Results 1 to 2 of 2
  1. #1
    Join Date
    May 2013

    Unanswered: DB2 Scheme Structure restriction


    I have 10 schemas and I want user "one" to access only schema no 3. My question is that I don't want that user to view the structure of any other schemas except the no 3. Is it possible?
    Like on DB solo tool or any other db2 query tool, I can view all the schemas and table structure on browser directory but I want the user to view only schema 3 structure. Can it be done on the same database and not through another database/dblink.


  2. #2
    Join Date
    Apr 2012
    Provided Answers: 17
    On LUW, If users have SELECT rights on the catalog (which they usually do) then you cannot easily prevent them from seeing the structure of objects in other schemas of the same physical database (without having access to the data in those schemas) - as far as I know.
    You can revoke public access to catalog objects, but you then may have to grant it to specific groups/roles/users so that commonly-used tools can continue to work.
    On LUW, RCAC does not work for catalog views/tables.

    Easier to implement what you want with separate physical databases, but you have to carefully consider whether the overhead is worthwhile, - i.e what is the risk to the business of users being able to to view the structure of objects in other schemas without seeing the data in those schemas.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts