Results 1 to 5 of 5
  1. #1
    Join Date
    Feb 2005
    Posts
    36

    Unanswered: access level problem in multiple instance

    Hi,

    We have installed DB2 V9.1 Enterprise Server Edition on AIX 5L server side, at client side, we use DB2 V9.1 Client installed on Windows XP machine. So users can use SSH or DB2 GUI tools, such as DB2 Command Editor or DB2 Control Center to connect to the database on the server. Also, we created two separate instances db2inst1 and db2inst2 on the server. However, it seems db2inst1 can access any database exists in db2inst2 and vice versa. Same problem as individual user, each user can connect to both db2inst1 and db2inst2 database using personal account which theoretically suppose to access only one instance. Does anyone can tell me how to restrict user access? Does it a AIX access level thing?

    Thanks in advance!
    Lan

  2. #2
    Join Date
    Jun 2006
    Posts
    471
    grant connect is done to public
    revoke this authority and grant connect to individual users
    grant access on tables to individual users
    Best Regards, Guy Przytula
    DB2 UDB LUW certified V6/7/8

  3. #3
    Join Date
    Feb 2005
    Posts
    36

    access level problem in multiple instance

    Hi Guy,

    what you mean "grant connect is done to public" ?
    and how I can
    "revoke this authority and grant connect to individual users"?
    and
    "grant access on tables to individual users"?

    Could you tell me in more detail? since I'm not familiar with DB2.

    Thanks!
    Lan

  4. #4
    Join Date
    Jun 2007
    Posts
    12
    hi,
    by default whenever a database is created CONNECT, CRETETAB, BINDADD, IMPLICIT_SCHEMA privileges are granted to public.
    Also USERSPACE1 is granted to public
    so all the users can access all the tables and connect to that database.
    These are called implicit privileges.

    so u need to revoke them explicitly and grant them to u'r choice
    To revoke use these commands...

    1. revoke connect on database from public

    2. revoke use of tablespace userspace1 from public

    and now u can decide to whom u want to grant privieges
    Last edited by gou007; 07-18-07 at 20:00.

  5. #5
    Join Date
    Jun 2006
    Posts
    471
    and the grant command (see infocenter for detail)
    grant connect on database to user xxx
    grant select on sqldba.employee to user yyy
    Best Regards, Guy Przytula
    DB2 UDB LUW certified V6/7/8

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •