[fix]-What to look for when the following message is encountered

Wikitechy | 5755 Views | general | 08 Jun 2016



1. Expired password.

2. Insufficient user rights for DB access.

3. Invalid encryption scheme.


Connection authorization failure occurred. Reason: Password expired. ERRORCODE=-4214, SQLSTATE=28000.

Error message: 


Connection authorization failure occurred.

Reason: Local security service non-retryable error. 


Fix 1:

Perform the below checks:

1. Ensure that the DB service is in Running state.

2. Verify the database user ID & password, and provide enough rights for the appropriate DB.

3. With expired user password follow the below criteria: 

a. Update the password.

b. Extend the password expiration date.

Fix 2:

1. Stop Director Server with command: 

# smstop

2. Run changePassword to get the updated password. When the Director manages passwords use the below command:

  Run <director-root>/bin/changePassword.sh 
  # /opt/ibm/director/bin/changePassword.sh

3. Use the changePassword tool from the below link to avoid password issues:


3. Use below command to stop ISD managed DB2:

# /opt/ibm/director/bin/smdb stop

4. With below command start the ISD managed DB2:

# /opt/ibm/director/bin/smdb start

6. Verify the connection:

# /opt/ibm/director/bin/smdbcli.sh connect

5. Start Director Server with the command:

# smstart

Fix 3:

Verify the RACF security settings.

Fix 4:

1. Ensure that required settings are made related to the environment variables and completed with system restart.

2. Check for JDBC drivers’ version and update it.

Fix 5:

1. The below update must be made to the file  /etc/pam.d/common-password via a text editor.


[success=1 default=ignore]      pam_unix.so obscure<strong> sha512</strong>


 [success=1 default=ignore]      pam_unix.so obscure <strong>md5</strong>

2. Now execute run passwd db2inst1 and add new or same password. 

3. Execute ConfigEngine.sh create-database again.

4. Now, ensure that the file /etc/pam.d/common-password is updated back to sha512.

In Fedora 10 edit the file /etc/pam.d/system-auth.

Related Tags:

  • Password expired.ERRORCODE=4214
  • windows - How to reset/change expired password for DB2 Content 
  • database - DB2 Connection Authorization Faliure Occured Reason
  • 4214, SQLSTATE=28000
  • Connection authorization failure (error -4214) 
  • Db2 error code -4214


Bug Bounty
IOT Hackathon

Join our Community