IBM Support

Troubleshooting connection error -952 using the correct password

Troubleshooting


Problem

What to check when you receive error -952 "User's password is not correct for the database server"

Symptom

When you connect to a database you receive error -952 "User's password is not correct for the database server"

Cause

The error message indicates the authentication failed due to an invalid password. Under certain circumstances, error -952 could be returned even when the password is correct.
Possible causes are:

  • password is not correct or it has expired
  • user does not have read permission on file /etc/passwd
  • wrong permission on the executable $INFORMIXDIR/bin/oninit, where INFORMIXDIR is the environment variable pointing to the directory where the product is installed.
  • the password is greater than 8 characters
  • the database server was not started as user informix or root

If you are using password shadowing, the following are also possible causes of this error:
  • Operating System is AIX, and file /etc/security/passwd is not readable by user root
  • Operating System is Linux (RedHat), Solaris or HP 11i, and file /etc/shadow is readable by user root
  • if your platform is DEC-Alpha, you might be facing the following bug:

154706 CANNOT CONNECT TO DATABASE SERVER AFTER IMPLEMENT ENHANCED SECURITY (C2LEVEL) ON COMPAQ TRU64 V5.1 (ERROR 952)

Resolving The Problem


Here are some hints on what you must consider when receiving error -952:

  • Log on to the system and verify that the userid/password have not expired and need to be set. Do this by using the telnet utility from the Unix prompt on a different machine, to establish a connection to the machine where Informix is installed, and go through the authentication process.
    Example:
       telnet <informix server hostname>

      Renew the password if you get an error saying that the password expired.
  • Make sure that all users, including user informix have read permission on /etc/passwd
  • Change directory to where Informix, installed and make sure that permission on the executable $INFORMIXDIR/bin/oninit are -rwsr-sr--, where INFORMIXDIR is the environment variable pointing to the directory where the product is installed.
    Example:

    cd $INFORMIXDIR
    ls ./bin/oninit

    -rwsr-sr--   1 root     informix 8163428 Jul 23  2003 oninit
  • Do the following to correct any permission problem:
    • If you have Informix version 7, run the script installserver as user root
    • If you have Informix version 9, run the script installserver as user informix and then execute script RUN_AS_ROOT as user root
  • the password is greater than 8 characters, reduce the password length to 8 characters
  • Make sure you start the database server as user informix or root

If your system uses shadow password, check the following:
  • If Operating System is AIX, make sure /etc/security/passwd is readable by user root
  • If Operating System is Linux (RedHat), Solaris or HP 11i, make sure file /etc/shadow is readable by user root
  • If your platform is DEC-Alpha, make sure you have the fix for defect 154706 by doing one of the following:
    • Install a version of the product where this defect is fixed: 7.31.FD5, 9.40.UC1 or later
    • Contact Informix Technical Support Team and request a fix for this defect


WORKAROUND

If you are using password shadowing, try the following as a temporary solution. Please note this is only a temporary solution. Copying the shadow password will create a security breach and will go against the whole logic of using shadow passwords.

1. Find in the /etc/passwd file, the entry corresponding to the user.
    Example:

    informix:x:200:200:InformixAdministrator:/home/informix:/bin/ksh

    where x represents that the password is a shadow password


2. Find in the shadow file (etc/security/passwd for AIX, /etc/shadow for RedHat, Solaris, HP11i) the entry corresponding to the user.
    Example:

    informix:ow3/GUDb8r2rk:12103::::::

3. Find the shadow password (second field), from the entry from the shadow file

4. Copy the encrypted password from step 3. to the second position in the /etc/passwd file, corresponding to the password.
    Example:

    After the update, the entry in the /etc/passwd file will look like the following:

    informix:ow3/GUDb8r2rk:200:200:InformixAdministrator:/home/informix:/bin/ksh

Alternatively, if you are using password shadowing, try to temporarily disable shadow password use.

[{"Product":{"code":"SSGU8G","label":"Informix Servers"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"--","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF025","label":"Platform Independent"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF008","label":"DYNIX\/ptx"},{"code":"PF015","label":"IRIX"},{"code":"PF026","label":"Reliant UNIX"}],"Version":"10.0;11.1;11.5;7.2;7.3;9.2;9.3;9.4;11.7","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
16 June 2018

UID

swg21177527