07-26-06, 13:05 #1Registered User
- Join Date
- Sep 2003
Unanswered: justification for admin rights on servers
We're trying to justify why we need remote access to servers (both AIX and Windows) and that in Window's case, need "administrator" rights on the box. Anyone else have to do this?? Anyway, there are 2 groups that db2 sets up on a Windows server and one ID (db2admin).
Groups db2admns and db2users
DB2ADMIN is part of db2admns and the box's "Administrator" group. The LAN people don't like it that we have admin rights on their box and we need to justify why.
Why does db2admin have to be in the Administrator group?
To use the control center from a client, which group(s) does the ID need to be in?
Any help would be appreciated.
07-28-06, 13:47 #2Registered User
- Join Date
- Sep 2004
Have a look here: http://publib.boulder.ibm.com/infoce...t/r0007134.htm
just as a justification for the required "act as part of the OS".
There are probably lots of minor issues why DB2 must be able to do so; for one thing: DB2 database files are "system" files in the sense that they should be unmovable (e.g., not moved during defragmentation). This gives some performance improvement to DB2.--_Peter Vanroose,
__IBM Certified Database Administrator, DB2 9 for z/OS
__IBM Certified Application Developer
__ABIS Training and Consulting