The Centrify Community has some great resources when it comes to IBM DB2 integration with Active Directory using Centrify. But, have you ever wanted to quickly set up DB2 in a test environment to play with these integrations? By following this article, you can!
I had long shied away from testing the Centrify DB2 plugin because it seemed mysterious and complex. Once I dove into it, I found it was much easier than expected. In only a few hours, I had a DB2 test instance up and running, easily integrated with Active Directory thanks to Centrify.
Why integrate DB2 with Active Directory Using Centrify? Robertson has a great write-up here: Overcoming IBM DB2 Identity and Access Challenges with Centrify and AD.
My AD users could authenticate to the DB2 system from the command line or remotely using IBM Data Studio. Security Groups were enumerated from AD, and SSO "just worked". Best of all, I could quickly demonstrate meeting security requirements by enabling DB2's encryption of usernames, passwords and optionally all data going to the server.
Here is my experience installing IBM DB2 Express-C on CentOS 7.2.
- CentOS 7.2 virtual machine joined to Active Directory using Centrify Server Suite
- DB2 Express-C installation file obtained from https://www.ibm.com/developerworks/downloads/im/db
Validate prerequsites. The following command produced a list of errors for 32-bit libraries that I ignored, since I was running on a 64-bit system.
There were a few errors I had to resolve manually. First, resolve dependency issues on CentOS:
yum install libaio yum install compat-libstdc++-33
Next, since my CentOS test VM was a "minimal" install, it did not include X-Windows. To keep going with my DB2 installation quickly, I chose to install X Windows instead of trying to figure out how to install DB2 on the command line only:
yum groupinstall “Desktop” “X Window System” “Fonts” “Desktop Platform”
Now that the pre-reqs are satisified, I was able to launch the DB2 installer:
- The GUI launches.
- Select "New Install".
- Choose "DB2 Express C", then click "Next".
- I chose "Typical" and clicked "Next".
- Set a password for the instance owner, db2inst1, and click "Next".
- Do the same for Fenced User
- Lastly, click "Finish" after the Response File and Summary
Next, let's create a sample database for testing purposes.
su - db2inst1 cd /opt/ibm/db2/V11.1_01/bin/db2sampl ./db2sampl
This creates the sample database. We can test by connecting to it:
db2 connect to sample
To return some results, you can use the following query:
db2 ‘select * from dept’
From here, you can follow Robertson's guide to install the Centrify DB2 user, group and GSSAPI plugins.
Part 2 of this blog has been published! See it here: Testing and Troubleshooting the Centrify DB2 plugin.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.