Granting authorization on Db2 commands
IDs must be authorized to issue Db2 commands. If you authorize IDs by issuing Db2 GRANT statements, the GRANT statements must be made to a primary authorization ID, a secondary authorization ID, a role, or PUBLIC.
About this task
When RACF® is used for access control, an ID must have appropriate RACF authorization on Db2 commands or must be granted authorization for Db2 commands to issue commands from a logged-on MVS console or from TSO SDSF.
Procedure
To ensure that an ID can issue Db2 commands from logged-on MVS consoles or TSO SDSF, choose one of the following:
- Grant authorization for Db2 commands to the primary, secondary authorization ID, or role.
- Define RACF classes and permits for Db2 commands.
- Grant SYSOPR authority to appropriate IDs.