Active Directory-Based Authentication for IBM DB2
Centrify Suite for IBM DB2 enhances DB2 security with centralized, Active Directory-based authentication, administration and password policy enforcement
For the first time, organizations using DirectControl and Microsoft Active Directory can not only centrally manage user authentication across a wide range of heterogeneous systems (including Microsoft Windows, UNIX, Linux and Mac OS systems) and web-based applications (Apache, BEA WebLogic, Jboss, IBM WebSphere, etc.) but can also control access to IBM DB2. End-users within these organizations benefit by gaining single sign-on through a single Active Directory user name and password to all of the key systems, applications and databases they require access to, no matter how heterogeneous their organization's underlying IT infrastructure is.
How It Works
Centrify DirectControl's core feature is its ability to enable UNIX, Linux and Mac servers and workstations to participate in an Active Directory domain. The Centrify DirectControl Agent effectively turns the host system into an Active Directory client. The Centrify DirectControl for DB2 module further enables Kerberos-based authentication through Active Directory.
(1) When users log on to a Windows workstation, or to a UNIX, Linux or Mac workstation running DirectControl, they are granted a Kerberos ticket from Active Directory.
(2) When they then try to access the DB2 database, this ticket is presented to the DB2 server running DirectControl, which ...
(3) can in turn verify the ticket and allow them access without challenging them to re-enter their credentials.
Benefits of the Centrify Solution
The benefit for end-users is that they can now silently authenticate to the heterogeneous systems, applications and databases they are allowed to access without being challenged to re-type a user name or password. The benefit for IT managers is that administrators and help desk personnel can now use a single administrative tool — Microsoft Active Directory — to define consistent security policies for and to control access to a mix of different vendors' databases, heterogeneous operating systems, and web-based applications within their organization. For example, once an administrator disables a user's Active Directory account, that user immediately loses their ability to access DB2 running on non-Microsoft platforms.
Supported Platforms
= Available through our Early Access program. Ask your Centrify support or sales representative for access.
| Systems A-Z |  |
 |
| Click Show Details for a list of every platform, including notifications of upcoming or recently added versions. | ||
| IBM AIX |  |
|
| Microsoft Windows | |
|
| Novell SUSE Linux | |
|
| Oracle Solaris | |
|
| Red Hat Enterprise Linux | |
|
| Red Hat Linux | |
|
The Oracle Database Single Sign-On with DirectControl Application Note describes how DirectControl enables you to set up Oracle Database Server 10g for Single Sign-On access to database tables for Active Directory users.
Request a Free Evaluation Customers: Log in to the Centrify Support Portal to download the Application Note