When using the DB2 Setup installation wizard on Linux and UNIX platforms, instance user, fenced user, and administration server user can be created during the installation process. You do not have to create them in advance. Because response file installation uses the DB2 Setup wizard as well, the situation is the same. But if you are using another installation method, such as db2_install, user account creation has to be done manually.

On Windows platforms, DB2 server products can be installed using the DB2 Setup wizard or response file installation. Before proceeding with DB2 server installation on Windows, ensure that the following user accounts are present (unless you are performing non-Administrator install):

￿An installation user account belonging to the Administrators group on the computer where you will perform the installation.

￿(Optional) DB2 Administration Server (DAS) user account.

￿(Optional) DB2 instance user account. You can also use the LocalSystem account for products other than DB2 Enterprise Server Edition.

Note: With default installation setting, DB2 takes advantage of system users and groups to perform authentication for security management. An authentication security plug-in module is included with the DB2 server installation. This default security plug-in module uses operating system-based authentication. You can also build your own authentication plug-in if necessary. The flexibility provided by DB2 enables users to achieve customized authentication, for instance, public key based security technology. We cover only the default authentication in this book.

DB2 Users and groups on Linux and UNIX

For UNIX/Linux platforms, normally three users are required for a DB2 server to operate with complete functionality.

Instance owner user

The instance owner user ID is used to start and stop DB2 services.

During the instance creation, the name of DB2 instance assumes the name of the instance owner user. The instance is created under this user’s home directory.

Fenced user

The fenced user is used to run user-defined functions (UDF) and stored procedures outside the address space of the DB2 engine. It acts like a firewall between user code and the DB2 engine to provide enhanced stability.

Chapter 2. DB2 server deployment 31

Page 45
Image 45
IBM manual DB2 Users and groups on Linux and Unix, Instance owner user, Fenced user, DB2 server deployment