| If you want to use an existing user or group ID, you do not need to create new ones at this time. Instead, you can proceed to the next step. |
|
If you are using Network Information Services (NIS), NIS+, or any other
tools to manage system configuration files, you must perform this step on the
master server. After you have completed the following, ensure that the
changes have taken effect on all DB2 servers.
|
You must perform the following as a user with root authority.
Create a group that will be the primary group for the user ID that will be the instance owner. When the instance is created, the instance owner and any other user who is a member of this group will have system administrative (SYSADM) authority. The group must be created on every machine that is to be used as a database partition server. The group ID (GID) of the group must be the same on each machine.
Next, create a user ID that will be the instance owner. This user ID will be the name of the instance. The user ID must be created on every machine that is to be used in the partitioned database system. The user ID of the user must be the same on every machine. Make this user's primary group the group that you just created. The instance owner user ID, and any other user who is a member of this group, will be automatically given SYSADM control for the instance.
In the following example, the instance user ID is db2inst1 and
the UID 1004. The SYSADM group ID is dbadmin1 and
the GID 999.
| Dedicate the instance owner user ID to that instance's use only. This allows for easier error recovery if a system error occurs. |
groupadd -g 999 dbadmin1 useradd -g dbadmin1 -u 1004 -d /export/home/db2inst1 -m db2inst1 passwd db2inst1
groupadd -g 991 db2fadm1 useradd -g db2fadm1 -u 1001 -d /export/home/db2fenc1 -m db2fenc1 passwd db2fenc1
Fenced user defined functions (UDFs) and stored procedures will execute under this user and group. The group must be the primary group of the user. The user for fenced UDFs and stored procedures is specified as a parameter of the instance creation script. The group for fenced UDFs and stored procedures is implicitly set to the primary group of this specified user (db2fenc1).
For security reasons, we recommend that you do not use the instance name as the FencedID. However, if you are not planning to use fenced user defined functions or stored procedures, you can set the FencedID to the instance name instead of creating another user for the FencedID.
Notes: