HashiConf 2025 Don't miss the live stream of HashiConf Day 2 happening now View live stream
Vault
Vault Home

You are viewing documentation for version v1.16.x. View latest version.

IBM Db2

External facilities outside the Db2 database system manage access to Db2. By default, a security facility authenticates users by relying on operating system-based authentication of users and passwords. This means you cannot manage the user identities lifecycle in Db2 using SQL statements with Vault's database secrets engine.

To provide flexibility in accommodating authentication needs, Db2 ships with authentication plugin modules for Lightweight Directory Access Protocol (LDAP). This enables the Db2 database manager to authenticate users and obtain group membership defined in an LDAP directory, removing the requirement to define users and groups in the operating system.

You can use Vault's LDAP secrets engine to manage the lifecycle of credentials for Db2 environments configured to delegate user authentication and group membership to an LDAP server.

Edit this page on GitHub