The following example illustrates how the DB2® database management system can support Windows domain security. The connection works because the user name and local group are on the same domain.
The connection works in the following scenario because the user name and local or global group are on the same domain.
Note that the user name and local or global group do not need to be defined on the domain where the database server is running, but they must be on the same domain as each other.
Domain1 | Domain2 |
---|---|
A trust relationship exists with Domain2. |
|
The DB2 server
runs in this domain. The following DB2 commands
are issued from it:
|
|
The local or global domain is scanned but id2 is not found. Domain security is scanned. | |
The user name id2 is found on this domain. DB2 gets additional information about this user name (that is, it is part of the group grp2). | |
The connection works because the user name and local or global group are on the same domain. |