db2ldcfg - Configure LDAP environment command

Authorization

None

Required connection

None

Command syntax

>>-db2ldcfg--+- -u--userDN-- -w--password-+--------------------><
             '- -r------------------------'   

Command parameters

-u userDN

Specifies the LDAP user's Distinguished Name to be used when accessing the LDAP directory. As shown in the following example, the Distinguished name has several parts: the user ID, such as jdoe, the domain and organization names, and the suffix, such as com or org.

-w password

Specifies the password.

-r

Removes the user's DN and password from the machine environment.

 db2ldcfg -u "uid=jdoe,dc=mydomain,dc=myorg,dc=com" -w password

Usage notes

In an LDAP environment using an IBM LDAP client, the default LDAP user's DN and password can be configured for the current logon user. After the LDAP users DN and password are configured, the DN and password are saved in the user's environment and used whenever the DB2® database accesses the LDAP directory. Configuring the default LDAP user's DN and password eliminates the need to specify the LDAP user's DN and password when issuing the LDAP command or API. However, if the LDAP user's DN and password are specified when the command or API is issued, the default settings will be overridden.

You can run this command only when using an IBM LDAP client. On a Microsoft LDAP client, the current logon user's credentials are used.

Version 10 Fix Pack 1 and later fix packs, the LDAP server credential can be provided by using the UserID and Password keywords in the ldapserver section (<ldapserver>) of the db2dsdriver.cfg file when using a CLI application.