I have created a DB2 database, and I'm trying to create a new user.
Here the steps I made :
- Creating an OS (Linux) user with root account (useradd myuser)
- Giving a password to the new user (passwd myuser)
- On IBM Data Studio, I added a new user and grant him connect to the database
But on Linux, with the user which owns the instance, I tried to connect to the database with the new user (db2 connect to MYDB user myuser), I've the following :
SQL30082N Security processing failed with reason "24" ("USERNAME AND/OR
PASSWORD INVALID"). SQLSTATE=08001
Am I doing something wrong ?
Thanks in advance for your help
The answer might depend on the DB2 version. Until DB2 9.7 fix pack 1 you could not have the password longer than 8 characters. And how long is the actual user name? I would limit that to 8 characters as well. The error is quite clear: the user authentication fails, and DB2 relies on the OS for authentication.
Related
i am using pg lib in strapi application, where initially it creates postgres connection using correct postgresql username(postgres), database name(strapi_db) and password(postgres) but after login it changed it to connect using my windows 10 username(rayappan.a, and database as rayappan.a). it seems strange to me because i never configured anywhere to use my windows credentials for POSTGRESQL connection. please any one tell me how to fix username connection issue
Regards,
Rayappan Antoniraj
Take a look into https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING . It states that username:
Defaults to be the same as the operating system name of the user running the application."
The database name:
Defaults to be the same as the user name.
So it seems a new connection with parameters not set is made.
Probably basic stuff. I'm just trying out DBeaver for the first time to set up a Postgresql database.
I chose new database connection - Postgres
Host: localhost
Database: postgres
Username: postgres and system password ... All connected
but when I right click create new database or schema I get the error
"SQL Error [42501]: ERROR: permission denied to create database
ERROR: permission denied to create database"
Where could I be doing wrong?
User postgres don't have Create Database permission.
You can check list of given permissions from Roles->postgres
Note: By default Super User will have all the permissions but if your's is not Super User then you have to establish connection using Super User and then enable required permissions to Non Super User.
I am using Ubuntu OS. In my case was an issue when trying to save a DUMP on SSD. I solved by following steps:
1st - open ubuntu software
2nd - search for dbeaver-ce
3rd - after installed it, click Permissions
4th - check Read/write files on removable storage devices
Hope it might help someone in the future.
I tried to do the same over several hours yesterday. Apparently, DBeaver doesn't allow the creation of new databases (at least at this version of the software). You can connect to an existing DB and that's about it.
has anyone success to create connection to elephantsql.org using pgadmin?
i want to try to store my database on a server and im trying to use elephantsqlcom
i want to connect to it using pg admin to make maintenance easier. i have followed this instruction : https://www.elephantsql.com/docs/pgadmin.html but keep getting this error
what should i do? thanks all
change database name from postgres to xwpgagbb similar to:
see user AND DEFAULT DATABASE are the same?..
I'm trying to setup a local firebird instance to test against but am unable to connect to it with even ISQL. I have tried to following by following the quick start guide here:
CONNECT ..\examples\empbuild\employee.fdb user SYSDBA password masterkey;
Which resulted in:
Statement failed, SQLSTATE = 08001
unavailable database
After some searching I tried modifying that to:
CONNECT "localhost:C:\Program Files\Firebird\Firebird_2_5\examples\empbuild\employee.fdb" user SYSDBA password masterkey;
Which resulted in:
Statement failed, SQLSTATE = 28000
cannot attach to password database
After confirming I had the right directory path I decided to give on on connecting for now and try creating a new DB:
SQL>CREATE DATABASE 'C:\data\test.fdb' page_size 8192
CON>user 'SYSDBA' password 'masterkey';
Which also gave me the error:
Statement failed, SQLSTATE = 08001
unavailable database
Are there any common pitfalls I might be hitting? I've also tried the commands above both with and without the firebird service running. Also is there a detailed reference on the SQLSTATE codes?
As already mentioned in my comments the problem is caused by running the Firebird server as an application. Firebird has its password database (security2.fdb) in C:\Program Files\Firebird\Firebird_2_5. As this database is (almost, but not entirely) a normal Firebird database, the server requires write access to this database (for the transactions, etc).
By default (with UAC) users do not have write access to the password database, so this requires elevation to Administrator. So access to Firebird requires that you either run the application as a service with sufficient rights (eg as done by the default installer), or when running the server as application to run it 'As administrator'. Another option is to not install it in Program Files.
This BTW applies double when accessing the example employee database as this database file is also located in the Program Files folder.
This is for macOS/OSX (mine is 10.15) firebird ver 2.5 users.
