The DB2 Setup wizard creates the users
and groups automatically (if needed) during the installation of your DB2® database product.
Note: This topic does not apply to non-root installations.
If you are using the DB2 Setup wizard,
you can create the following users and groups during installation.
To manually create the following users and groups, see Creating group and user IDs for a DB2 database installation (Linux and UNIX).
Three users and three groups are used to operate DB2 on Linux and UNIX operating systems.
- Instance owner
- The DB2 instance is created
in the instance owner home directory. This user ID controls all DB2 processes and owns all filesystems
and devices used by the databases contained within the instance. The
default user is db2inst1 and the default group is db2iadm1.
When using the DB2 Setup wizard, the default
action is to create a new user for your DB2 instance.
The default name is db2inst1. If that user name
already exists, the DB2 Setup wizard searches
through user names (db2inst2, db2inst3,
and so on). The search continues until a user name is identified that
is not already an existing user on the system as the default instance
owner ID. If you choose to proceed this user is created by the DB2
Setup wizard. However, you also have a choice to specify
any existing user as the instance owner.
This method for user
name creation also applies to the creation of fenced users and DB2 administration server users.
- Fenced user
- The fenced user is used to run user defined functions (UDFs) and
stored procedures outside of the address space used by the DB2 database. The default user is db2fenc1 and
the default group is db2fadm1. If you do not need
this level of security, for example in a test environment, you can
use your instance owner as your fenced user.
- DB2 administration server
user
- The user ID for the DB2 administration
server user is used to run the DB2 administration
server (DAS) on your system. The default user is dasusr1 and
the default group is dasadm1. This user ID is also
used by the DB2 GUI tools to
perform administration tasks against the local server database instances
and databases.
There is only one DAS per computer. One DAS services
one or more database instances, including database instances that
belong to different installations. The DAS can service database instances
whose release level is lower than the release level of the DAS. However,
for database instances whose release level is higher than the release
level of the DAS, the DAS must be migrated to a higher level. The
DAS release level must be as high (or higher) than the release level
of any of the database instances it services.
User
ID restrictions
User IDs have the following restrictions
and requirements:
- Must have a primary group other than guests, admins, users, and
local
- Can include lowercase letters (a-z), numbers (0-9), and the underscore
character ( _ )
- Cannot be longer than eight characters
- Cannot begin with IBM,
SYS, SQL, or a number
- Cannot be a DB2 reserved
word (USERS, ADMINS, GUESTS, PUBLIC, or LOCAL), or an SQL reserved
word
- Cannot use any User IDs with root privilege for the DB2 instance ID, DAS ID or fenced ID.
- Cannot include accented characters
- If existing user IDs are specified instead of creating new user
IDs, make sure that the user IDs:
- Are not locked
- Do not have expired passwords