DB2 Data Links Manager Quick Beginnings

Creating a New DCE Identity

Before installing DB2 Data Links Manager in a DCE-DFS environment, your DCE cell administrator must create a new DCE identity, consisting of a new user and and new group. This new user and group should not be used for any other purpose.

To create a new DCE identity:

  1. Identify the DFS file servers which will store any linked files. Designate one to hold the DLFM_DB (DB2 server node) and the rest as clients of the DLFM_DB. Additional DFS servers can be added as Data Links Manager nodes at any time.
  2. Identify a uid value and a gid value to be used to administer the Data Links Manager in the cell. Both the uid and gid must not already be in use by any principal in the cell or by any user on the DFS file servers identified above.
  3. Identify a corresponding user name and group name. Again, these names cannot already be in use, either in your DCE environment or elsewhere on your AIX system. For example, you might call these names the DLMADMIN user name/uid and DLMADMIN group name/gid.
  4. Ask your DCE cell administrator to do the following:
    1. Create a new DCE group having the gid identified above and the group name identified above.
    2. Create a new DCE principal with uid as identified above and user name as identified above
    3. Add this DCE principal to the DCE group.

    This DCE principal and DCE group must be used only for administration of Data Links Manager.

  5. As root on each DFS file server, create a group with its name and gid as identified above. On each DFS file server, create a user with its name and uid as identified above, and make this user a member of the group you just created.

Next, validate the setup of the new DCE identity. In this scenario, we will assume that the DLMADMIN name/uid is dlmadmin/14649 and the DLMADMIN group/gid is dlmadmin/14649.

  1. Check the DCE uid by entering the following command: 
       dcecp -c principal show dlmadmin

    In our scenario, this command would return the following output: 

       {fullname {Data Links Manager Admin}}
   {uid 14649}
   {uuid 00003939-38d0-21d3-9700-006094e92924}
   {alias no}
   {quota unlimited}
   {groups dlmadmin}
  2. Check the DCE gid by entering the following command: 
       dcecp -c group show dlmadmin

    In our scenario, this command would return the following output: 

       {alias no}
   {fullname {Data Links Manager Admin}}
   {gid 14649}
   {uuid 00003939-38d0-21d3-b500-006094e92924}
   {inprojlist yes}
  3. On each Data Links Manager server, verify that the UNIX uid matches the DCE uid by entering the following command: 
       lsuser dlmadmin

    In our scenario, this command would return the following output: 

       dlmadmin id=14649 pgrp=dlmadmin groups=dlmadmin ==>
     home=/u/dlmadmin shell=/bin/ksh gecos=Data Links Mgr Admin
  4. On each Data Links Manager server, verify that the UNIX gid matches the DCE gid by entering the following command: 
       lsgroup dlmadmin

    In our scenario, this command would return the following output: 

       dlmadmin id=14649 users=dlmadmin

[ Top of Page | Previous Page | Next Page ]