DB2 for OS/390 and DB2 for MVS manage inbound and outbound security via a set of tables called the communications database (CDB). Inbound security validation for APPC/LU 6.2 DRDA clients is managed by the SYSIBM.SYSLUNAMES (DB2/MVS) or SYSIBM.LUNAMES (DB2/OS390) table. To implement the simplest security model, enter a blank row in this table:
INSERT into SYSIBM.LUNAMES (LUNAME) VALUES (‘ ‘ );
When table SYSIBM.(SYS)LUNAMES contains a blank row, DB2 forwards the userid/password combination sent by the DRDA client (CONNX) to the system-installed security component, such as RACF, ACF/VTAM, or TopSecret.
For TCP/IP-based connections, the SYSIBM.(SYS)LUNAMES tables is bypassed, so it need not be populated.
This table represents sample output from SELECT * from SYSIBM.LUNAMES:
APPC Security |
CONNX Option |
Values sent from client to host |
---|---|---|
Same |
UserID |
UserID only. |
Program |
UserID & Password |
User ID and password. |
None |
None |
None, but DB2 for OS/390 and MVS reject this option. |