CMOD.wiki

Difference between revisions of "Manually disabling LDAP authentication"

Manually disabling LDAP authentication (view source)

Revision as of 14:28, 3 August 2015

542 bytes removed ,  14:28, 3 August 2015
Added bit-and-not code to simplify instructions. Credit to Alessandro Perucchi.
m (Re-worded.)
(Added bit-and-not code to simplify instructions. Credit to Alessandro Perucchi.)
Line 21: Line 21:
=== Directions ===
=== Directions ===


First, check your system to see what the current value of the SYS_MASK field is:
First, check your database:


<code>
<code>
   $ db2 connect to archive
   $ db2 connect to archive
   
   
Line 32: Line 31:
   SQL authorization ID  = ODADMIN
   SQL authorization ID  = ODADMIN
   Local database alias  = ARCHIVE
   Local database alias  = ARCHIVE
</code>
Then check the system to see what the current value of the SYS_MASK field is:
    
    
 
<code>
   $ db2 "select SYS_MASK from arssys"
   $ db2 "select SYS_MASK from arssys"
   
   
Line 41: Line 43:
    
    
   1 record(s) selected.
   1 record(s) selected.
 
  $ db2 terminate
  DB20000I  The TERMINATE command completed successfully.
</code>
</code>


If the result of this query on your system is the same as the example, you can issue the following commands to disable LDAP.  If your results are different, skip to the next section.
Even if the value returned on your system is different, you can still use the following SQL to turn off the LDAP option:


<code>
<code>
 
   $ db2 "update arssys set sys_mask=bitandnot(sys_mask, 4)"
  $ db2 connect to archive
  Database Connection Information
  Database server        = DB2/AIX64 10.1.4
  SQL authorization ID  = ODADMIN
  Local database alias  = ARCHIVE
 
   $ db2 "update arssys set sys_mask=0"
   DB20000I  The SQL command completed successfully.
   DB20000I  The SQL command completed successfully.
  $ db2 terminate
  DB20000I  The TERMINATE command completed successfully.
</code>
</code>


If the results of the query are different on your system, you likely have other options enabled.
To double check that the change was made, simply repeat the query to see that the value has changed.


<code>
<code>
     $ db2 "select SYS_MASK from arssys"
     $ db2 "select SYS_MASK from arssys"
   
   
     SYS_MASK
     SYS_MASK
     ----------
     ----------
            20
            0
    
    
     1 record(s) selected.
     1 record(s) selected.
 
    $ db2 terminate
    DB20000I  The TERMINATE command completed successfully.
</code>
</code>


In this example, simply subtract 4 from the value returned on your system, and update the field in the database accordingly:
If your starting value was a different number -- for example, 20, then your result should be "16". 
 
If the value hasn't changed, then LDAP wasn't enabled, and your problem is elsewhere.


<code>


  $ db2 connect to archive
As always, don't forget to wrap up your session by closing your connection to the database:
  Database Connection Information
  Database server        = DB2/AIX64 10.1.4
  SQL authorization ID  = ODADMIN
  Local database alias  = ARCHIVE
 
  $ db2 "update arssys set sys_mask=16"
  DB20000I  The SQL command completed successfully.
  $ db2 terminate
  DB20000I  The TERMINATE command completed successfully.


<code>
    $ db2 terminate
    DB20000I  The TERMINATE command completed successfully.
</code>
</code>


Retrieved from "https://CMOD.wiki/index.php?title=Special:MobileDiff/213"