The DB2® database
system provides a caching mechanism to reduce the number of times
a client searches the LDAP server.
About this task
After the information is retrieved, it is stored or cached
on the local computer based on the values of the
dir_cache database
manager configuration parameter and the
DB2LDAPCACHE registry variable.
- If DB2LDAPCACHE=NO and dir_cache=NO,
then always read the information from LDAP.
- If DB2LDAPCACHE=NO and dir_cache=YES,
then read the information from LDAP once and insert it into the DB2 cache.
- If DB2LDAPCACHE=YES or is
not set, then read the information from LDAP server once and cache
it into the local database, node, and DCS directories.
Note: The caching of LDAP information is not applicable to
user-level CLI or DB2 profile
registry variables. Since information in LDAP is subject to change,
it might be necessary to refresh the LDAP entries cached in the local
database and node directories. There are a few ways to do this.
Procedure
- To refresh all the local database and node entries that
were retrieved from LDAP, use the following command:
db2 refresh ldap immediate
- To refresh existing local database and node entries and
add new entries from LDAP, use the following command:
db2 refresh ldap immediate all
Specifying
the IMMEDIATE ALL parameter adds all the NODE
and DB entries contained with the LDAP server into the local directories.
- Alternatively, to force DB2 for Linux, UNIX, and Windows to refresh
the database entries that refer to LDAP resources on the next database
connection or instance attachment, use the following command:
db2 refresh ldap database directory
- Likewise, to force the DB2 database
manager to refresh the nodes entries that refer to LDAP resources
on the next database connection or instance attachment, use the following command:
db2 refresh ldap node directory
Results
As part of the refresh, all the LDAP entries that are saved
in the local database and node directories are removed. The next time
that the application accesses the database or node, it will read the
information directly from LDAP and generate a new entry in the local
database or node directory.
What to do next
To ensure that the refresh is done in a timely way, you
might want to:
- Schedule a refresh that is run periodically.
- Run the REFRESH command during system bootup.
- Use an available administration package to invoke the REFRESH command
on all client computers.
- Set DB2LDAPCACHE=NO to avoid
LDAP information being cached in the database, node, and DCS directories.