| Author |
Message
|
| Paul D |
 Posted: Tue Mar 25, 2003 4:32 pm Post subject: [SOLVED] Buildtime Client Connection Issue on Win 2K |
 |
|
Master
Joined: 16 May 2001
Posts: 200
Location: Green Bay Packer Country
|
I'm new to workflow and trying to set up a simple two tier config between two Win 2K machines. I'm recieving the following message when trying to configure a buildtime client residing on a Win 2K desktop to the workflow DB2 instance and DB residing on a seperate Win 2K server.
FMC33146E DB2 API Call 'sqleatin' ended with error: 'SQL30082N Attempt
to establish connection failed with security reason "17" ("UNSUPPORTED
FUNCTION")'.
I get this message when I'm in the workflow configuration on the
buildtime database tab. When I select the instance (which is a passthru
instance), I get the message below. It seems that DB2's prompting me
for a login and the WF Config program isn't handling this. I get the
same message when trying to connect via the DB2 command line interface.
If I use that that specify the ID and password, I get through OK. What
can I do with the WF Config program to achive the same results. What
ID/password is it using and can I set that? Is workflow domain aware? What type of accounts should I be using when installing and configuring?
Thanks in advance for any help!!!
Last edited by Paul D on Wed Mar 26, 2003 10:40 am; edited 1 time in total |
|
| Back to top |
|
 |
| Ratan |
| Posted: Tue Mar 25, 2003 5:04 pm Post subject: |
|
|
Grand Master
Joined: 18 Jul 2002
Posts: 1245
|
Looks like you are not specifying the userID and password to connect to the instance in the configuration utility.
When you configure your buildtime on your w2k machine, click on "DB2 Connect parameters" and enter the user name and password used to connect to DB2 server. Then select your instance.
-Laze |
|
| Back to top |
|
|
| Paul D |
| Posted: Tue Mar 25, 2003 5:17 pm Post subject: |
|
|
Master
Joined: 16 May 2001
Posts: 200
Location: Green Bay Packer Country
|
Actually, I get this when I select the instance in the top window on the top of the build db tab window. I never get the list of DB's to select from. I would think this is due to this error. It appears that it's trying the connection as soon as you select the instance. So, in my case, I never see the list of DB's on the remote instance to select from. Does that make sense? Any other ideas?
Thanks for your input....
Paul |
|
| Back to top |
|
|
| Ratan |
| Posted: Tue Mar 25, 2003 5:36 pm Post subject: |
|
|
Grand Master
Joined: 18 Jul 2002
Posts: 1245
|
yes, that is exactly what I am trying to tell you. The moment you select the instance it trys to connect. so before selecting the instance first enter the username and password by clicking DB2 connect parameters.
-Laze |
|
| Back to top |
|
|
| Paul D |
| Posted: Tue Mar 25, 2003 7:50 pm Post subject: |
|
|
Master
Joined: 16 May 2001
Posts: 200
Location: Green Bay Packer Country
|
I'm thinking something else is going on. For example, when on the server side install where I actually create the QM and DB's. I've set the ID in the DB2 Connect Parameters to the local ID db2admin and password. I discovered that if the ID I logged into the server as (i.e. ho/dix2193) appears to be used when creating the tables. An error came back from db2 during the db create that the ID did not have permission to create the database. The ho/dix2193 ID was also in the NT admin group for the server, so that didn't make sense to me. I then tried some other things. I though maybe the ho domain was dropped in the database connection login. I created a local ID dix2193 and added that to the NT admin group on the box. After I did that, the database creation worked.
I appears that the message I'm seeing is that the ID is not being passed forward. It may be when I'm on the buildtime tab, but when I hit done, it's giving me the error I listed above, like the ID and password is not passed forward on the connect. |
|
| Back to top |
|
|
| vennela |
| Posted: Tue Mar 25, 2003 8:28 pm Post subject: |
|
|
Jedi Knight
Joined: 11 Aug 2002
Posts: 4055
Location: Hyderabad, India
|
Paul:
I don't think the problem is with user-id/password. I think you haven't done the cataloguing of the DB instance.
Please follow the installation guides instructions to use a remote Database.
In a 2-tier configuration
On box A you have the DB
On box B you have DB2 Connect (I am not sure but may be other DB2 clients) and MQWF.
After installing both MQWF and DB2 Client on Box B you have to catalog the remote DB instance on Box B.
If you have successfully cataloged the instance then you can verify it with an attach and detach.
Then, when you invoke the configuration utility, when you select DB2, it will list the instances in the box below. Then you have to specify the user-id and password.
Let us know if you have done the cataloging and if you are still getting the problem. Remote database cataloging and other commands with instructions are in the Installation Guide's Appendices (I think Appendix A or Appendix B).
-------
Venny |
|
| Back to top |
|
|
| kriersd |
| Posted: Wed Mar 26, 2003 9:05 am Post subject: |
|
|
Master
Joined: 22 Jul 2002
Posts: 209
Location: IA, USA
|
I agree with Vennela. Here are the steps to catalag the remote DB
1. start - run (On the remote machine)
2. db2cmdw -> enter
3. db2 catalog tcpip node <Insert a unique NODE name>
remote <Server hosting the buildime DB> server <PORT NUMBER default is 50000>
4. db2 catalog database <Name of the DB on the remote machine>
as <Name of the DB on the remote machine> at node <name of the node you used in the line 3 command>
Once you do this you should be able to see the NODE and DB from the Workflow Configuration GUI.