The installation process here does not ask for a sysdba password. Which means: the security database 'security2.fdb' does not exist after a new installation.
This seems to be intentionally for security reasons since > ver 2.5.
To create one, we use the demo database as a helper:
open sql as su: >sudo isql (we don't have user rights on dir)
Connect to a existing db:
sql>connect
"/Library/Frameworks/Firebird.framework/Resources/examples/empbuild/employee.fdb
" user 'SYSDBA' password 'masterkey';
Now we created the missing file 'security2.fdb' in the folder:
"/Library/Frameworks/Firebird.framework/Resources/English.lproj/var/"
(jro)
I stopped my db using db2stop force. The started did a backup restarted and after that
i cannot connect to db from the a client anymore i get:
using the command
db2 connect to "dbname" using "user"
SQL30082N Security processing failed
with reason "42" ("ROOT CAPABILITY
REQUIRED"). SQLSTATE=08001
password and username are correct. When im on the server connecting using command
db2 connect to "dbname"
or
db2 connect to "dbnmae" user "user"
or
db2 connect to "dbname" user db2inst1
works just fine.
I m really confused. Any help is much appreciated
Thanks.
What i tried so far :
db2 get dbm cfg | grep -i auth GSS
Plugin for Local Authorization
(LOCAL_GSSPLUGIN) = Server
Connection Authentication
(SRVCON_AUTH) = NOT_SPECIFIED
Database manager authentication
(AUTHENTICATION) = SERVER Cataloging
allowed without authority
(CATALOG_NOAUTH) = NO Trusted client
authentication
(TRUST_CLNTAUTH) = CLIENT Bypass
federated authentication
(FED_NOAUTH) = NO
switched to client but did not using
db2 update dbm cfg using
authentication client
Update:
Despite the age of this question, it would be wonderful to have a solid answer to this question. Hi locojay, how did you manage? :-)
I'm having the SQL30082N reason code 24 issue in my Windows PC, and today we experienced the same issue in an AIX server.
I googled for a couple hours and didn't find but one happy answer, related to having users with the same name both in the server and the client.
IMO it does not apply to me, as I'm running into a VBox that´s isolated from the domain (no network).
My case: I installed DB2 as user db2admin, no security. Then I granted DBADM to VIRTUALUSR01 and gave this user a password.
db2 connect to TheBase
works fine. But
db2 connect to TheBase user VIRTUALUSR01 using TheRightPassword
returns SQL30082N with reason code 24.
Using client authentication is generally a Bad Idea(TM). That's because you now rely on machines that you may not control for authentication. If I wanted to subvert your system, I could create a new user locally, say, db2inst1 or VIRTUALUSR01 or Administrator, with a password I know, and then, use that to wreak havoc on the database. If, however, no one in your organisation has root/administrator authority over their own machines, client authentication can be made to work. But all it takes is someone plugging in their own personal laptop, and your database could be at risk.
Instead, check the permissions of the files. If you've installed as root, ~db2inst1/sqllib/security/db2c[hk]pw (assuming instance ID of db2inst1) should be setuid root. If not, run db2iupdt against your instance (./db2iupdt db2inst1) which should fix the permissions.
If you've installed without root authority ("non-root install"), which I doubt, since you seem to have had this working, you would need to read the DB2 documentation on non-root installations and their limitations - I don't use non-root installs myself, so I'm not so familiar with them. However, there should be a set-root script that you can use to enable setuid root which, of course, you have to run as root.
I had the same problem and solved with the following way.
Problem occurs because of /etc/shadow file. If the user's password hash is created with SHA then DB2 cannot authenticate or authorize that user. You need MD5 for hashing that user's password.
If you are using Fedora or RedHat Linux, first change hashing method of passwords with:
# authconfig –-passalgo md5 –-update
Then drop and recreate the user:
# userdel userName
# useradd userName
# passwd userName
If you are using AIX or any other linux distros, authconfig won't work. So instead of passwd userName, issue this command:
# usermod --password `openssl passwd desiredPassword`
After that, your password hash belonging to userName will be generated with MD5.
Now grant user privilege to that user:
# su - db2inst1
(db2inst1)$ db2 connect to databaseName
(db2inst1)$ db2 GRANT DBADM with dataaccess with accessctrl on database to user userName
I hope it works for you too.
Thanks to Honza for his solution
Solutions to specific problem causes described previously in
this message are:
1. Run DB2IUPDT <InstName> to update the instance.
2. Ensure that the username created is valid. Review the DB2
General Naming Rules.
3. Ensure that catalog information is correct.