IBM DB2/UDB Database Hosted Applications
Connector name |
|
Connector type | Executable |
Type (UI field value) | DB2 Database (Script) |
Target system versions supported / tested | Bravura Security Fabric can manage passwords for accounts defined wholly inside an IBM DB2/UDB application table space. Bravura Security Fabric can perform operations on applications that have an DB2 back-end database by connecting to the DB2 server using ODBC, and either directly updating user records (for example, SQL UPDATE) or by calling stored procedures. |
Connector status / support | Customer-Verified Clients may contact Bravura Security support for assistance with this connector. Troubleshooting and testing must be completed in the client's test environment as Bravura Security does not maintain internal test environments for the associated target system. |
Installation / setup | This connector uses the DB2 client software to bind to the DB2 database server and issues SQL commands that you provide in a script file. No connector software is installed on the DB2 Applications server or the back end database. |
The following Bravura Security Fabric operations are supported by this connector:
user verify password
user change password
get server information
administrator reset password
administrator reset+expire password
expire password
unexpire password
administrator verify password
verify+reset password
enable account
disable account
check account enabled
create account
delete account
expire account
check account expiry
unexpire account
lock account
unlock account
check account lock
add user to group
delete user from group
create group
delete group
add group to group
remove group from group
update attributes
list account attributes
List:
accounts
attributes
groups
members
computer objects
subscribers
update subscriber attributes/password
For a full list and explanation of each connector operation, see Connector operations.
This connector also supports custom operations, as defined in the configuration script .
See also
Bravura Security Fabric can also manage IBM DB2/UDB database-level accounts using the connector for DB2 (agtdb2 ). See IBM DB2/UDB Database for details.
Preparation
Before Bravura Security Fabric can manage application accounts in a DB2 database, you must:
Install the client software.
Define a data source.
Configure a target system administrator.
Create at least one template account to provision accounts for this target..
Write a script to configure connector behavior.
Installing client software
Bravura Security Fabric communicates with the DB2 server via APIs provided by the DB2 Connect client. Before you can target a DB2 application, you must install and configure the DB2 Connect client on the Bravura Security Fabric server.
Defining a data source
After you have installed the DB2 client, ensure that an ODBC system data source exists for each DB2 back end database that Bravura Security Fabric will target. To do this:
Open Control Panel and select Administrative Tools > Data Sources (ODBC).
Select the System DSN tab .
The ODBC Data Source Administrator displays a list data sources. DB2 data sources are indicated by the driver "IBM DB2 ODBC DRIVER".
If a data source does not exist for the DB2 database that you want Bravura Security Fabric to target, click Add and create a new data source. See your Windows or DB2 help for more information.
Note the system data source name (DSN). You will need this name when adding the target system to Bravura Security Fabric . This is usually the same as the DB2 database name.
(Optional) You can test the connection to the target system database.
Click OK to close the ODBC Data Source Administrator.
See your DB2 documentation for more information on configuring the DB2 client software.
Configuring a target system administrator
Bravura Security Fabric uses a designated account (for example, psadmin) on the DB2 target system to perform operations. The target system administrator require DB2 back end database privileges that grant execution of SQL commands used in the written script.
Ensure that you set and note the account’s password. You will be required to enter the login ID and password when you add the DB2 target system to Bravura Security Fabric .
Creating a template account
Bravura Security Fabric uses template accounts as models or "blueprints" for creating new application accounts in a DB2 database.
The steps required to create a template account depend on your application. Consult your systems administrator or application documentation for more information.
To learn how to create a template for DB2 database-level accounts, see DB2 creating a template account .
Writing a script to configure connector behavior
You write a script file to define SQL commands used in the interaction between the agtdb2script connector and the DB2 database.
Learn about writing script files for SQL application connectors.
Targeting an IBM DB2/UDB hosted application
For each DB2 hosted application, add a target system (Manage the system > Resources > Target systems):
Type is DB2 Database (Script) .
Address uses the following:
Server DB2 system DSN.
See Installing client software to learn how to find the ODBC system DSN for your DB2 application.
(key: server)
Instance Optional script variable instance name.
(key: instance)
Script file The script file must be in the <Program Files path>\Bravura Security\Bravura Security Fabric\<instance>\ script\ directory and describes the SQL commands used in the interaction between the connector and the database.
(key: script) The address is entered in the format:
{server=<system DSN;[instance=<script_variable_instance>;]script=<script filename>;}Administrator ID and Password is the login ID and password for the target system administrator you configured in earlier.
The full list of target system parameters is explained in Target system options .
Handling account attributes
In order for Bravura Security Fabric to manage attributes, you must first add the attributes to Bravura Security Fabric.
See Account attributes in the Bravura Security Fabric configuration documentation for more information.