloud Object Storage.
-
For remote or local or Db2 Warehouse connections, specify a user name.
The user name depends on the credentials type:
- remote
- Specify the user name that will be used by Optim High Performance Unload to establish connections on the
remote database. This user name must be the same as the user name set to the 'user'
parameter into the destinations configuration file, within its associated section
for the remote database.
- local
- Specify the user name that will be used by Optim High Performance Unload to establish connections on the
local database.
- warehouse
- Specify the user name that will be used by Optim High Performance Unload for an automatic migration towards
Db2 Warehouse for its underlying
authentication step. This user name must be the same as the user name set to the
'user' parameter into the destinations configuration file, within its associated
section for Db2 Warehouse.
-
Specify the password.
The password depends on the credentials type:
- remote
- Specify the password that will be used by Optim High Performance Unload to establish connections on the
remote database.
- local
- Specify the password that will be used by Optim High Performance Unload to establish connections to the
local database.
- tsm
- Specify the password that will be used by Optim High Performance Unload to establish connections on the
IBM
Tivoli Storage Manager server.
- keystore
- Specify the password that will be used by Optim High Performance Unload when accessing to the keystore
file, in order to get from it an encryption master key.
- cloudant
- Specify the password that will be used by Optim High Performance Unload for an automatic migration towards
Cloudant for its underlying authentication step. This password must be the one of
the user set to the 'user' parameter into the destinations configuration file,
within its associated section for Cloudant.
- couchdb
- Specify the password that will be used by Optim High Performance Unload for an automatic migration towards
CouchDB for its underlying authentication step. This password must be the one of the
user set to the 'user' parameter into the destinations configuration file, within
its associated section for CouchDB.
- mongodb
- Specify the password that will be used by Optim High Performance Unload for an automatic migration towards
MongoDB for its underlying authentication step. This password must be the one of the
user set to the 'user' parameter into the destinations configuration file, within
its associated section for MongoDB.
- warehouse
- Specify the password that will be used by Optim High Performance Unload for an automatic migration towards
Db2 Warehouse for its underlying
authentication step. This password must be the one of the user set to the 'user'
parameter into the destinations configuration file, within its associated section
for Db2 Warehouse.
- swift
- Specify the password that will be used by Optim High Performance Unload for an automatic migration towards
Swift for its underlying authentication step. This password must be the one of the
user set to the ‘user’ parameter into the destinations configuration file, within
its associated section for Swift.
- postgresql
- Specify the password that will be used by Optim High Performance Unload for an automatic migration towards
PostgreSQL for its underlying authentication step. This password must be the one of
the user set to the ‘user’ parameter into the destinations configuration file,
within its associated section for PostgreSQL.
- aws_s3
- Specify the secret key that will be used by Optim High Performance Unload for an automatic migration (based
on the cURL tool use) towards an Amazon S3 or S3 compatible destination for its
underlying authentication step. This secret key must be the one related to the
access key set to the ‘accesskey’ parameter into the destinations configuration
file, within its associated section for S3.
- azure
- Specify the account key that will be used by Optim High Performance Unload for an automatic migration (not
based on the cURL tool use) towards an Azure destination for its underlying
authentication step. This account key must be the one related to the account name
set to the ‘account’ parameter into the destinations configuration file, within its
associated section for Azure.
- ibm_cos
- Specify the secret key that will be used by Optim High Performance Unload for an automatic migration (based
on the cURL tool use) towards an IBM Cloud Object Storage destination for its
underlying authentication step. This secret key must be the one related to the
access key set to the ‘accesskey’ parameter into the destinations configuration
file, within its associated section for IBM Cloud Object Storage.
Results
The credentials are added to the db2hpu.creds file.
Example
Use the following session to create local credentials and verify the contents of the
db2hpu.creds file:
$ db2hpu --credentials local
INZM059I Optim High Performance Unload for Db2 06.01.00.001(110817)
Management of credentials for 'local' type connections:
- do you want to create or remove data (1/2)? 1
- is it a new section (Y/N)? Y
- provide a section name: i910
- provide a user name: i910
- provide a password: *******
Do you want to validate your data (Y/N)? Y
INZM061I Credentials of connections created for 'i910'
$ cat /home/i910/.db2hpu/db2hpu.creds
[i910]
type=local
user=i910
password=F1AA62BBDD765071
Use
the following session to remove the credentials from the
file:
$ db2hpu --credentials local
INZM059I Optim High Performance Unload for Db2 06.01.00.001(110817)
Management of credentials for 'local' type connections:
- do you want to create or remove data (1/2)? 2
- provide a section name: i910
Do you want to validate your data (Y/N)? Y
INZM065I Credentials of connections removed for 'i910'
Use the following session to create credentials for the access to a keystore file:
$ db2hpu --credentials keystore
INZM059I Optim High Performance Unload for Db2 06.01.00.001(150925)
Management of credentials for 'keystore' type connections:
- do you want to create or remove data (1/2)? 1
- is it a new section (Y/N)? Y
- provide a section name: i1055
- provide a password: ***************
Do you want to validate your data (Y/N)? Y
INZM061I Credentials of connections created for 'i1055_keystore'
$ cat /home/i1055/.db2hpu/db2hpu.creds
[i1055_keystore]
type=keystore
password=F1AA62BBDD765071