User, user ID and group names must follow naming guidelines.
Table 1. User, user ID and group naming rulesObjects |
Guidelines |
- Group names
- User names
- User IDs
|
- Group names must be less than or equal to
the group name length listed in SQL
and XML limits.
- User IDs on Linux and UNIX operating systems can contain
up to 8 characters.
- User names on Windows can
contain up to 30 characters.
- When not using Client authentication, non-Windows
32-bit clients connecting to Windows with
user names longer than the user name length listed in SQL
and XML limits are supported when the user name and password
are specified explicitly.
- Names and IDs cannot:
- Be USERS, ADMINS, GUESTS, PUBLIC, LOCAL or any SQL reserved word
- Begin with IBM,
SQL or SYS.
|
Note: - Some operating systems allow case sensitive user IDs and passwords.
You should check your operating system documentation to see if this
is the case.
- The authorization ID returned from a successful
CONNECT or ATTACH is truncated to the authorization name length listed
in SQL and XML limits. An ellipsis (...) is appended to the
authorization ID and the SQLWARN fields contain warnings to indicate
truncation.
- Trailing blanks from user IDs and passwords are removed.
- Restrictions
on the authorization ID: In DB2® Version
9.5 and later, you can have a 128-byte authorization ID. However,
when the authorization ID is interpreted as an operating system user
ID or group name, DB2 imposed
naming restrictions apply. For example, the Linux and UNIX operating
systems can contain up to 8 characters and the Windows operating systems can contain up
to 30 characters for user IDs and group names. Therefore, if you want
to connect as a user that has a 128-byte authorization ID, you need
to write your own security plug-in. In the plug-in, you can use the
extended sizes for the authorization ID. For example, you can give
your security plug-in a 30-byte user ID and, during authentication,
it returns a 128-byte authorization ID that you can connect to.