With DB2 on my home PC[1] I have a service account for the DB2 instance, makes life a lot easier than trying to map it to you actual user(s).
However, regular Windows (Home) setup has 2 defaults that are annoying:
a. password and account expiry for this user.
b. the userid appears on the Windows login/lock screen, although nobody is supposed to sign in with it.
Create a maintenance free user
The first issue I fixed a couple of month ago, because that was really annoying. Because DB2 just would not start. And the first two times this happened I had to work through db2diag.log to find out what happened.
So, make sure the account actually never expires (that's separate from the password). With admin privileges run
net user db2admin [2]
to check if the user account expires.
If it does, then run a
net user db2admin /expires:never
to fix this.
The password expiration is trickier, since it cannot be done with the net user command.
To make the password everlasting, run
WMIC USERACCOUNT WHERE "Name='db2admin'" SET PasswordExpires=FALSE
I found this thanks to the folks at StackExchange.
Hide the service account from the login screen
I wanted to do this on Windows 7 already, but never found the time or cared enough. Now with the move to Window 10 I thought of it again and fixed it.
So this can be done with group policies and stuff, but not on a standalone Windows Home edition.
Registry and Microsoft Technet to the rescue:
Create an entry under
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList and list the db2admin user with a dword (32) of 0 to hide it. Remove the entry or set it to 1 to show the user again.
Voilà.
--
[1] Ha, now that I no longer work for Oracle, I can again freely admit it... Not that I really held back on this in the past 5 years.
[2] replace db2admin with the userid you need this for
However, regular Windows (Home) setup has 2 defaults that are annoying:
a. password and account expiry for this user.
b. the userid appears on the Windows login/lock screen, although nobody is supposed to sign in with it.
Create a maintenance free user
The first issue I fixed a couple of month ago, because that was really annoying. Because DB2 just would not start. And the first two times this happened I had to work through db2diag.log to find out what happened.
So, make sure the account actually never expires (that's separate from the password). With admin privileges run
net user db2admin [2]
to check if the user account expires.
If it does, then run a
net user db2admin /expires:never
to fix this.
The password expiration is trickier, since it cannot be done with the net user command.
To make the password everlasting, run
WMIC USERACCOUNT WHERE "Name='db2admin'" SET PasswordExpires=FALSE
I found this thanks to the folks at StackExchange.
Hide the service account from the login screen
I wanted to do this on Windows 7 already, but never found the time or cared enough. Now with the move to Window 10 I thought of it again and fixed it.
So this can be done with group policies and stuff, but not on a standalone Windows Home edition.
Registry and Microsoft Technet to the rescue:
Create an entry under
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList and list the db2admin user with a dword (32) of 0 to hide it. Remove the entry or set it to 1 to show the user again.
Voilà.
--
[1] Ha, now that I no longer work for Oracle, I can again freely admit it... Not that I really held back on this in the past 5 years.
[2] replace db2admin with the userid you need this for
Subscribe
No comments:
Post a Comment