|
Problem IC67410
|
Status: Closed |
IMPLICIT CONNECTION RETURNS SQL30082N RC=36 WHEN USING KERBEROS AUTHENTICATION |
| product: |
DB2 FOR LUW / DB2FORLUW / 950 - DB2 |
| Problem description: |
If you try to connect as current logon user (without userid and
password), you may receive SQL30082N with RC=36 intermittently
when using Kerberos authentication.
This problem may be occured sometimes when below four conditions
are all true:
1. Windows 2008 or Windows 2003 Domain Controllers
2. DB2 connect as current logon user (without providing a
userid and password)
3. Authentication type is KERBEROS or KRB_SERVER_ENCRYPT.
4. DB2 client is Windows platform.
You will find following messages at db2diag.log.
...
2009-12-22-14.07.49.828000+540 I13711F342 LEVEL: Error
PID : 4992 TID : 4384 PROC :
db2bp.exe
INSTANCE: DB2 NODE : 000
EDUID : 4384
FUNCTION: DB2 UDB, bsu security, sqlexLogPluginMessage, probe:20
DATA #1 : String with size, 45 bytes
InitializeSecurityContext returned 0x80090301
2009-12-22-14.07.49.828000+540 E14055F482 LEVEL: Severe
PID : 4992 TID : 4384 PROC :
db2bp.exe
INSTANCE: DB2 NODE : 000
EDUID : 4384
FUNCTION: DB2 UDB, bsu security, sqlexSlcGssPluginSecchkrm,
probe:350
MESSAGE : ADM13000E Plug-in "IBMkrb5" received error code
"50331648" from the
GSS (Generic Security Service) API
"gss_init_sec_context" with the error message ...
...
- This phenomenon doesn't happen all the time. Sometimes it
happens, and sometime it doesn't. This is random; there is no
rule such as it fails only the first time or it happens
alternately. When explicitly specifying a userid and password
for the connect, there is no problem.
- This problem only occurs when the dbm cfg parameter
AUTHENTICATION is set to "KERBEROSE" or "KRB_SERVER_ENCRYPT".
- The problem is in the DB2 client and specific to the Windows
platform
- The users need to upgrade all of the client machines when an
official fixpack is available.
- Upgrading to Windows XP SP3 is recommended.
- It is recommended to update the Windows operating system with
the latest patches from Microsoft. |
| Problem Summary: |
****************************************************************
* USERS AFFECTED: *
* DB2 UDB Version 9.5 *
****************************************************************
* PROBLEM DESCRIPTION: *
* See Error description field for more information. *
****************************************************************
* RECOMMENDATION: *
* Upgrade to Version 9.5 FixPack 7. *
**************************************************************** |
| Local Fix: |
Specify the userid and password when to a database or when
attaching to an instance.
Example:
db2 connect to sample user db2inst1 using password |
| available fix packs: |
DB2 Version 9.5 Fix Pack 7 for Linux, UNIX, and Windows
DB2 Version 9.5 Fix Pack 8 for Linux, UNIX, and Windows
DB2 Version 9.5 Fix Pack 9 for Linux, UNIX, and Windows
DB2 Version 9.5 Fix Pack 10 for Linux, UNIX, and Windows
|
| Solution |
Problem was first fixed in DB2 UDB Version 9.5 FixPack 7. |
| Workaround |
not known / see Local fix |
| BUG-Tracking |
forerunner : APAR is sysrouted TO one or more of the following: IC68274 IC71195
follow-up : |
| Timestamps |
Date - problem reported :
Date - problem closed :
Date - last modified :
| 23.03.2010
11.01.2011
11.01.2011 |
| Problem solved at the following versions (IBM BugInfos) |
9.5.FP7
|
| Problem solved according to the fixlist(s) of the following version(s) |
| 9.1.0.7
|
 |
| 9.5.0.7
|
|
