3.2.5 Database Manager Configuration parameter: trust_clntauth

Information

This parameter specifies where a trusted client is authenticated (at the server or the client) if it provides a user ID and password.
If the parameter is set to 'CLIENT', the user ID and password are not needed, but if they are provided, authentication will occur at the client.
If the parameter is set to 'SERVER', the user ID and password are needed and will be authenticated at the server.
This parameter is only active if the authentication parameter is set to 'CLIENT'.

This parameter is relied upon to determine whether each trusted client needs to be authenticated by the server or the client after providing a user ID and password.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Issue the following command to set the parameter to 'CLIENT' or 'SERVER':
db2=> update dbm cfg using trust_clntauth <CLIENT/SERVER>

See Also

https://workbench.cisecurity.org/files/162