LDAP Directory Server
DB2 UDB Server
DB2 UDB Client
Test ScenariosPerform the following test scenarios and observe differences in behavior:
Step #1Before you can use DB2 in the IBM LDAP environment, you must select the IBM LDAP client on Windows client systems; use the db2set command to set the DB2LDAP_CLIENT_PROVIDER registry variable to IBM: $ db2set DB2LDAP_CLIENT_PROVIDER=IBM On each DB2 UDB machine (client and server): Step #2Enable LDAP support: $ db2set DB2_ENABLE_LDAP=YES Step #3Specify LDAP server's TCP/IP hostname and port number: $ db2set DB2LDAPHOST=newschemadirectory.service.dntteam.com:389 Step #4Specify the LDAP baseDN: $ db2set DB2LDAP_BASEDN=o=phantom.com Step #5Specify the LDAP user's DN and password for the DB2 instance owner to use LDAP to store DB2 user-specific information. Log in as DB2 instance owner and run the db2ldcfg utility: $ db2ldcfg u "cn=Jonathan Phan, ou=TestTeamI, o=phantom.com, c=us" w password Step #6Each DB2 server instance must be registered in LDAP to publish the protocol configuration information that is used by the client applications to connect to it: $ db2 register db2 server in ldap as SANDIEGO protocol tcpip hostname 192.168.1.51 svcename 11001 remote sunshine_dnt instance v8inst This creates a node directory entry equivalent to that resulting from the following: catalog tcpip node <node_name> remote <hostname> server <port> remote_instance <instance> Step #7A remote DB2 database server can also be registered using this form of the register command: $ db2 register db2 server in ldap as <ldap_node_name> protocol tcpip hostname <host_name> svcename <tcpip_service_name> remote <remote_computer_name> instance <instance_name> Step #8 (optional)To change the DB2 database server information in LDAP, run the following update LDAP command: $ db2 update ldap node SANDIEGO hostname 192.168.1.101 svcename 11002 Step #9Create the sample database: $ db2sampl Step #10The database is automatically registered in LDAP during the creation of a database within an instance. If the name already exists in the LDAP directory, the database is still created on the local machine but a warning message is returned, stating the naming conflict in the LDAP directory. In this case, the user can manually register the database: $ db2 catalog ldap node SANDIEGO as SANDIEGO $ db2 catalog ldap database SAMPLE at node SANDIEGO with "My LDAP SAMPLE database" Step #11You can also manually refresh the database and node entries that refer to LDAP resources: $ db2 refresh ldap database directory $ db2 refresh ldap node directory |