Skip to Content
author's profile photo Former Member
0
Former Member
Mar 16, 2010 at 09:46 AM

Authorizations for user db2<sid> after systemcopy with DB2 V9.7 on AIX

780 Views

Hello,

I made a homogenous systemcopy from the system PRD to ENT with an redirected restore. I had the following system environment:

AIX 5.3 TL10 SP1

DB2 V9.7 (without any fixpack)

After the restore and the recovery were finished, I was able to start the database manager and to activate the database.

I tried to execute a script for cleanup some tables according to the systemcopy guide but I got the following SQL messages:

SQL0551N, SQL0552N for the user db2ent. I checked the authorization for this user and got the following information:

db2 => get authorizations

Administrative Authorizations for Current User

Direct SYSADM authority = NO

Direct SYSCTRL authority = NO

Direct SYSMAINT authority = NO

Direct DBADM authority = NO

Direct CREATETAB authority = NO

Direct BINDADD authority = NO

Direct CONNECT authority = NO

Direct CREATE_NOT_FENC authority = NO

Direct IMPLICIT_SCHEMA authority = NO

Direct LOAD authority = NO

Direct QUIESCE_CONNECT authority = NO

Direct CREATE_EXTERNAL_ROUTINE authority = NO

Direct SYSMON authority = NO

Indirect SYSADM authority = YES

Indirect SYSCTRL authority = NO

Indirect SYSMAINT authority = NO

Indirect DBADM authority = NO

Indirect CREATETAB authority = NO

Indirect BINDADD authority = NO

Indirect CONNECT authority = NO

Indirect CREATE_NOT_FENC authority = NO

Indirect IMPLICIT_SCHEMA authority = NO

Indirect LOAD authority = NO

Indirect QUIESCE_CONNECT authority = NO

Indirect CREATE_EXTERNAL_ROUTINE authority = NO

Indirect SYSMON authority = NO

db2 =>

The user db2ent was/is in the group dbentadm and the group dbentadm is configured as SYSADM:

SYSADM group name (SYSADM_GROUP) = DBENTADM

SYSCTRL group name (SYSCTRL_GROUP) = DBENTCTL

SYSMAINT group name (SYSMAINT_GROUP) = DBENTMNT

The only solution was to grant the authorizations with an other user to db2ent.

For the restore I created an new instance with the following command (as user root):

/db2/ENT/db2_software/instance/db2icrt -a SERVER_ENCRYPT -s ESE -u db2ent db2ent

I set the correct DBM configuration and created an empty database as user db2ent with the following command

db2 create db ENT on /db2/ENT

The restore was executed with db2 -tvf restore_prd.clp as user db2ent.

Is there a bug in the db2 software or is there any other solution? I did not changed the environment for the user db2ent.

The authorization concept has been changed in DB2 V9.7

http://www-01.ibm.com/support/docview.wss?uid=swg21385801

Kind regards,

Christian