Db2 9.5 on Unix via SSH remote collection failure

Technote (troubleshooting)


Problem(Abstract)

Remote Collect (via SSH) of audit data from Db2 9.5 on Linux, fails with SQL1046N
error: 'Authorization ID is not valid'

Symptom

The SSH collect user was called tcimdb2collect, this user failed to execute the db2audit utility and encountered the following error:

SQL1046N The authorization ID is not valid.

The error was shown inspite of adding the SSH user tcimdb2collect to the syadm group on Unix machine, thereby giving it the administrator level privileges to run the db2audit command.

Cause

SSH collect user name length exceeded the maximum limit of 8 characters for Unix.

Diagnosing the problem

As part of the SQL error message documentation for SQL1046N error, the following was shown:

bash-3.2$ db2 ? SQL1046N
SQL1046N The authorization ID is not valid.

Explanation:
The authorization specified at logon is not valid for either the data
source or the database manager. One of the following occurred:

  • The authorization contains more than 30 characters for Windows platforms or 8 characters for other platforms.
  • The authorization contains characters not valid for an authorization. Valid characters are A through Z, a through z, 0 through 9, #, @ and $.
  • The authorization is PUBLIC or public.
  • The authorization begins with SYS, sys, IBM, ibm, SQL or sql.
  • The authorization violates some data source-specific naming convention.
The command cannot be processed.

In the above error message it was mentioned that the user name length must not be more than 30 characters for Windows or 8 characters for Unix platforms.

Incase of the SSH collect user name, "tcimdb2collect" certainly exceeded the 8 character limit on Unix.

Resolving the problem

As a solution, deleted the tcimdb2collect user and created a new user tcimdb2 (within 8 character limit) and added the new user to the sysadm group. Subsequently, the db2audit command was executed and the Db2 audit log collection completed successfully.

Cross reference information
Segment Product Component Platform Version Edition
Security Tivoli Compliance Insight Manager Actuator /Agent Windows 8.5 All Editions

Rate this page:

(0 users)Average rating

Document information


More support for:

Tivoli Security Information and Event Manager

Software version:

2.0

Operating system(s):

AIX, Linux, Windows

Software edition:

All Editions

Reference #:

1621225

Modified date:

2012-12-30

Translate my page

Machine Translation

Content navigation