IBM DB2 Non-root/non-Administrator installation, Windows security, Administration server user

Administration server user

DB2 Administration server (DAS) provides support for DB2 GUI tools and other administrative tasks, such as Control Center, Configuration Assistant, and Task Center. Each physical operating system can have only one DAS created.

Windows security

For Windows environments, an instance owner user and an administration server user are required for a typical DB2 server deployment.

DB2 products provides extended Windows security features since the DB2 Version 8.2. It is used to protect DB2 files on the Windows system. It does not change the authentication mechanism. Two additional groups are created in Windows: DB2USERS and DB2ADMNS. Only users who belong to these groups have access to the DB2 files on system. This security feature is enabled by default during the product installation, but group names can be changed.

Note: The DB2 server side trace should be taken locally in a Windows environment when it has the extended Windows security feature enabled. Otherwise, only the application request (AR) function would be traced and application server (AS) functions will be absent in the trace.

2.1.3 Non-root/non-Administrator installation

In the past, the root/Administrator account has been the only user who could perform DB2 product installation and other related tasks such as applying fix packs and configuring instances. DB2 9.5 introduces the non-root/ non-Administrator installation option for UNIX, Linux, and Windows platforms. It allows you to install DB2 products without root/Administrator privilege, providing convenience to application developers, system administrators, and database administrators.

Non-root installation on UNIX/Linux

Since non-root installation can be performed by someone who does not have root privilege, it can reduce the system administrator’s time. It is also a more attractive option for the application developer who normally does not have root privilege. Independent Software Vendors (ISVs) might also prefer non-root installation when they are deploying applications that do not require root privilege yet embed a DB2 product.

32DB2 Deployment Guide