DB2 Security Plugin

Current:db2_sys-auth- (2009-05-11)
For QAS:3.0 or later
For DB2:9.5
Guides:Install guide
Licence:Resource Central

db2_sys-auth is a security plugin for DB2 UDB that authenticates users using PAM or AIX's LAM. With Quest Authentication Services, this plugin allows Unix-enabled Active Directory users to use your databases.

The plugin uses getgrent calls to determine group membership (getgrset on AIX), getpwnam to validate user names, and LAM/PAM to authenticate. This means DB2 can now make use of any authentication system that provides an NSS interface for information (administrative domains on AIX), and LAM/PAM for authentication. This includes Quest Authentication Services, LDAP, NIS and other third-party external systems.

This plugin is suitable for DB2 9.5+ Server, Client, and Groups products.

For DB2 v8.2 & v9.1, please use db2_sys-auth The removal of signal handlers in for better v9.5 interaction can cause instance crashes in earlier DB2 versions. The only fix since that is not v9.5-specific is AIX LDAP module compatibility. If that is needed in a pre-v9.5 instance, please contact Quest Support or post on the 'Quest's TechCenter


For DB2 9.5 and up Quest now recommends using the DB2 built-in functionality to connect to Active directory instead of the Quest DB2 plugin.

The functionality in DB2 is called Transparent LDAP authentication. Transparent LDAP authentication allows users to authenticate through the OS ( LAM on AIX, otherwise PAM, like the Quest DB2 Security Plugin ), which can then use QAS. This does not require setting up LDAP, QAS fulfills that role.

For more information, please read SOLUTION 64305. NOTE: The Quest DB2 plugin is no longer being activly developed. It will remain supported for the forseeable future since not all versions of DB2 have the new functionality, and the new functionality doesn't work for all users ( AIX local group problem explained in the given link ).


Release: db2_sys-auth-
Platform Filename Type Size Date MD5 checksum?
Other DB2_sys-auth releases
aix-51DB2_sys-auth_AIX_51- kB2009-05-076d11f867d97dc9722b7aa0389bb09817
aix-53DB2_sys-auth_AIX_53. kB2009-05-07d729cbcfcb1fe43f013979554624b604
hpux-ia64DB2_sys-auth_HPUX_IA64. kB2009-05-07c3492ffb9952a8023d20f5e00a8a4708
hpux-paDB2_sys-auth_HPUX_9000. kB2009-05-072d215bfdaf210cd82839e46cf9bba0a6
linux-ppcDB2_sys-auth_LINUX_PPC64. kB2009-05-071f67b9af8994fac1fd6f18f712cce7f9
linux-x390DB2_sys-auth_LINUX_S390X. kB2009-05-07338288499ab83b0119e9fb1db0aec5c9
linux-x86_64DB2_sys-auth_LINUX_X86_64. kB2009-05-075d1eb28073a636c84242c2c6e0b8da55
linux-x86DB2_sys-auth_LINUX_X86. kB2009-05-0720320b5d4a367511d1cd62fc99b6a572
solaris-sparcDB2_sys-auth_SOLARIS_SPARC. kB2009-05-0797ccec8b17c9c18d54afeebdf429118f
sourceDB2_sys-auth_src. kB2009-05-07d6dc82c35373f03c593fb550c67aa48b