Adding database users and granting permissions

To install and use IBM® Product Master effectively, you must add a database user and grant the necessary permissions.

Before you begin

The Product Master database schema needs a database user that is authenticated at the server level.

About this task

The following database privileges are only required during the installation phase; before the create_schema command is run.
  • BINDADD
  • EXTERNAL
  • ROUTINE
  • IMPLSCHEMA
  • NOFENCE
These privileges can be revoked after the create_schema command is run. These database privileges are not required during a Fix Pack installation or a new version migration.

Procedure

  1. Create a user at the operating system level.
    1. Create an operating system user.
      You must have root authority to create a user. If you do not have root authority to create a user, contact your DB2® server administrator for help.
    2. Set the password for the user.
      You can try to connect to the server by using the user ID to verify that the user can connect to the server.
    3. Set a new password for the user.
      With AIX®, the password expires immediately after you log in to the server.
  2. Create a database user pim and grant the permissions by using the instance owner login (the default instance owner login is db2inst1).
    You must grant these permissions:
    • Optional:DBADM
    • CREATETAB
    • BINDADD
    • CONNECT
    • CREATE_NOT_FENCED
    • IMPLICIT_SCHEMA
    • LOAD ON DATABASE

    Sample SQL:

    db2 CONNECT TO <databasename> user <Username> using <password>
db2 GRANT DBADM, CREATETAB, BINDADD, CONNECT, CREATE_NOT_FENCED, 
IMPLICIT_SCHEMA, LOAD ON DATABASE TO USER PIM
  3. Grant user permissions to use space on all the Product Master specific table spaces.
    You can grant user permissions by using the following SQL statements:
    db2 GRANT USE OF TABLESPACE USERS TO PIM
db2 GRANT USE OF TABLESPACE INDX TO PIM
db2 GRANT USE OF TABLESPACE BLOB_TBL_DATA TO PIM
db2 GRANT USE OF TABLESPACE TEMP_USER TO PIM
db2 GRANT USE OF TABLESPACE XML_DATA TO PIM
db2 GRANT USE OF TABLESPACE XML_LARGE_DATA TO PIM
db2 GRANT USE OF TABLESPACE XML_INDEX TO PIM
  4. Grant user permissions to any additional table spaces that you create for the Product Master production environment.
    You can grant user permissions by using the following SQL statements:
    db2 GRANT USE OF TABLESPACE ICM_DATA TO PIM
db2 GRANT USE OF TABLESPACE ICM_IX TO PIM
db2 GRANT USE OF TABLESPACE ITM_DATA TO PIM
db2 GRANT USE OF TABLESPACE ITM_IX TO PIM
db2 GRANT USE OF TABLESPACE ITD_DATA TO PIM
db2 GRANT USE OF TABLESPACE ITD_IX TO PIM
db2 GRANT USE OF TABLESPACE ITA_DATA TO PIM
db2 GRANT USE OF TABLESPACE ITA_IX TO PIM
db2 GRANT USE OF TABLESPACE LCK_DATA TO PIM
db2 GRANT USE OF TABLESPACE LCK_IX TO PIM
  5. Create a schema entitled PIM for the user PIM.

    Sample SQL as created by Control Center.

    CREATE SCHEMA PIM AUTHORIZATION PIM;

What to do next

Repeat these steps if you want one more database schema user for another instance of Product Master. For example, if you want another test instance of Product Master, then create a database user and schema with the name pimtest in the database. This operation needs an operating system user with the name pimtest.
Important: You can share the database for Product Master with development or QA environments, but not with a production environment. Sharing the Product Master production database adversely affects production performance.