IBM DB2 data source connection fails with error : [DataDirect][ODBC DB2 Wire Protocol driver]Specified security mechanism, (Unknown), is not supported by server.]

Document ID : KB000044688
Last Modified Date : 14/02/2018
Show Technical Document Details

Issue/Problem/Symptoms:

IBM DB2 data source connection fails with following error in the policy server trace log:

i) [DataDirect][ODBC DB2 Wire Protocol driver]Specified security mechanism, (Unknown), is not supported by server

or,

ii) [DataDirect][ODBC DB2 Wire Protocol driver]Command Not Supported.

Environment:

  • Policy Server : ANY
  • DB2 : All supported version.

Cause:

This could be happening because the Authentication method configured on the DB2 server for this instance , doesn't match the authentication method configured on the DSN.

Resolution/Workaround:

Step 1: As the DB2 instance owner, issue the command, – db2 get dbm cfg

Step 2: Check the entry, Database manager authentication (AUTHENTICATION) to see what it is set to (for example,SERVER (default) ,  SERVER_ENCRYPT, SERVER, KERBEROS etc)

image

Step 3: Then, modify the “AuthenticationMethodâ€? property of the  DSN in the system_odbc.ini file to match as specified on the server :

Valid Values

0 | 1 | 2 | 3 | 4 | 7 | 8
If set to 0 (No Encryption), the driver sends the user ID and password in clear text to the server for authentication.
If set to 1 (Encrypt Password), the driver sends the user ID in clear text and an encrypted password to the server for authentication.
If set to 2 (Encrypt UID and Password), the driver sends an encrypted user ID and password to the server for authentication.
If set to 3 (Client Authentication), the driver uses client authentication when establishing a connection. The database server relies on the client to authenticate the user and does not provide additional authentication.
If set to 4 (Kerberos Authentication), the driver uses Kerberos authentication. This method supports both Windows Active Directory Kerberos and MIT Kerberos environments.
If set to 7 (Encrypted Password AES), the driver encrypts the password with 256-bit AES encryption in the connection request. (DB2 V9.7 and higher only.)
If set to 8 (Encrypted UID and Password AES), the driver encrypts the user id and password with 256-bit AES encryption in the connection request. (DB2 V9.7 and higher only.)

Default : 0

 e.g.

[SiteMinder Data Source]
Driver=/app/CA/netegrity/siteminder/odbc/lib/NSdb227.so
Description=DataDirect 7.1 DB2 Wire Protocol
Database=SMPOLICY
IpAddress=<Policy_Store_ip_address>
TcpPort=XXXXX
AuthenticationMethod=0
IsolationLevel=CURSOR_STABILITY
DynamicSections=100
DMCleanup=2

Additional Information:

http://www-01.ibm.com/support/docview.wss?uid=swg21641494