Can the default UNIX service accounts be disabled.

Posted on 2004-10-25
Last Modified: 2013-11-17
I was wondering if the accounts on a AIX box db2inst1, db2fenc1, and db2as can be disabled?  I figured since these are generic accounts they should be disabled for security purposes, however, I'm not sure if they are required for the system to run or not.

Question by:slrockstar
    LVL 20

    Expert Comment

    As far as I'm aware, they aren't  "system" accounts - More likely they are generic Database users (IBMs db2 database?) so you would need to check with a DBA

    It may be that you can disable logins or lock them, but I wouldn't delete them without checking.
    LVL 20

    Expert Comment

    Actually, there's a specific DB2 area -
    LVL 60

    Accepted Solution

    these accounts are required to run db2 database, just like oracle for oracle or informix for informix. do not blindly disable them. if you are 100% sure you do not use db2, then you have option to deinstall it ( but be very  careful). You can disable remote logins for them or damage password string to efficiently prevent remote login, but not much more.
    LVL 20

    Assisted Solution

    db2fenc1 is a userid under which you can run stored procedures and user defined functions; db2inst1 is the instance owner to call a stored procedure. d2fenc1 and db2inst1 can be replaced by another userid. In my installation, we don't have userid db2inst1. You can remove userid db2inst1 and db2fenc1 but db2as is the db2 adminstrator. It had better to keep db2as as during db2 installation userid db2as is the default userid of DB2 Adminstrator.

    When I install Db2 version 8, the db2 adminstrator is db2asv8 because I have both version 7 and 8 running in the same system, You can use any userid as DB2 adminstrator during DB2 installation. Don't change userid of DB2 adminstrator at a production environment.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
    Why Shell Scripting? Shell scripting is a powerful method of accessing UNIX systems and it is very flexible. Shell scripts are required when we want to execute a sequence of commands in Unix flavored operating systems. “Shell” is the command line i…
    Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
    This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

    931 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now