DB2 Version 10.1 for Linux, UNIX, and Windows

User, user ID and group naming rules

User, user ID and group names must follow naming guidelines.

Table 1. User, user ID and group naming rules
Objects Guidelines
  • Group names
  • User names
  • User IDs
  • Group names must be less than or equal to the group name length listed in SQL and XML limits.
  • User IDs on Linux and UNIX operating systems can contain up to 8 characters.
  • User names on Windows can contain up to 30 characters.
  • When not using Client authentication, non-Windows 32-bit clients connecting to Windows with user names longer than the user name length listed in SQL and XML limits are supported when the user name and password are specified explicitly.
  • Names and IDs cannot:
    • Be USERS, ADMINS, GUESTS, PUBLIC, LOCAL or any SQL reserved word
    • Begin with IBM, SQL or SYS.
Note:
  1. Some operating systems allow case sensitive user IDs and passwords. You should check your operating system documentation to see if this is the case.
  2. The authorization ID returned from a successful CONNECT or ATTACH is truncated to the authorization name length listed in SQL and XML limits. An ellipsis (...) is appended to the authorization ID and the SQLWARN fields contain warnings to indicate truncation.
  3. Trailing blanks from user IDs and passwords are removed.
  4. Restrictions on the authorization ID: In DB2® Version 9.5 and later, you can have a 128-byte authorization ID. However, when the authorization ID is interpreted as an operating system user ID or group name, DB2 imposed naming restrictions apply. For example, the Linux and UNIX operating systems can contain up to 8 characters and the Windows operating systems can contain up to 30 characters for user IDs and group names. Therefore, if you want to connect as a user that has a 128-byte authorization ID, you need to write your own security plug-in. In the plug-in, you can use the extended sizes for the authorization ID. For example, you can give your security plug-in a 30-byte user ID and, during authentication, it returns a 128-byte authorization ID that you can connect to.
Related concepts:
DB2 object naming rules
Delimited identifiers and object names
General naming rules
Related reference:
Reserved schema names and reserved words