I want to use LDAP data for the authentication process in DB2.
I have already configured DB2 via PAM to retrieve the information of the NIS server that is in the ActiveDirectory. It works perfect with usernames that have 8 characters or less. I followed this instructions
$ db2 connect to sample user username using test-2014
Database Connection Information
Database server = DB2/LINUXX8664 9.7.9
SQL authorization ID = USERNAME
Local database alias = SAMPLE
However, I have problems with users with longer usernames.
$ db2 connect to sample user username123 using test-2014
SQL30082N Security processing failed with reason "24" ("USERNAME AND/OR
PASSWORD INVALID"). SQLSTATE=08001
I know that the password is correct, and it seems there is a DB2 limit on *NIX systems
Users are defined in ActiveDirectory and change the username is not possible. However, DB2 authentication could be configure in any way, the important is to use the ActiveDirectory information.
What can I do? Is there any possibility to create username aliases in ActiveDirectory?
username123 -> userna-1
Can I configure PAM differently to deal with this issue?
I am using DB2 9.7 and Active Directory 2008. I do not want to create my own security plugin for db2, but use Transparent LDAP.
