Start of change

Granting system administration authority with RACF

As with the Db2 security plan, the RACF security planners want to minimize risk by granting the SYSADM authority to as few users as possible.

About this task

The security administrator needs to use RACF security to assign system administration privileges to the RACF group that is intended for any users who need those privileges.

Example

To assign SYSADM authority to group DB2SYSTM in the DB2A subsystem using RACF security, use the following statements: 
RDEFINE DSNADM DB2A.SYSADM UACC(NONE)
PERMIT DB2A.SYSADM CLASS(DSNADM) ID(DB2SYSTM) ACC(READ)
SETROPTS RACLIST(DSNADM) REFRESH
End of change