User roles
User roles include Db2® instance owners, database administrators, and text table owners; each having a specific set of administrative rights.
- Db2 instance owner
- The Db2 instance owner user can start and stop the instance services for Db2 Net Search Extender and control the locking services. In addition, the Db2 instance user is granted DBADM authority for each enabled database. This enables a central point of control for all database changes driven by Net Search Extender.
- Required Db2 authorizations
- The SECADM must grant DBADM with DATAACCESS privilege to the instance owner. These authorizations are a prerequisite for the execution of Db2 Net Search Extender administrative commands.
- Required file system authorizations
- Read and write access for all text index directories and read access to model files.
- Commands for the instance owner
- DB2TEXT START, DB2TEXT STOP, DB2TEXT CONTROL and DB2EXTHL
In addition to the instance owner any user with the same primary group as that of the instance owner will also be able to execute DB2TEXT START, DB2TEXT STOP, DB2TEXT CONTROL and DB2EXTHL
- Database administrators
- Database administrators can enable and disable databases for use with Net Search Extender.
- Required Db2 authorizations
- DBADM
- Commands for the database administrator
- DB2TEXT ENABLE DATABASE and DB2TEXT DISABLE DATABASE.
- Text table owners
- The text table owner can create, drop, and change indexes. Note that they must be able to control (by having read and write access) the location of indexes and updates to the full-text indexes.
- Required Db2 authorizations and privileges
- Owner of text table.
- Commands for the text table owner:
- DB2TEXT CREATE INDEX, DB2TEXT DROP INDEX, DB2TEXT ALTER INDEX, DB2TEXT ACTIVATE CACHE, DB2TEXT DEACTIVATE CACHE, DB2TEXT UPDATE INDEX, DB2TEXT CLEAR EVENTS, and DB2EXTTH.