Database privileges

Resources: Databases

Resource type: D

Note: Having a database privilege on database DSNDB04 is the equivalent of having the privilege on any implicit database.

Db2 administrative authority

DBCTRL

XAPLPRIV value: DBCTLAUTD

Privcode 68 (x'44')

The user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.SYSDBADM DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

Db2 privileges

Check Data Utility

XAPLPRIV value: CHKDAUTD

Privcode 295 (x'127')

The user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.STATS MDSNDB or GDSNDB
Db2-subsystem.database-name.DBMAINT DSNADM
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.DATAACCESS DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

CREATETAB

XAPLPRIV value: CRTTBAUTD

Privcode 94 (x'5E')

The user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.CREATETAB MDSNDB or GDSNDB
Db2-subsystem.database-name.DBMAINT DSNADM
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.SYSDBADM DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

CHANGE NAME QUALIFIER

XAPLPRIV value: QUALAUTD

Privcode 76 (x'4C')

The user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.SYSDBADM DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

CREATETS

XAPLPRIV value: CRTTSAUTD

Privcode 95 (x'5F')

The user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.CREATETS MDSNDB or GDSNDB
Db2-subsystem.database-name.DBMAINT DSNADM
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.SYSDBADM DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

DISPLAYDB

XAPLPRIV value: DSPDBAUTD

Privcode 99 (x'63')

If the database was created implicitly, and the user or the role associated with the user owns the other object (XAPLUPRM is equal to XAPLOON when XAPLOOOT indicates an authorization ID, or XAPLUCHK is equal to XAPLOON and XAPLUCKT is equal to XAPLOOT), access is allowed.

If not, the user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.DISPLAYDB MDSNDB or GDSNDB
Db2-subsystem.database-name.DBMAINT DSNADM
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.SYSOPR DSNADM
Db2-subsystem.DISPLAY MDSNSM or GDSNSM
Db2-subsystem.SYSDBADM DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

DROP

XAPLPRIV value: DROPAUTD

Privcode 73 (x'49')

The user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.DROP MDSNDB or GDSNDB
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.SYSDBADM DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

MERGECOPY

XAPLPRIV value: MERGEAUTD

Privcode 237 (x'ED')

If the database was created implicitly, and the user or the role associated with the user owns the other object (XAPLUPRM is equal to XAPLOON when XAPLOOOT indicates an authorization ID, or XAPLUCHK is equal to XAPLOON and XAPLUCKT is equal to XAPLOOT), access is allowed.

If not, the user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.IMAGCOPY MDSNDB or GDSNDB
Db2-subsystem.database-name.DBMAINT DSNADM
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.DATAACCESS DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

IMAGCOPY, MODIFY RECOVERY, QUIESCE

XAPLPRIV values: IMCOPAUTD, MODAUTD, QUIESAUTD

Privcode 74 (x'4A'), 238 (x'EE'), 239 (x'EF')

If the database was created implicitly, and the user or the role associated with the user owns the other object (XAPLUPRM is equal to XAPLOON when XAPLOOOT indicates an authorization ID, or XAPLUCHK is equal to XAPLOON and XAPLUCKT is equal to XAPLOOT), access is allowed.

If not, the user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.IMAGCOPY MDSNDB or GDSNDB
Db2-subsystem.database-name.DBMAINT DSNADM
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.SYSDBADM DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

RECOVERDB, REPORT

XAPLPRIV values: RECDBAUTD, REPRTAUTD

Privcode 89 (x'59'), 240 (x'F0')

If the database was created implicitly, and the user or the role associated with the user owns the other object (XAPLUPRM is equal to XAPLOON when XAPLOOOT indicates an authorization ID, or XAPLUCHK is equal to XAPLOON and XAPLUCKT is equal to XAPLOOT), access is allowed.

If not, the user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.RECOVERDB MDSNDB or GDSNDB
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.SYDBADM DSNADM
Db2-subsystem.DATAACCESS DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

REORG

XAPLPRIV value: REORGAUTD

Privcode 77 (x'4D')

If the database was created implicitly, and the user or the role associated with the user owns the other object (XAPLUPRM is equal to XAPLOON when XAPLOOOT indicates an authorization ID, or XAPLUCHK is equal to XAPLOON and XAPLUCKT is equal to XAPLOOT), access is allowed.

