Centralized user-management considerations (Linux and UNIX)

In environments that include security software, there are some installation considerations.

Note: The Db2® installation cannot update or create users and groups if they are controlled outside of the operating system. For example, LDAP can be used to control users and groups outside of the operating system.

Note: Network Information Services (NIS) and Network Information Services Plus (NIS+) features are deprecated starting with Db2 Version 9.1 Fix Pack 2. Support for these features might be removed in a future release. Lightweight Directory Access Protocol (LDAP) is the recommended solution for centralized user-management services.

At instance creation, without a security component present, the instance owner's group list is modified to include that of the database administrative server (DAS) user's primary group, if the DAS is created. If the instance creation program is unable to modify these properties, it reports that it could not. The warning message provides the necessary information to manually make the changes.

These considerations hold true for any environment in which an external security program does not allow the Db2 installation or instance creation programs to modify user characteristics.