DB2 SQL-Error: -30082
SQLState: 08001
Short Description: CONNECTION FAILED FOR SECURITY REASON C T DCE DCE T A V A V C DB OS A V TCPIP TCPALVER DSNTIP DSNFAC TCPALVER DB OS A V SECURITYOUT SYSIBMLUNAMES SYSIBMIPNAMES S T I DB UDB OS DSNLI P DB CDB M CDB
The attempt to connect to a remote database server was rejected due to invalid or incorrect security information. The cause of the security error is described by the reason-code and reason-string values. The possible values for reason-code and reason-string appear below: v 1 (PASSWORD EXPIRED) -- the password used to connect to the remote server has expired. v 2 (PASSWORD INVALID) -- the password used to connect to the remote server does not match the password stored at the remote server. v 3 (PASSWORD MISSING) -- the remote server rejected the connection request because the request did not include a password. v 4 (PROTOCOL VIOLATION) -- the remote server rejected the connection request because the request did not contain the proper security information. Error messages or trace records should be produced by the server system to explain the nature of the security violation. v 5 (USER-ID MISSING) -- the remote server rejected the connection request because the request did not specify a user-id. v 6 (USER-ID INVALID) -- the user-id specified in the connection request is not defined at the remote server system. v 7 (USER-ID REVOKED) -- the user-id specified in the connection request has been revoked. v 15 (SECURITY FAILURE:secchkcd:svcerrno)—Authentication failed at the remote server system. Refer to the Open Group Technical Standard, DRDA Version 3 Vol. 3: Distributed Data Management Architecture for a detailed discussion of the semantics of the DDM terms SECCHKCD and SVCERRNO. v 16 (NEW PASSWORD INVALID) -- the password specified on a change password request did not meet the server’s requirements. v 17 (UNSUPPORTED FUNCTION) -- the security mechanism specified by the client is invalid for this server. Some typical examples: – The client is configured to send an Already Verified userid but the server does not support Already Verified userids. Client or server changes must be made to correct the inconsistency. - DB2 for z/OS server acceptance of Already Verified userids over TCP/IP connections is controlled by the TCPALVER value of the DSNTIP5 installation panel (DSN6FAC TCPALVER). - DB2 for z/OS client usage of Already Verified userids is controlled by the SECURITY_OUT column of the SYSIBM.LUNAMES or SYSIBM.IPNAMES table.– The client is configured to use one of the following security mechanisms but the server does not support the mechanism: - Encrypted userid and encrypted security-sensitive data. - Encrypted userid, encrypted password, and encrypted security-sensitive data.Client changes must be made to correct the inconsistency. - DB2 for z/OS server acceptance of Already Verified userids over TCP/IP connections is controlled by the TCPALVER value of the DSNTIP5 installation panel (DSN6FAC TCPALVER). - DB2 for z/OS client usage of Already Verified userids is controlled by the SECURITY_OUT column of the SYSIBM.LUNAMES or SYSIBM.IPNAMES table.– The client is configured to use one of the following security mechanisms but the server does not support the mechanism: - Encrypted userid and encrypted security-sensitive data. - Encrypted userid, encrypted password, and encrypted security-sensitive data.Client changes must be made to correct the inconsistency. - DB2 for z/OS client usage of encryption security mechanism is controlled by the SECURITY_OUT column of the SYSIBM.IPNAMES table.v The client sent a new password value to a server that does not support the DRDA change password function.