SQL30082N Security processing failed with reason "24" ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001 using LDAP plug-ins

Troubleshooting

Problem

SQL30082N Security processing failed with reason code "24" when selecting from an administrative views using IBM LDAP security plug-ins, IBMLDAPgroups and IBMLDAPauthserver.

Symptom

When using IBM LDAP security plug-ins, IBMLDAPgroups and IBMLDAPauthserver, you will receive SQL30082N with reason code "24" when executing queries on administrative views even though the connection to the database was successful. For example, consider the following configuration

Client Userid-Password Plugin          (CLNT_PW_PLUGIN) = Client Kerberos Plugin                (CLNT_KRB_PLUGIN) = Group Plugin                             (GROUP_PLUGIN) =IBMLDAPgroup GSS Plugin for Local Authorization    (LOCAL_GSSPLUGIN) = Server Plugin Mode                    (SRV_PLUGIN_MODE) = UNFENCED Server List of GSS Plugins      (SRVCON_GSSPLUGIN_LIST) = Server Userid-Password Plugin        (SRVCON_PW_PLUGIN) =IBMLDAPauthserver Server Connection Authentication          (SRVCON_AUTH) = NOT_SPECIFIED Database manager authentication        (AUTHENTICATION) = CLIENT Cataloging allowed without authority   (CATALOG_NOAUTH) = NO Trust all clients                      (TRUST_ALLCLNTS) = YES Trusted client authentication          (TRUST_CLNTAUTH) = CLIENT

Using a user id, adm_alvleung, to connect to the sample database, will be successful.

$> db2 connect to sample user adm_alvleung using XXXXXXXX
   Database Connection Information    Database server        = DB2/LINUXX8664 9.1.3    SQL authorization ID   =ADM_ALVL...    Local database alias   = SAMPLE

However, when executing the select statement against a system view, you will receive SQL30082N error.

$> db2 "select * from sysibmadm.snaplock"

SNAPSHOT_TIMESTAMP AGENT_ID TAB_FILE_ID LOCK_OBJECT_TYPE -------------------- ----------------- --------------                  SQL30082N Security processing failed with reason "24" ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001

The above error message will generate the following entry in the db2diag.log

2008-08-01-08.42.36.963443+120 I36734E357         LEVEL: Warningi PID     : 22314                TID : 46912637033008 FUNCTION: DB2 Common, Security, Users and Groups, secLogMessage, probe:20 DATA #1 : String, 137 bytes db2ldapGetUserDN: searching (retried=0 scope=2) with base=dc=int,dc=msci,dc=com filter=(&(objectClass=user)(sAMAccountName=ADM_ALVLEUNG))

[{"Product":{"code":"SSEPGG","label":"Db2 for Linux, UNIX and Windows"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"Security \/ Plug-Ins - LDAP","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"9.7;9.5;10.1;10.5","Edition":"Enterprise Server;Workgroup Server","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Log InLog in to view more of this document

This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.

Was this topic helpful?

Document Information

More support for:
Db2 for Linux, UNIX and Windows

Software version:
9.7, 9.5, 10.1, 10.5

Operating system(s):
AIX, HP-UX, Linux, Solaris, Windows

Document number:
366213

Modified date:
30 April 2025

UID

swg21327771

IBM Support

Tips

SQL30082N Security processing failed with reason "24" ("USERNAME AND/OR
PASSWORD INVALID"). SQLSTATE=08001 using LDAP plug-ins