Granted Authorities and Privileges

Restriction: This topic applies to Windows environments only.

When security is on, databases and tables are protected from being accessed and manipulated unless the user's Current SQLID is either the owner of the object or has been granted specific privileges in the location where the object resides. Privileges can be granted to a Primary AuthID, a GroupID or a SecondaryID.

An AuthID can also be granted an authority, which is a pre-defined set of privileges. Notice that the Authorities are suggestive of different levels of responsibility. These responsibilities might or might not suit your needs.

Privileges (and authorities) can be granted at the location level (SYSADM or SYSCTRL), database level (DBADM, DBCTRL or DBMAINT), or by table or column within a table. AuthIDs must be granted privileges within each location they are authorized to use. Privileges in one location do not carry over to another location.

Note: If using XDB-Link to access a DB2 location from an XDB Server, you must have appropriate authorities granted on DB2 for the objects you will be using in that mainframe location. Authorities and privileges granted on XDB Server (including INSTALL and SYSADM) are not used by the mainframe system.
Parent topic: Security and Authority Overview