Skip to main content

IBM DB2/UDB Database

Connector name

agtdb2

Connector type

Executable

Type (UI field value)

DB2 Database

Connector status / support

Customer-Verified

Clients may contact Bravura Security support for assistance with this connector. Troubleshooting and testing must be completed in the client's test environment as Bravura Security does not maintain internal test environments for the associated target system.

Installation / setup

No software is installed on the DB2 server

This connector uses the DB2 client software to bind to the DB2 database server and issue SQL commands.

The following Bravura Security Fabric operations are supported by this connector:

  • get server information

  • create account

  • delete account

  • update attributes

  • list account attributes

  • List:

    • accounts

    • attributes

For a full list and explanation of each connector operation, see Connector operations.

See also

Bravura Security Fabric can also manage passwords and/or accounts defined wholly inside an application table space, rather than database-level accounts, using the scripted connector for DB2 (agtdb2script). See IBM DB2/UDB Database Hosted Applications for details.

Preparation

Before Bravura Security Fabric can list and manage database-level accounts in IBM DB2/UDB, you must:

  1. Install the client software.

  2. Configure a target system administrator.

  3. Create at least one template account.

Installing client software

Bravura Security Fabric communicates with the DB2 server via APIs provided by the DB2 Connect client. Before you can target DB2, you must install and configure the DB2 Connect client on the Bravura Security Fabric server.

Consult the documentation included with your DB2 client software for more information.

After you have configured the DB2 client, ensure that an ODBC system data source exists for each DB2 database that Bravura Security Fabric will target. To do this:

  1. Open Control Panel and select Administrative Tools > Data Sources (ODBC).

  2. Select the System DSN tab.

    The ODBC Data Source Administrator displays a list of data sources. DB2 data sources are indicated by the driver "IBM DB2 ODBC DRIVER".

    If a data source does not exist for the DB2 database that you want Bravura Security Fabric to target, click Add and create a new data source. See your Windows or DB2 help for more information.

  3. Note the system Data Source Name (DSN). You will need this name when adding the target to Bravura Security Fabric . This is usually the same as the DB2 database name.

Configuring a target system administrator

Bravura Security Fabric uses a designated account on the DB2 target system to list and manage accounts. Typically, the account used is db2admin, which is created during the installation of the DB2 server. You can also configure another account (for example, psadmin) with equal privileges to use as a target system administrator.

Ensure that you set and note the account’s password. You will be required to enter the login ID and password when you add the DB2 target system to Bravura Security Fabric .

Creating a template account

Bravura Security Fabric uses template accounts as models or "blueprints" for creating new DB2 accounts. The following example illustrates how you can create a template account in a DB2 database:

  1. Create a new Windows user with default privileges.

  2. Open the DB2 Control Center.

  3. Under your specified database, open the User and Group Objects folder, and highlight the DB Users section.

  4. Right click on DB Users and select Add.

  5. In the database tab, choose the previously created Windows user.

  6. Give this user the privileges that you want your template user to have.

  7. Click OK to create the user.

See your systems administrator or DB2 documentation for more information if required.

Targeting an IBM DB2 database

For each DB2 database, add a target system (Manage the system > Resources > Target systems):

  • Type is DB2 Database.

  • Address uses:

    Server DB2 system DSN.

    See Installing client software to learn how to find the ODBC system DSN.

    (key: server)

    Table view type, default syscat Optional.

    If the table view type is omitted, the default view is syscat. Specify the sysibm table view for DB2 targets with z/OS backend.

    (key: view)

  • Administrator ID and Password are the login ID and password for the target system administrator you configured earlier .

The full list of target system parameters is explained in Target system options .

Handling account attributes

You can view the complete list of attributes that Bravura Security Fabric can manage, including native and pseudo-attributes, using the Manage the system (PSA) module. To do this, select DB2 database from the Manage the system > Resources > Account attributes > Target system type menu.

For information about the native DB2 attributes managed by Bravura Security Fabric , consult your systems administrator or DB2 documentation.

Note

DB2 creates accounts in uppercase and is case-sensitive. The global @fullname attribute cannot be listed from this target.

In this section: