KFAA31687-E

The user authentication method of the HADB user having the specified authorization identifier cannot be changed. <SQLSTATE: 42K44>

aa....aa: User authentication method

• PAM: PAM authentication

• Keycloak: Keycloak authentication

bb....bb:

Cause of the error

S:

Ignores this SQL statement. Alternatively, the system invalidates this transaction.

Action:

Take corrective action as described in the following table:

Information output to bb....bb	Cause of the error	Corrective action to take
the user already uses the specified authentication method	The specified user authentication method is already in use.	There is no need to change the user authentication method for the specified HADB user.
the user is the auditor	The user authentication method for HADB users with audit privilege cannot be changed.	After revoking the audit privilege of the specified HADB user, please change the user authentication method. An HADB user who has the audit admin privilege must revoke the audit privilege.
the user has the CRYPTO ADMIN privilege	The user authentication method for HADB users with a CRYPTO ADMIN privilege cannot be changed.	After revoking the CRYPTO ADMIN privilege of the specified HADB user, please change the user authentication method. An HADB user who has the DBA privilege must revoke the CRYPTO ADMIN privilege.
the user is the last user who has both DBA and CONNECT privileges and who uses database authentication	At least one HADB user with DBA and CONNECT privileges is required, using database authentication as the user authentication method. Therefore, when there is only one such HADB user, the user authentication method for that HADB user cannot be changed.	After confirming that there are two or more HADB users who satisfy both of the following conditions, change the user authentication method for the specified HADB users. Has both the DBA privilege and the CONNECT privilege Uses database authentication for user authentication method