It's all about the answers!

Ask a question

RRDI support DB2 data encrypt


Charlotte Harris (32912) | asked Sep 16 '11, 6:41 a.m.
retagged May 27 '13, 4:51 a.m. by Francesco Chiossi (5.7k11119)
Hello,

I've had to change my DB2 instance authentication to data_encrypt, this was due to ITCS compliance issues.

db2 get dbm configuration
Database manager authentication (AUTHENTICATION) = DATA_ENCRYPT


I've restarted my db2 instance then started RRDI however cognos is now having problems connecting to my content manager error message is Connection authorization failure occurred. Reason
: Security mechanism not supported. ERRORCODE=-4214, SQLSTATE=28000 .

Output of cogserver.log:

9.20.135.118:9101 17039420 2011-09-08 16:06:48.039 +0 server.startup : 2 LOGSV 6003 1 serve
r.Audit.IPF StartService LogService Success <parameters><item><CDATA></item><item><CDATA></item><item><CDATA></item></parameters>
9.20.135.118:9101 17039420 2011-09-08 16:06:53.565 +0 pogoStartup na na 0 Thread-42 DISP 6017 1 Audit
.Other.dispatcher.DISP.com.cognos.pogo.contentmanager.coordinator.CMBootstrap getActiveContentManager ContentManager Failure <messages><message><m>DPR-CMI-4006 Unable to determine the active Content Manager. Will retry periodically.</messageString></message></messages>
9.20.135.118:9101 17039420 2011-09-08 16:06:53.097 +0 Initialization_SESS Initialization_REQ Thread-42 CM
6020 1 Audit.cms.CM StartService Warning CM-CFG-5063 A Content Manager configuration error was detected while connecti
ng to the content store. CM-CFG-5036 Content Manager failed to connect to the content store. The connection string is "jdbc:db2://insightdb:50003/RRDI_CM:re
trieveMessagesFromServerOnGetMessage=true;fullyMaterializeLobData=false;". Connection authorization failure occurred. Reason
: Security mechanism not supported. ERRORCODE=-4214, SQLSTATE=28000 Cause: Connection authorization failure occurred. Reason:
Security mechanism not supported. ERRORCODE=-4214, SQLSTATE=28000 Runtime Exception stack trace: com.ibm.db2.jcc.am.SqlInvalidAuthorizationSpecException
: Connection authorization failure occurred. Reason: Security mechanism not supported. ERRORCODE=-4214, SQLSTATE=28000 at co
m.ibm.db2.jcc.am.ed.a(ed.java:674) at


With RQM/RTC we were able to add a securitymechanism=13 within the teamserver.properties file. Do we need to do something similar within cognos/RRDI and if so where?

3 answers



permanent link
Michael Fox (61643) | answered Sep 27 '11, 11:43 a.m.
JAZZ DEVELOPER
edited Jan 21 '14, 11:47 a.m. by Krzysztof Kaźmierczyk (7.5k480103)
I don't know the answer to this. I may have to find somebody at Cognos who can supply this information. This is the same as the RRDI defect 175626 you created, right?

I have a contact at Cognos to work on this, and they are asking what version of DB2 and db2jcc.jar do you have? I put more details in the RRDI defect.
Apparently Cognos will not work with DATA_ENCRYPT. Supporting it will require a Cognos enhancement. More details are posted in the RRDI defect.

permanent link
Michael Fox (61643) | answered Sep 21 '11, 2:54 p.m.
JAZZ DEVELOPER
Hello,

I've had to change my DB2 instance authentication to data_encrypt, this was due to ITCS compliance issues.

db2 get dbm configuration
Database manager authentication (AUTHENTICATION) = DATA_ENCRYPT


I've restarted my db2 instance then started RRDI however cognos is now having problems connecting to my content manager error message is Connection authorization failure occurred. Reason
: Security mechanism not supported. ERRORCODE=-4214, SQLSTATE=28000 .

