• HashiCorp Developer

  • HashiCorp Cloud Platform
  • Terraform
  • Packer
  • Consul
  • Vault
  • Boundary
  • Nomad
  • Waypoint
  • Vagrant
Vault
  • Install
  • Tutorials
  • Documentation
  • API
  • Try Cloud(opens in new tab)
  • Sign up
Vault Home

Documentation

Skip to main contentOverview
  • What is Vault?
  • Use Cases

  • Browser Support
  • Installing Vault

    • Overview
    • Active Directory
    • AliCloud
    • AWS
    • Azure
    • Consul
    • Cubbyhole
      • Overview
      • Cassandra
      • Couchbase
      • Elasticsearch
      • HanaDB
      • IBM Db2
      • InfluxDB
      • MongoDB
      • MongoDB Atlas
      • MSSQL
      • MySQL/MariaDB
      • Oracle
      • PostgreSQL
      • Redis
      • Redis ElastiCache
      • Redshift
      • Snowflake
      • Custom
    • Google Cloud
    • Google Cloud KMS
    • KMIP
      ENTERPRISEENTERPRISE
    • Kubernetes
    • MongoDB Atlas
    • Nomad
    • LDAP
    • RabbitMQ
    • Terraform Cloud
    • TOTP
    • Venafi (Certificates)
  • Vault Integration Program
  • Vault Interoperability Matrix
  • Troubleshoot






  • Glossary


  • Resources

  • Tutorial Library
  • Certifications
  • Community Forum
    (opens in new tab)
  • Support
    (opens in new tab)
  • GitHub
    (opens in new tab)
  1. Developer
  2. Vault
  3. Documentation
  4. Secrets Engines
  5. Databases
  6. IBM Db2
  • Vault
  • v1.11.x
  • v1.10.x
  • v1.9.x
  • v1.8.x
  • v1.7.x
  • v1.6.x
  • v1.5.x
  • v1.4.x

»IBM Db2

Access to Db2 is managed by facilities that reside outside the Db2 database system. By default, user authentication is completed by a security facility that relies on operating system based authentication of users and passwords. This means that the lifecycle of user identities in Db2 aren't capable of being managed using SQL statements and Vault's database secrets engine.

To provide flexibility in accommodating authentication needs, Db2 ships with authentication plugin modules for Lightweight Directory Access Protocol (LDAP). This enables the Db2 database manager to authenticate users and obtain group membership defined in an LDAP directory, removing the requirement that users and groups be defined to the operating system.

Vault's LDAP secrets engine can be used to manage the lifecycle of credentials for Db2 environments that have been configured to delegate user authentication and group membership to an LDAP server.

Tutorial

Refer to the IBM Db2 Credential Management tutorial to learn how to use Vault to manage both static and dynamic credentials for access to Db2.

Edit this page on GitHub

On this page

  1. IBM Db2
  2. Tutorial
Give Feedback(opens in new tab)
  • Certifications
  • System Status
  • Terms of Use
  • Security
  • Privacy
  • Trademark Policy
  • Trade Controls
  • Give Feedback(opens in new tab)