Results 1 to 4 of 4
  1. #1
    Join Date
    Jul 2014
    Posts
    294

    Unanswered: SYSADM role to a user

    Hi,

    I have installed Db2 c express on windows machine.My admin user is ORANGE1. Now I have to create one more user & to grant SYSADM role to that newly created user too. For this these are the steps which I followed. I have created new user YELLOW & added that user to my local groupon windows.

    C:\Users\vg>net localgroup Administrators
    Alias name Administrators
    Comment Administrators have complete and unrestricted access to the computer/domain

    Members

    -------------------------------------------------------------------------------
    Administrator
    ORANGE1
    YELLOW
    USERX
    The command completed successfully.

    After that I have update my dbm configuration as

    db2 => update dbm cfg using sysadm_group 'Administrators'
    DB20000I The UPDATE DATABASE MANAGER CONFIGURATION command completed
    successfully.

    SYSADM group name (SYSADM_GROUP) = ADMINISTRATORS
    SYSCTRL group name (SYSCTRL_GROUP) = ADMINISTRATORS
    SYSMAINT group name (SYSMAINT_GROUP) = ADMINISTRATORS
    SYSMON group name (SYSMON_GROUP) = ADMINISTRATORS

    my problem is How can i find out that ORANGE1 & YELLOW users, both are having the same set of privileges. I have procedure which is working fine from ORANGE1 user & it is throwing error with YELLOW user.

    Can some one kindly let me know the way, whether I missed out something to grant SYSADM role to YELLOW user.

  2. #2
    Join Date
    Apr 2012
    Posts
    1,034
    Provided Answers: 18
    Don't post "it is throwing error", instead post the *exact error code and message* - usually if you carefully read the documented explanation for the errorcode (sqlcode/sqlstate) you can understand and resolve the issue.

    Catalog views usually store the privilege information -multiple views exist - depends on which kind of object you are protecting. So you can look for views whose viewname is like '%AUTH' , these are documented also in the Knowledge-Centre, for example syscat.tabauth, syscat.passthruauth, syscat.colauth etc etc.

  3. #3
    Join Date
    Jun 2003
    Location
    Toronto, Canada
    Posts
    5,516
    Provided Answers: 1
    In recent DB2 versions the SYSADM authority (it's not a role) by itself does not give any privileges to access data or execute routines.
    ---
    "It does not work" is not a valid problem statement.

  4. #4
    Join Date
    Jul 2013
    Location
    Moscow, Russia
    Posts
    666
    Provided Answers: 55
    Hi,

    check out the following:
    AUTH_LIST_AUTHORITIES_FOR_AUTHID
    SYSIBMADM.PRIVILEGES

    You have to restart the instance after changing *_GROUP instance parameters to make these changes take effect.
    Regards,
    Mark.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •