DB2 with SAMBA winbind

From CMOD.wiki
Jump to: navigation, search

While technically unsupported, it is possible to configure DB2 to work with SAMBA Winbind on UNIX operating systems.

DB2 with winbind isn't explicitly supported: IBM Technote: Does DB2 support Samba Winbind authentication from Linux? (This specific article is 3+ years old at the time this article was written. A request to update it has been submitted.)

If you're reading this article because you need to configure a Linux server with DB2 using SAMBA winbind for LDAP authentication, start with the SAMBA winbind on Linux HOWTO document

What were you doing?

Probably trying to complete an IBM CMOD installation on a new machine with centralized authentication (using LDAP) with the open-source SAMBA winbind library. Alternatively, your organization may have tried to implement LDAP with SAMBA winbind on an existing OnDemand server, and now DB2 refuses to start.


When issuing practically any DB2-related command-line utility like db2icrt, or commands inside DB2 like the 'start database manager' or 'activate database archive' as a prerequisite to start Content Manager OnDemand, the process hangs and doesn't return.


While the DB2 utility or command is still stuck, you can issue the  'ps -ef |grep winbind' command to see if it's consuming a lot of CPU or Memory.

If it is, then stop the winbind service by logging in as root, and issuing the following command:

 service winbind stop

If the IBM DB2 utility or command returns, then you need to configure your Linux server to use a Transparent LDAP proxy.


DB2 can be configured with 'Transparent' LDAP: Configuring Transparent LDAP for Authentication and Group Lookup

DB2 SAMBA Winbind Authentication

After following the instructions for your specific platform, in the /etc/pam.d/db2 configuration file for your platform, change all references to  pam_ldap.so to  pam_winbind.so .