Hi,

We have installed DB2 V9.1 Enterprise Server Edition on AIX 5L server side, at client side, we use DB2 V9.1 Client installed on Windows XP machine. So users can use SSH or DB2 GUI tools, such as DB2 Command Editor or DB2 Control Center to connect to the database on the server. Also, we created two separate instances db2inst1 and db2inst2 on the server. However, it seems db2inst1 can access any database exists in db2inst2 and vice versa. Same problem as individual user, each user can connect to both db2inst1 and db2inst2 database using personal account which theoretically suppose to access only one instance. Does anyone can tell me how to restrict user access? Does it a AIX access level thing?

Thanks in advance!
Lan

grant connect is done to public
revoke this authority and grant connect to individual users
grant access on tables to individual users

Hi Guy,

what you mean "grant connect is done to public" ?
and how I can
"revoke this authority and grant connect to individual users"?
and
"grant access on tables to individual users"?

Could you tell me in more detail? since I'm not familiar with DB2.

Thanks!
Lan

hi,
by default whenever a database is created CONNECT, CRETETAB, BINDADD, IMPLICIT_SCHEMA privileges are granted to public.
Also USERSPACE1 is granted to public
so all the users can access all the tables and connect to that database.
These are called implicit privileges.

so u need to revoke them explicitly and grant them to u'r choice
To revoke use these commands...

1. revoke connect on database from public

2. revoke use of tablespace userspace1 from public

and now u can decide to whom u want to grant privieges

and the grant command (see infocenter for detail)
grant connect on database to user xxx
grant select on sqldba.employee to user yyy