Before you revoke system authority from an SQL ID, you can run a revoke impact report.
Procedure
To revoke system authority from an SQLID:
On the DB2 Administration Menu
(ADB2) panel, specify option
1, and press Enter.
On the System Catalog
(ADB21) panel, specify the
AO command, and press Enter.
The authorization options are displayed on the System Catalog
(ADB21) panel - Authorization
options.
In the Grantee field, specify the authorization ID from which
you want to revoke authorizations.
Specify option UA, and press Enter.
A summary for the SQL ID is displayed on the User Authorizations Summary
(ADB2AUS) panel.
Specify the AU line command next to System, and
press Enter:
On the System Privileges Authorizations
(ADB2AZ) panel, specify the
R line command next to the authorization that you want to revoke,
and press Enter.
On the Revoke System Privileges
(ADB2RZ) panel, in the
Report Revoke Impacts field, specify YES, and press
Enter.
Check the details on the Revoke Impact Report
(ADB2RIP) panel.
To continue with the revoke operation, exit (PF3) back to the Revoke System Privileges
(ADB2RZ) panel, specify
NO in the Report Revoke Impacts field, and
press Enter.
Specify your preferences on any subsequent confirmation panels to run the REVOKE
statement.
If the following
message is displayed, your user ID does not have the authority to execute the REVOKE
statement:
Revoker does not have SYSADM/SYSCTRL/SECADM/ACCESSCTRL