Output of cogserver.log:

9.20.135.118:9101 17039420 2011-09-08 16:06:48.039 +0 server.startup : 2 LOGSV 6003 1 serve
r.Audit.IPF StartService LogService Success <parameters><item><CDATA></item><item><CDATA></item><item><CDATA></item></parameters>
9.20.135.118:9101 17039420 2011-09-08 16:06:53.565 +0 pogoStartup na na 0 Thread-42 DISP 6017 1 Audit
.Other.dispatcher.DISP.com.cognos.pogo.contentmanager.coordinator.CMBootstrap getActiveContentManager ContentManager Failure <messages><message><m>DPR-CMI-4006 Unable to determine the active Content Manager. Will retry periodically.</messageString></message></messages>
9.20.135.118:9101 17039420 2011-09-08 16:06:53.097 +0 Initialization_SESS Initialization_REQ Thread-42 CM
6020 1 Audit.cms.CM StartService Warning CM-CFG-5063 A Content Manager configuration error was detected while connecti
ng to the content store. CM-CFG-5036 Content Manager failed to connect to the content store. The connection string is "jdbc:db2://insightdb:50003/RRDI_CM:re
trieveMessagesFromServerOnGetMessage=true;fullyMaterializeLobData=false;". Connection authorization failure occurred. Reason
: Security mechanism not supported. ERRORCODE=-4214, SQLSTATE=28000 Cause: Connection authorization failure occurred. Reason:
Security mechanism not supported. ERRORCODE=-4214, SQLSTATE=28000 Runtime Exception stack trace: com.ibm.db2.jcc.am.SqlInvalidAuthorizationSpecException
: Connection authorization failure occurred. Reason: Security mechanism not supported. ERRORCODE=-4214, SQLSTATE=28000 at co
m.ibm.db2.jcc.am.ed.a(ed.java:674) at


With RQM/RTC we were able to add a securitymechanism=13 within the teamserver.properties file. Do we need to do something similar within cognos/RRDI and if so where?


I don't know the answer to this. I may have to find somebody at Cognos who can supply this information. This is the same as the RRDI defect 175626 you created, right?

permanent link
Michael Fox (61643) | answered Sep 22 '11, 12:31 p.m.
JAZZ DEVELOPER
Hello,

I've had to change my DB2 instance authentication to data_encrypt, this was due to ITCS compliance issues.

db2 get dbm configuration
Database manager authentication (AUTHENTICATION) = DATA_ENCRYPT


I've restarted my db2 instance then started RRDI however cognos is now having problems connecting to my content manager error message is Connection authorization failure occurred. Reason
: Security mechanism not supported. ERRORCODE=-4214, SQLSTATE=28000 .

Output of cogserver.log:

9.20.135.118:9101 17039420 2011-09-08 16:06:48.039 +0 server.startup : 2 LOGSV 6003 1 serve
r.Audit.IPF StartService LogService Success <parameters><item><CDATA></item><item><CDATA></item><item><CDATA></item></parameters>
9.20.135.118:9101 17039420 2011-09-08 16:06:53.565 +0 pogoStartup na na 0 Thread-42 DISP 6017 1 Audit
.Other.dispatcher.DISP.com.cognos.pogo.contentmanager.coordinator.CMBootstrap getActiveContentManager ContentManager Failure <messages><message><m>DPR-CMI-4006 Unable to determine the active Content Manager. Will retry periodically.</messageString></message></messages>
9.20.135.118:9101 17039420 2011-09-08 16:06:53.097 +0 Initialization_SESS Initialization_REQ Thread-42 CM
6020 1 Audit.cms.CM StartService Warning CM-CFG-5063 A Content Manager configuration error was detected while connecti
ng to the content store. CM-CFG-5036 Content Manager failed to connect to the content store. The connection string is "jdbc:db2://insightdb:50003/RRDI_CM:re
trieveMessagesFromServerOnGetMessage=true;fullyMaterializeLobData=false;". Connection authorization failure occurred. Reason
: Security mechanism not supported. ERRORCODE=-4214, SQLSTATE=28000 Cause: Connection authorization failure occurred. Reason:
Security mechanism not supported. ERRORCODE=-4214, SQLSTATE=28000 Runtime Exception stack trace: com.ibm.db2.jcc.am.SqlInvalidAuthorizationSpecException
: Connection authorization failure occurred. Reason: Security mechanism not supported. ERRORCODE=-4214, SQLSTATE=28000 at co
m.ibm.db2.jcc.am.ed.a(ed.java:674) at


With RQM/RTC we were able to add a securitymechanism=13 within the teamserver.properties file. Do we need to do something similar within cognos/RRDI and if so where?


I don't know the answer to this. I may have to find somebody at Cognos who can supply this information. This is the same as the RRDI defect 175626 you created, right?

I have a contact at Cognos to work on this, and they are asking what version of DB2 and db2jcc.jar do you have? I put more details in the RRDI defect.

Your answer


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.