If not, the user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.REORG MDSNDB or GDSNDB
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.DATAACCESS DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

REPAIR

XAPLPRIV values: REPARAUTD

Privcode 78 (x'4E')

If the database was created implicitly, and the user or the role associated with the user owns the other object (XAPLUPRM is equal to XAPLOON when XAPLOOOT indicates an authorization ID, or XAPLUCHK is equal to XAPLOON and XAPLUCKT is equal to XAPLOOT), access is allowed.

If not, the user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.REPAIR MDSNDB or GDSNDB
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.DATAACCESS DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

RUN REPAIR UTILITY

XAPLPRIV values: DIAGAUTD

Privcode 236 (x'EC')

If the database was created implicitly, and the user or the role associated with the user owns the other object (XAPLUPRM is equal to XAPLOON when XAPLOOOT indicates an authorization ID, or XAPLUCHK is equal to XAPLOON and XAPLUCKT is equal to XAPLOOT), access is allowed.

If not, the user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.REPAIR MDSNDB or GDSNDB
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.SQLADM MDSNSM or GDSNSM
Db2-subsystem.SYSDBADM DSNADM
Db2-subsystem.DATAACCESS DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

REPAIR DBD

XAPLPRIV value: RDBDAUTD

Privcode 241 (x'F1')

The user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM

RUN CHECK INDEX/LOB UTILITY

XAPLPRIV values: CHECKAUTD

Privcode 19 (x'13')

If the database was created implicitly, and the user or the role associated with the user owns the other object (XAPLUPRM is equal to XAPLOON when XAPLOOOT indicates an authorization ID, or XAPLUCHK is equal to XAPLOON and XAPLUCKT is equal to XAPLOOT), access is allowed.

If not, the user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.STATS MDSNDB or GDSNDB
Db2-subsystem.database-name.DBMAINT DSNADM
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.SYSDBADM DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

STATS

XAPLPRIV values: STATSAUTD

Privcode 82 (x'52')

If the database was created implicitly, and the user or the role associated with the user owns the other object (XAPLUPRM is equal to XAPLOON when XAPLOOOT indicates an authorization ID, or XAPLUCHK is equal to XAPLOON and XAPLUCKT is equal to XAPLOOT), access is allowed.

If not, the user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.STATS MDSNDB or GDSNDB
Db2-subsystem.database-name.DBMAINT DSNADM
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.SQLADM MDSNSM or GDSNSM
Db2-subsystem.SYSDBADM DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

STARTDB

XAPLPRIV value: STARTAUTD

Privcode 79 (x'4F')

If the database was created implicitly, and the user or the role associated with the user owns the other object (XAPLUPRM is equal to XAPLOON when XAPLOOOT indicates an authorization ID, or XAPLUCHK is equal to XAPLOON and XAPLUCKT is equal to XAPLOOT), access is allowed.

If not, the user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.STARTDB MDSNDB or GDSNDB
Db2-subsystem.database-name.DBMAINT DSNADM
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.SYSDBADM DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

STOPDB

XAPLPRIV value: STOPAUTD

Privcode 83 (x'53')

If the database was created implicitly, and the user or the role associated with the user owns the other object (XAPLUPRM is equal to XAPLOON when XAPLOOOT indicates an authorization ID, or XAPLUCHK is equal to XAPLOON and XAPLUCKT is equal to XAPLOOT), access is allowed.

If not, the user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.STOPDB MDSNDB or GDSNDB
Db2-subsystem.database-name.DBMAINT DSNADM
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Db2-subsystem.SYSDBADM DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.

TERM UTILITY

XAPLPRIV value: TERMAUTD

Privcode 109 (x'6D')

The user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.SYSDBADM DSNADM
Db2-subsystem.DATAACCESS DSNADM
Db2-subsystem.SYSOPR DSNADM
Db2-subsystem.SYSCTRL DSNADM
Db2-subsystem.SYSADM DSNADM

TERM UTILITY ON DATABASE

XAPLPRIV value: TERMDAUTD

Privcode 58 (x'3A')

If the database was created implicitly, and the user or the role associated with the user owns the other object (XAPLUPRM is equal to XAPLOON when XAPLOOOT indicates an authorization ID, or XAPLUCHK is equal to XAPLOON and XAPLUCKT is equal to XAPLOOT), access is allowed.

If not, the user must have sufficient authority to:

One of these resources: In class:
Db2-subsystem.database-name.DBMAINT DSNADM
Db2-subsystem.database-name.DBCTRL DSNADM
Db2-subsystem.database-name.DBADM DSNADM
Note: If the database was created implicitly, database-name must be DSNDB04, not the name of the implicit database.