DRDA access with a server or requester other than Db2

Specific privileges are required depending on whether Db2 is the server or the requester involved in DRDA access.

Db2 for z/OS® as the server: If the requester is not a Db2 for z/OS subsystem, there is no Db2 application plan involved. In this case, the privilege set of the authorization ID, which is determined by the DYNAMICRULES behavior, must have the EXECUTE privilege on the package. Dynamic SQL statements in the package are executed according to the DYNAMICRULES behavior, as described in Authorization IDs and dynamic SQL.

Db2 for z/OS as the requester: The authorization rules for remote execution are those of the server.