Good Luck
Dave
_________________
Dave Krier
IBM WebSphere MQ Workflow V3.4 Solution Designer |
|
| Back to top |
|
|
| Ratan |
| Posted: Wed Mar 26, 2003 9:13 am Post subject: |
|
|
Grand Master
Joined: 18 Jul 2002
Posts: 1245
|
Venny/Dave,
I think he catalogued the instance. Because in his first post he mentioned he was able to succesfully connect to the remote instance from his w2k machine using DB2 command line processor.
| Quote: |
I get the
same message when trying to connect via the DB2 command line interface. If I use that that specify the ID and password, I get through OK. |
-Laze |
|
| Back to top |
|
|
| Ratan |
| Posted: Wed Mar 26, 2003 9:24 am Post subject: |
|
|
Grand Master
Joined: 18 Jul 2002
Posts: 1245
|
| vennela wrote: |
In a 2-tier configuration
On box A you have the DB
On box B you have DB2 Connect (I am not sure but may be other DB2 clients) and MQWF.
After installing both MQWF and DB2 Client on Box B you have to catalog the remote DB instance on Box B.
|
Isnt this a 3-tier WF setup you are talking about?
I think paul said he was doing a 2-tier setup but it was 3-tier setup all along.
-Laze |
|
| Back to top |
|
|
| vennela |
| Posted: Wed Mar 26, 2003 10:00 am Post subject: |
|
|
Jedi Knight
Joined: 11 Aug 2002
Posts: 4055
Location: Hyderabad, India
|
| Code: |
SQL30082N Attempt to establish connection failed with security
reason "<reason-code>" ("<reason-string>").
Explanation: The attempt to connect to the remote database
server was rejected due to invalid or incorrect security
information. The cause of the security error is described by the
<reason-code> and corresponding <reason-string> value.
--------------
17 (UNSUPPORTED FUNCTION) the security mechanism specified by the
client is invalid for this server. Some typical examples:
o The client sent a new password value to a server that does
not support the DRDA change password function.
o The client sent DCE authentication information to a server
that does not support DCE.
o The client sent SERVER_ENCRYPT or DCS_ENCRYPT authentication
information to a server that does not support password
encryption.
o The client sent a userid (but no password) to a server that
does not support authentication by userid only.
|
May be the above explanation helps.
Also what type of authentication is being done ? Is authentication done at DB2 server or client or is it something else?
-------
Venny |
|
| Back to top |
|
|
| Paul D |
| Posted: Wed Mar 26, 2003 10:39 am Post subject: [SOLVED] Buildtime Client Connection Issue on Win 2K |
|
|
Master
Joined: 16 May 2001
Posts: 200
Location: Green Bay Packer Country
|
I think I've got my problem resolved. It's a domain vs local account issue. The key to getting the pass thru to work is to establish a local account on the server box where the actual DB instance resides.
Domain accounts will not work. The local
account must exist on the server machine and have the appropriate
permissions to access the DB2 instance. A quick fix to that is to add
the account to the admin group for the box. I would think a better
solution would be to use appropriate DB2 permissions settings to get
them access to just the two DB2 databases.
Another important point, this ID is the one that you need for the DB2 connection, but is not the same as the workflow "person" id. I get prompted for two login's in this configuration, the first one is the "ODBC login", of which I use the ID I just described. The second "Buildtime login" is for the workflow "person" id, of which you define within workflow. If you like, you could have all buildtime clients use a generic ID for the "ODBC" login and have individual ID's established for each person. That's my plan going forward. I'm not necessairly considering all things when I do this (security, setup costs, etc...) this is just for a POC at my site so it will do for now.
I've done some further testing since I've gotten this to work and the ID in the "DB2 Connect Parameters" does indeed get used if you fill it is a bit confusing in that it's listed so far down the screen. I think your box login ID gets used first if you don't fill that in. In my case, that was a domain account, so that might explain the strange error I first reported. If you go down and fill that in and then hit refresh at the top to start over, you appear to get past that. I've also noticed that the "db2" instance is listed even though just the runtime client was installed, so this does not exist. That's a bit confusing also.
Thanks to everyone for your help.
Last edited by Paul D on Thu Mar 27, 2003 6:52 am; edited 1 time in total |
|
| Back to top |
|
|
| jmac |
| Posted: Wed Mar 26, 2003 12:17 pm Post subject: |
|
|
Jedi Knight
Joined: 27 Jun 2001
Posts: 3081
Location: EmeriCon, LLC
|
| Paul wrote: |
| I think your box login ID gets used first if you don't fill that in |
Not that it matters, but I can tell you for sure, that you will always need to push that "Connect Parameters" button and set your userid and pw. I have the same ID on both of my test systems, and it always requires that I set this.
I agree it might be a little bit clearer, if they had the DB2 Connect Parameters button specified at the top of the screen, but my guess is that they have it set based on the order you would use in a more "standard" setup (i.e DB2 instance on the same box)
_________________
John McDonald
RETIRED |
|
| Back to top |
|
|
|
|
