Database administration for data sharing
Using data sharing has implications for planning exit routines, authorizing users, and loading and reorganizing data.
Because the DB2® catalog is shared by all members of a data sharing group, data definition, authorization, and control are the same as for non–data sharing environments. Be sure that every object has a unique name, and be sure that the shared data resides on shared disks.
Planning for exit routines
If you use exit routines, such as a field or validation procedure or the access control authorization routine, ensure that all members of the group use the same routines.Authorizing users
Use the same authorization mechanisms that are in place for non–data sharing DB2 subsystems to control access to shared DB2 data and to members. Because all members in the group share the same DB2 catalog, an authorization ID has the same granted privileges and authorities for every member of the group.
As suggested for non–data sharing DB2 subsystems, use a security system outside of DB2 (such as RACF®® or its equivalent) to control which user IDs can access which members. RACF, for example, does not recognize a data sharing group as a single resource. Therefore, you must separately define DB2 resources to RACF for each member of the group, and connect all user IDs to a RACF group that permits access to all those resources. Or you can permit separate groups of user IDs to access different sets of resources. (In the latter case, however, you cannot move work freely among all members of the data sharing group.)
- Primary authorization IDs that are treated differently by different members of the group
- Primary authorization IDs that are associated with different sets of secondary IDs by different members of the group
Loading and reorganizing data
You can load or reorganize data from any member of a data sharing group.