Changing Db2 authentication from server to server_encrypt

Edit online

You might not want or be allowed because of corporate security policies to run with Db2® authentication configured as authentication=server. When you create a remote Db2 database or switch from the local Cloud APM Db2 database to a remote Db2 server, you can change to authentication=server_encrypt to protect the user ID and password.

About this task

The authentication=server configuration is the default authentication for the Cloud APM installation when the remote Db2 databases are cataloged and when a Db2 database is created. The procedure has you update theDb2 authentication configuration to server_encrypt and edit the install.properties file that is in the Cloud APM server installation package.

Procedure

Complete these steps on the remote Db2 server as the Db2 instance user (db2apm is the instance user in the commands):

  1. Check the Db2 authentication configuration:
    1. db2 attach to db2apm
    2. db2 get dbm cfg | grep AUTHENTICATION

      The grep command prints Database manager authentication (AUTHENTICATION) = SERVER. If, instead, you get Database manager authentication (AUTHENTICATION) = SERVER_ENCRYPT, you can skip step 2.

    3. db2 attach to db2apm
    4. db2 detach
  2. Change Db2 authentication to server_encrypt:
    1. db2 attach to db2apm
    2. db2 update dbm cfg using authentication server_encrypt
    3. db2 get dbm cfg | grep AUTHENTICATION

      The grep command prints Database manager authentication (AUTHENTICATION) = SERVER_ENCRYPT.

    4. db2 attach to db2apm
    5. db2 detach

Results

User authentication to the database server is now set to server_encrypt.