Do I need to use the syscat.dbauth table to retrieve useraccounts and groupnames in DB2 UDB for LUW? Thanks.

DB2 uses the user accounts and groups of the operating system.

Hmm. So is there a query to retrieve those??

I checked sysibm.sysuserauth table. Basically, I need to retrieve users, groups and privileges.

If you are looking to get a list of groups who have access on the db run this:
db2look -d dbname -z schema -x

This will give you all of the grants that are defined on that particular db.

then if you need to get a list of users in those groups assuming you are on AIX run lsgroup &groupname to get the list of people in that group, or do
cat /etc/groups
to get the list of ALL of the groups that are defined on the os.

Thanks! But I am looking for queries which can accomplish that.

Yes, all the authorized users and groups that have been granted DB2 access are in the catalog somewhere, and you can query it with SQL. You may have to check several of the "AUTH" tables, depending on what you are looking for.

However, the DB2 catalog does not contain all the users and groups, just the ones who have already been granted DB2 access. You would have to issue an operating system command to get all the users and groups. You could write a C Stored Procedure to issue the OS commands.

When you grant access to DB2 objects in the Control Center, it gets a list of users or groups from the OS.

Ok. Out of 4 users, I have 3 of them listed in syscat.tabauth and the remaining one along with 2 of those was listed in syscat.dbauth. How to get all of them? Is there something called a UNION so that I can retrieve this 1 user name from syscat.tabauth and others from syscat.dbauth??

ok I got it. It's UNION ALL.

UNION is similar to UNION all, but UNION will eliminate any duplicate rows (based only on the columns you select).

You need to look at all the syscat "AUTH" views. Some may be empty, but they could contain authorization data. They are documented in the SQL Reference VOL 1, Appendix.

Yeah. UNION eliminated all duplicate rows. syscat AUTH views? Arent those syscat.dbauth, syscat.tabauth, syscat.schemaauth primarily? I am using the first 2 to get my data.