For various reasons, we have a mixture of old (9.5, 9.7) and new JDBC and DB2 client versions scattered across servers and workstations.
We are running servers on Db2 LUW 10.5 FP9 on Linux RHEL 6.x We will be upgrading to 11.5, hence there is a desire to upgrade the older clients.
I have created an Event Monitor for connections, so I can track the older clients and see where and when they are used.
We can deal with the server versions quite easily, and work is in progress. My problem is a handful of workstations with older client software are still being used, despite repeated requests to upgrade the client.
There are 'discussions' happening, but I am seeking a way to prevent anyone from connecting to the servers with an older version of the Db2 clients/tools etc. in case we need to go down that path.
My first thought was the Connect Proc, but it seems from the very sparse documentation on the Connect Proc, and some quick testing, that CLIENT_PRDID is not one of the global variables available to the connect proc.
The second problem is that the connect proc does not apply to superusers (SYSADM, SYSCTRL, and SYSMAINT) and, unfortunately, one of the culprits is a Dev superuser :(
The Db2 governor also has no way to check the CLIENT_PRDID, and as far as I can tell, neither does DB2 Workload Management (not that we are licensed in any case).
The only other thing I can think of, is the very ugly solution of running a periodical check of connections using TABLE (MON_GET_CONNECTION) and forcing off the connection. Unfortunately I can't provide a nice "You're client is too old" error message using this method, so it will inevitably result in them just continually reconnecting and/or raising a trouble ticket.
Is there any other way to prevent the client connections?